发布求助
文献互助 智能选刊 最新文献

Proceedings of the 2021 ACM International Workshop on Software Defined Networks & Network Function Virtualization Security最新文献

筛选
英文 中文
TEE-based Privacy-Preserve in Collaborative Traffic Policy Compilation for Programmable Devices 基于tee的可编程设备协同流量策略编译中的隐私保护
Proceedings of the 2021 ACM International Workshop on Software Defined Networks & Network Function Virtualization Security Pub Date : 2021-04-28 DOI: 10.1145/3445968.3452091
A. C. Risdianto, E. Chang
{"title":"TEE-based Privacy-Preserve in Collaborative Traffic Policy Compilation for Programmable Devices","authors":"A. C. Risdianto, E. Chang","doi":"10.1145/3445968.3452091","DOIUrl":"https://doi.org/10.1145/3445968.3452091","url":null,"abstract":"Maintaining the integrity of network devices policy across a different organization is very challenging since the devices are shared for multiple traffic forwarding purposes, including public Internet access. An organization's administrator can put unnecessary (i.e., wrong) policy that may leak the private traffic between the organizations to a public network. It can be avoided by exchanging the network traffic policy between the organizations but keeping the confidentiality of the policies among them (i.e., to avoid honest-but-curious adversary) is very challenging. Furthermore, there is also no guarantee that the policy is properly enforced into the network device. An administrator can intentionally put malicious policies that allow the attacker to enter the organization's network (i.e., malicious adversary). This paper proposed a cross-organization network traffic policy compilation that preserves the policy privacy and ensures its enforcement to the network devices. It utilizes a trusted execution environment (TEE) to compile the high-level traffic policies into low-level rules for the programmable network device. Then, the rules are easily pushed and optimized by using hardware programming abstraction.","PeriodicalId":339365,"journal":{"name":"Proceedings of the 2021 ACM International Workshop on Software Defined Networks & Network Function Virtualization Security","volume":"59 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-04-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123230503","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
A Survey on the Verification of Adversarial Data Planes in Software-Defined Networks 软件定义网络中对抗性数据平面验证研究综述
Proceedings of the 2021 ACM International Workshop on Software Defined Networks & Network Function Virtualization Security Pub Date : 2021-04-28 DOI: 10.1145/3445968.3452092
Conor Black, Sandra Scott-Hayward
{"title":"A Survey on the Verification of Adversarial Data Planes in Software-Defined Networks","authors":"Conor Black, Sandra Scott-Hayward","doi":"10.1145/3445968.3452092","DOIUrl":"https://doi.org/10.1145/3445968.3452092","url":null,"abstract":"As network policies are becoming increasingly nuanced and complex, so too are the mechanisms required to ensure that the network is functioning as intended. In particular, since the dawn of software-defined networking and the shift towards high-level descriptions of intended network policy, traditional tools such as ping and traceroute have been insufficient to test that complex data plane configurations have been correctly implemented. As a result, novel data plane verification solutions have been proposed that use formal methods to ensure that network policies are adhered to and that the data plane is free of bugs. While the number of these verification solutions continues to grow, only a few are equipped to verify the data plane when a malicious adversary is present. As research continues to expand the remit of data plane functionality, these solutions may become key to securing an increasingly valuable attack target. In this survey, we review the work that has been dedicated to preventing and detecting attacks on data planes in software-defined networks and discuss some of the unsolved problems in this field that must be addressed in future adversarial verification solutions.","PeriodicalId":339365,"journal":{"name":"Proceedings of the 2021 ACM International Workshop on Software Defined Networks & Network Function Virtualization Security","volume":"56 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-04-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114286076","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
Towards a Blockchain-SDN Architecture for Secure and Trustworthy 5G Massive IoT Networks 面向安全可信的5G海量物联网的区块链- sdn架构
Proceedings of the 2021 ACM International Workshop on Software Defined Networks & Network Function Virtualization Security Pub Date : 2021-04-28 DOI: 10.1145/3445968.3452090
Akram Hakiri, Behnam Dezfouli
{"title":"Towards a Blockchain-SDN Architecture for Secure and Trustworthy 5G Massive IoT Networks","authors":"Akram Hakiri, Behnam Dezfouli","doi":"10.1145/3445968.3452090","DOIUrl":"https://doi.org/10.1145/3445968.3452090","url":null,"abstract":"The emerging 5G mobile network is a prominent technology for addressing networking related challenges of Internet of Things (IoT). The forthcoming 5G is expected to allow low-power massive IoT devices to produce high volumes of data that can be transmitted over ultra-reliable, low-latency wireless communication services. However, IoT systems encounter several security and privacy issues to prevent unauthorized access to IoT nodes. To address these challenges, this paper introduces a novel blockchain-based architecture that leverages Software Defined Network (SDN) and Network Function Virtualization (NFV) for securing IoT transactions. A novel security appliance is introduced in a form of Virtualized Network Functions (VNFs) for improving the scalability and performance of IoT networks. Then, we introduce a novel consensus algorithm to detect and report suspected IoT nodes and mitigate malicious traffic. We evaluate and compare our proposed solution against three well-known consensus algorithms, i.e., Proof of Work (PoW), Proof of Elapsed Time (PoET), and Proof of Stake (PoS). We demonstrate that the proposed solution provides substantially lower latency and higher throughput as well as trustworthy IoT communication.","PeriodicalId":339365,"journal":{"name":"Proceedings of the 2021 ACM International Workshop on Software Defined Networks & Network Function Virtualization Security","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-04-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130011096","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 17
Security-focused Networks of the Future 以安全为重点的未来网络
Proceedings of the 2021 ACM International Workshop on Software Defined Networks & Network Function Virtualization Security Pub Date : 2021-04-28 DOI: 10.1145/3445968.3456870
Sandra Scott-Hayward
{"title":"Security-focused Networks of the Future","authors":"Sandra Scott-Hayward","doi":"10.1145/3445968.3456870","DOIUrl":"https://doi.org/10.1145/3445968.3456870","url":null,"abstract":"Network attack and data breach statistics are abundant; from the 2020 Cisco Annual Internet Report citing an anticipated increase in Distributed Denial-of-Service (DDoS) attacks from 7.9 million in 2018 to 15.4 million by 2023, to almost daily reports of data breaches, hackers targeting network device vulnerabilities, attacks on network services etc. This is, of course, unsurprising. Our lives are increasingly reliant on communication networks. In 2020, because of the COVID-19 pandemic, we have seen the accelerated provision of health services in the home and an increased prevalence of home schooling and working. This has placed a significant burden on our home networks, one which cyber-criminals have been only too eager to exploit. The challenge to protect network users extends from there. So, what does cyber security look like in the networks of the future? The emergence of technologies such as Software-Defined Networking (SDN), Network Functions Virtualization (NFV), and Multi-Access Edge Computing (MEC) enable innovation in network security, but these technologies create additional attack surfaces. Dramatic advances in Machine Learning (ML) and Artificial Intelligence (AI) techniques are influencing security services and design for security, but they can also be exploited to produce sophisticated attacks. How can we leverage these technologies while managing the challenge of the attacker to better protect, secure and maintain resilient networks? Can we deliver scalable, analytics-based, security-focused network orchestration and management? This talk will introduce our latest research addressing these challenging questions, present developments in the field, and discuss future research directions.","PeriodicalId":339365,"journal":{"name":"Proceedings of the 2021 ACM International Workshop on Software Defined Networks & Network Function Virtualization Security","volume":"59 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-04-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121251803","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Proceedings of the 2021 ACM International Workshop on Software Defined Networks & Network Function Virtualization Security 2021年ACM软件定义网络与网络功能虚拟化安全国际研讨会论文集
Proceedings of the 2021 ACM International Workshop on Software Defined Networks & Network Function Virtualization Security Pub Date : 1900-01-01 DOI: 10.1145/3445968
{"title":"Proceedings of the 2021 ACM International Workshop on Software Defined Networks & Network Function Virtualization Security","authors":"","doi":"10.1145/3445968","DOIUrl":"https://doi.org/10.1145/3445968","url":null,"abstract":"","PeriodicalId":339365,"journal":{"name":"Proceedings of the 2021 ACM International Workshop on Software Defined Networks & Network Function Virtualization Security","volume":"120 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132865335","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信