通过内存取证分析提高软件定义网络的安全性

IF 4.1 3区 计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS
Filipe Augusto da Luz Lemos, Thiago dos Santos Cavali, Keiko Verônica Ono Fonseca, Mauro Sergio Pereira Fonseca, Rubens Alexandre de Faria
{"title":"通过内存取证分析提高软件定义网络的安全性","authors":"Filipe Augusto da Luz Lemos, Thiago dos Santos Cavali, Keiko Verônica Ono Fonseca, Mauro Sergio Pereira Fonseca, Rubens Alexandre de Faria","doi":"10.1007/s10922-024-09862-4","DOIUrl":null,"url":null,"abstract":"<p>The increasing complexity and dynamic nature of software-defined networking (SDN) environments pose significant challenges for network security. We propose a methodology for enhancing the security of SDN systems through the use of a well established technique in forensic sciences, the memory analysis, combined with techniques to identify memory modifications, such as signature validation and novelty detection. A proof of concept using a test environment consisting of virtual switches, connected in a ring topology, and hosts validated the proposed methodology. The results were able to demonstrate the capability of the proposed methodology to detect and mitigate unauthorized changes in network equipment, highlighting its potential to improve the security of SDN networks, and possible integration with other methodologies to further improve the security of SDN environments. Overall, the proposed methodology provides a new valuable tool for securing SDN networks, and brings research opportunities on the scalability and adaptability of the proposed solution.</p>","PeriodicalId":50119,"journal":{"name":"Journal of Network and Systems Management","volume":"7 1","pages":""},"PeriodicalIF":4.1000,"publicationDate":"2024-08-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Enhancing the Security of Software-Defined Networking through Forensic Memory Analysis\",\"authors\":\"Filipe Augusto da Luz Lemos, Thiago dos Santos Cavali, Keiko Verônica Ono Fonseca, Mauro Sergio Pereira Fonseca, Rubens Alexandre de Faria\",\"doi\":\"10.1007/s10922-024-09862-4\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<p>The increasing complexity and dynamic nature of software-defined networking (SDN) environments pose significant challenges for network security. We propose a methodology for enhancing the security of SDN systems through the use of a well established technique in forensic sciences, the memory analysis, combined with techniques to identify memory modifications, such as signature validation and novelty detection. A proof of concept using a test environment consisting of virtual switches, connected in a ring topology, and hosts validated the proposed methodology. The results were able to demonstrate the capability of the proposed methodology to detect and mitigate unauthorized changes in network equipment, highlighting its potential to improve the security of SDN networks, and possible integration with other methodologies to further improve the security of SDN environments. Overall, the proposed methodology provides a new valuable tool for securing SDN networks, and brings research opportunities on the scalability and adaptability of the proposed solution.</p>\",\"PeriodicalId\":50119,\"journal\":{\"name\":\"Journal of Network and Systems Management\",\"volume\":\"7 1\",\"pages\":\"\"},\"PeriodicalIF\":4.1000,\"publicationDate\":\"2024-08-25\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of Network and Systems Management\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://doi.org/10.1007/s10922-024-09862-4\",\"RegionNum\":3,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Network and Systems Management","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1007/s10922-024-09862-4","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0

摘要

软件定义网络(SDN)环境的复杂性和动态性不断增加,给网络安全带来了巨大挑战。我们提出了一种增强 SDN 系统安全性的方法,即利用法证科学中成熟的内存分析技术,并结合识别内存修改的技术(如签名验证和新颖性检测)。使用由环形拓扑连接的虚拟交换机和主机组成的测试环境进行的概念验证验证了所提出的方法。结果表明,所提出的方法能够检测和减轻网络设备中未经授权的更改,突出了其提高 SDN 网络安全性的潜力,以及与其他方法进行整合以进一步提高 SDN 环境安全性的可能性。总之,所提出的方法为确保 SDN 网络的安全提供了一种新的有价值的工具,并为所提出的解决方案的可扩展性和适应性带来了研究机会。
本文章由计算机程序翻译,如有差异,请以英文原文为准。

Enhancing the Security of Software-Defined Networking through Forensic Memory Analysis

Enhancing the Security of Software-Defined Networking through Forensic Memory Analysis

The increasing complexity and dynamic nature of software-defined networking (SDN) environments pose significant challenges for network security. We propose a methodology for enhancing the security of SDN systems through the use of a well established technique in forensic sciences, the memory analysis, combined with techniques to identify memory modifications, such as signature validation and novelty detection. A proof of concept using a test environment consisting of virtual switches, connected in a ring topology, and hosts validated the proposed methodology. The results were able to demonstrate the capability of the proposed methodology to detect and mitigate unauthorized changes in network equipment, highlighting its potential to improve the security of SDN networks, and possible integration with other methodologies to further improve the security of SDN environments. Overall, the proposed methodology provides a new valuable tool for securing SDN networks, and brings research opportunities on the scalability and adaptability of the proposed solution.

求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
CiteScore
7.60
自引率
16.70%
发文量
65
审稿时长
>12 weeks
期刊介绍: Journal of Network and Systems Management, features peer-reviewed original research, as well as case studies in the fields of network and system management. The journal regularly disseminates significant new information on both the telecommunications and computing aspects of these fields, as well as their evolution and emerging integration. This outstanding quarterly covers architecture, analysis, design, software, standards, and migration issues related to the operation, management, and control of distributed systems and communication networks for voice, data, video, and networked computing.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信