{"title":"一种试验性的软件定义网络安全控制器","authors":"Malek Al-Zewairi, Dima Suleiman, Sufyan Almajali","doi":"10.1109/SDS.2017.7939137","DOIUrl":null,"url":null,"abstract":"Software Defined Networking is an emerging technology that permits computer network infrastructure to be scaled dynamically as needed while enhancing the manageability of the various network devices in heterogeneous environment as opposed to classical networking. These capabilities emerge from the separation of the data plane from the control plane; thus, allowing the network devices to be programmatically managed and controlled. Similarly, the concept of Software Defined Security allows security solutions such as Firewalls and Intrusion Detection Systems to be dynamically implemented, controlled and managed using programmable interfaces. In this research, the authors propose an experimental software defined security controller based on the Open vSwitch Controller to detect and prevent IP and MAC spoofing attacks on the network. The proposed controller is simulated using Mininet. The simulation results confirm that the proposed controller is capable to detect and prevent the aforementioned attacks with high precision.","PeriodicalId":326125,"journal":{"name":"2017 Fourth International Conference on Software Defined Systems (SDS)","volume":"9 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-05-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":"{\"title\":\"An experimental Software Defined Security controller for Software Defined Network\",\"authors\":\"Malek Al-Zewairi, Dima Suleiman, Sufyan Almajali\",\"doi\":\"10.1109/SDS.2017.7939137\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Software Defined Networking is an emerging technology that permits computer network infrastructure to be scaled dynamically as needed while enhancing the manageability of the various network devices in heterogeneous environment as opposed to classical networking. These capabilities emerge from the separation of the data plane from the control plane; thus, allowing the network devices to be programmatically managed and controlled. Similarly, the concept of Software Defined Security allows security solutions such as Firewalls and Intrusion Detection Systems to be dynamically implemented, controlled and managed using programmable interfaces. In this research, the authors propose an experimental software defined security controller based on the Open vSwitch Controller to detect and prevent IP and MAC spoofing attacks on the network. The proposed controller is simulated using Mininet. The simulation results confirm that the proposed controller is capable to detect and prevent the aforementioned attacks with high precision.\",\"PeriodicalId\":326125,\"journal\":{\"name\":\"2017 Fourth International Conference on Software Defined Systems (SDS)\",\"volume\":\"9 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-05-08\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"6\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2017 Fourth International Conference on Software Defined Systems (SDS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SDS.2017.7939137\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 Fourth International Conference on Software Defined Systems (SDS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SDS.2017.7939137","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
An experimental Software Defined Security controller for Software Defined Network
Software Defined Networking is an emerging technology that permits computer network infrastructure to be scaled dynamically as needed while enhancing the manageability of the various network devices in heterogeneous environment as opposed to classical networking. These capabilities emerge from the separation of the data plane from the control plane; thus, allowing the network devices to be programmatically managed and controlled. Similarly, the concept of Software Defined Security allows security solutions such as Firewalls and Intrusion Detection Systems to be dynamically implemented, controlled and managed using programmable interfaces. In this research, the authors propose an experimental software defined security controller based on the Open vSwitch Controller to detect and prevent IP and MAC spoofing attacks on the network. The proposed controller is simulated using Mininet. The simulation results confirm that the proposed controller is capable to detect and prevent the aforementioned attacks with high precision.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
