A comprehensive security analysis checksheet for openflow networks

Yoshiaki Hori, Seiichiro Mizoguchi, Ryosuke Miyazaki, Akira Yamada, Yaokai Feng, Ayumu Kubota, Kouichi Sakurai

Research output: Chapter in Book/Report/Conference proceedingChapter

Abstract

Software-defined networking (SDN) enables the exible and dynamic configuration of a network, and OpenFlow is one practical SDN implementation. Although it has been widely deployed in actual environments, it can cause fatal aws. In this paper, we consolidate the security threats to OpenFlow mentioned in previous work and introduce a new security checksheet that includes risk assessment methods. We compare the Kreutz et al. threat vectors with the SDNSecurity.org attack list to discover new threats. Our checksheet enables the security of a given OpenFlow network design to be comprehensively assessed. Furthermore, we evaluate the performance of an OpenFlow network with two attack scenarios using the checksheet and identify critical performance degradations.

Original languageEnglish
Title of host publicationLecture Notes on Data Engineering and Communications Technologies
PublisherSpringer
Pages231-242
Number of pages12
DOIs
Publication statusPublished - 2017

Publication series

NameLecture Notes on Data Engineering and Communications Technologies
Volume2
ISSN (Print)2367-4512
ISSN (Electronic)2367-4520

All Science Journal Classification (ASJC) codes

  • Media Technology
  • Electrical and Electronic Engineering
  • Computer Science Applications
  • Computer Networks and Communications
  • Information Systems

Fingerprint Dive into the research topics of 'A comprehensive security analysis checksheet for openflow networks'. Together they form a unique fingerprint.

Cite this