Filipe Augusto da Luz Lemos, Thiago dos Santos Cavali, Keiko Verônica Ono Fonseca, Mauro Sergio Pereira Fonseca, Rubens Alexandre de Faria
{"title":"通过内存取证分析提高软件定义网络的安全性","authors":"Filipe Augusto da Luz Lemos, Thiago dos Santos Cavali, Keiko Verônica Ono Fonseca, Mauro Sergio Pereira Fonseca, Rubens Alexandre de Faria","doi":"10.1007/s10922-024-09862-4","DOIUrl":null,"url":null,"abstract":"<p>The increasing complexity and dynamic nature of software-defined networking (SDN) environments pose significant challenges for network security. We propose a methodology for enhancing the security of SDN systems through the use of a well established technique in forensic sciences, the memory analysis, combined with techniques to identify memory modifications, such as signature validation and novelty detection. A proof of concept using a test environment consisting of virtual switches, connected in a ring topology, and hosts validated the proposed methodology. The results were able to demonstrate the capability of the proposed methodology to detect and mitigate unauthorized changes in network equipment, highlighting its potential to improve the security of SDN networks, and possible integration with other methodologies to further improve the security of SDN environments. Overall, the proposed methodology provides a new valuable tool for securing SDN networks, and brings research opportunities on the scalability and adaptability of the proposed solution.</p>","PeriodicalId":50119,"journal":{"name":"Journal of Network and Systems Management","volume":"7 1","pages":""},"PeriodicalIF":4.1000,"publicationDate":"2024-08-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Enhancing the Security of Software-Defined Networking through Forensic Memory Analysis\",\"authors\":\"Filipe Augusto da Luz Lemos, Thiago dos Santos Cavali, Keiko Verônica Ono Fonseca, Mauro Sergio Pereira Fonseca, Rubens Alexandre de Faria\",\"doi\":\"10.1007/s10922-024-09862-4\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<p>The increasing complexity and dynamic nature of software-defined networking (SDN) environments pose significant challenges for network security. We propose a methodology for enhancing the security of SDN systems through the use of a well established technique in forensic sciences, the memory analysis, combined with techniques to identify memory modifications, such as signature validation and novelty detection. A proof of concept using a test environment consisting of virtual switches, connected in a ring topology, and hosts validated the proposed methodology. The results were able to demonstrate the capability of the proposed methodology to detect and mitigate unauthorized changes in network equipment, highlighting its potential to improve the security of SDN networks, and possible integration with other methodologies to further improve the security of SDN environments. Overall, the proposed methodology provides a new valuable tool for securing SDN networks, and brings research opportunities on the scalability and adaptability of the proposed solution.</p>\",\"PeriodicalId\":50119,\"journal\":{\"name\":\"Journal of Network and Systems Management\",\"volume\":\"7 1\",\"pages\":\"\"},\"PeriodicalIF\":4.1000,\"publicationDate\":\"2024-08-25\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of Network and Systems Management\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://doi.org/10.1007/s10922-024-09862-4\",\"RegionNum\":3,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Network and Systems Management","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1007/s10922-024-09862-4","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0
摘要
软件定义网络(SDN)环境的复杂性和动态性不断增加,给网络安全带来了巨大挑战。我们提出了一种增强 SDN 系统安全性的方法,即利用法证科学中成熟的内存分析技术,并结合识别内存修改的技术(如签名验证和新颖性检测)。使用由环形拓扑连接的虚拟交换机和主机组成的测试环境进行的概念验证验证了所提出的方法。结果表明,所提出的方法能够检测和减轻网络设备中未经授权的更改,突出了其提高 SDN 网络安全性的潜力,以及与其他方法进行整合以进一步提高 SDN 环境安全性的可能性。总之,所提出的方法为确保 SDN 网络的安全提供了一种新的有价值的工具,并为所提出的解决方案的可扩展性和适应性带来了研究机会。
Enhancing the Security of Software-Defined Networking through Forensic Memory Analysis
The increasing complexity and dynamic nature of software-defined networking (SDN) environments pose significant challenges for network security. We propose a methodology for enhancing the security of SDN systems through the use of a well established technique in forensic sciences, the memory analysis, combined with techniques to identify memory modifications, such as signature validation and novelty detection. A proof of concept using a test environment consisting of virtual switches, connected in a ring topology, and hosts validated the proposed methodology. The results were able to demonstrate the capability of the proposed methodology to detect and mitigate unauthorized changes in network equipment, highlighting its potential to improve the security of SDN networks, and possible integration with other methodologies to further improve the security of SDN environments. Overall, the proposed methodology provides a new valuable tool for securing SDN networks, and brings research opportunities on the scalability and adaptability of the proposed solution.
期刊介绍:
Journal of Network and Systems Management, features peer-reviewed original research, as well as case studies in the fields of network and system management. The journal regularly disseminates significant new information on both the telecommunications and computing aspects of these fields, as well as their evolution and emerging integration. This outstanding quarterly covers architecture, analysis, design, software, standards, and migration issues related to the operation, management, and control of distributed systems and communication networks for voice, data, video, and networked computing.