Analysis and Evaluation of OpenFlow Message Usage for Security Applications

Abstract : With the advances in cloud computing and virtualization technologies, Software-Defined Networking (SDN) has become a fertile ground for building network applications regarding management and security using the OpenFlow protocol giving access to the forwarding plane. This paper presents an analysis and evaluation of OpenFlow message usage for supporting network security applications. After describing the considered security attacks, we present mitigation and defence strategies that are currently used in SDN environments to tackle them. We then analyze the dependencies of these mechanisms to OpenFlow messages that support their instantiation. Finally, we conduct series of experiments on software and hardware OpenFlow switches in order to validate our analysis and quantify the limits of current security mechanisms with different OpenFlow implementations.
Liste complète des métadonnées

Cited literature [21 references]  Display  Hide  Download

https://hal.inria.fr/hal-01632745
Contributor : Hal Ifip <>
Submitted on : Friday, November 10, 2017 - 3:27:44 PM
Last modification on : Thursday, February 7, 2019 - 5:34:45 PM
Document(s) archivé(s) le : Sunday, February 11, 2018 - 3:06:44 PM

File

385745_1_En_9_Chapter.pdf
Files produced by the author(s)

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Sebastian Seeber, Gabi Rodosek, Gaëtan Hurel, Rémi Badonnel. Analysis and Evaluation of OpenFlow Message Usage for Security Applications. 10th IFIP International Conference on Autonomous Infrastructure, Management and Security (AIMS), Jun 2016, Munich, Germany. pp.84-97, ⟨10.1007/978-3-319-39814-3_9⟩. ⟨hal-01632745⟩

Share

Metrics

Record views

274

Files downloads

16