514 research outputs found
Event-Driven Network Programming
Software-defined networking (SDN) programs must simultaneously describe
static forwarding behavior and dynamic updates in response to events.
Event-driven updates are critical to get right, but difficult to implement
correctly due to the high degree of concurrency in networks. Existing SDN
platforms offer weak guarantees that can break application invariants, leading
to problems such as dropped packets, degraded performance, security violations,
etc. This paper introduces EVENT-DRIVEN CONSISTENT UPDATES that are guaranteed
to preserve well-defined behaviors when transitioning between configurations in
response to events. We propose NETWORK EVENT STRUCTURES (NESs) to model
constraints on updates, such as which events can be enabled simultaneously and
causal dependencies between events. We define an extension of the NetKAT
language with mutable state, give semantics to stateful programs using NESs,
and discuss provably-correct strategies for implementing NESs in SDNs. Finally,
we evaluate our approach empirically, demonstrating that it gives well-defined
consistency guarantees while avoiding expensive synchronization and packet
buffering
A model for the analysis of security policies in service function chains
Two emerging architectural paradigms, i.e., Software Defined Networking (SDN)
and Network Function Virtualization (NFV), enable the deployment and management
of Service Function Chains (SFCs). A SFC is an ordered sequence of abstract
Service Functions (SFs), e.g., firewalls, VPN-gateways,traffic monitors, that
packets have to traverse in the route from source to destination. While this
appealing solution offers significant advantages in terms of flexibility, it
also introduces new challenges such as the correct configuration and ordering
of SFs in the chain to satisfy overall security requirements. This paper
presents a formal model conceived to enable the verification of correct policy
enforcements in SFCs. Software tools based on the model can then be designed to
cope with unwanted network behaviors (e.g., security flaws) deriving from
incorrect interactions of SFs in the same SFC
Analysis and Management of Security State for Large-Scale Data Center Networks
abstract: With the increasing complexity of computing systems and the rise in the number of risks and vulnerabilities, it is necessary to provide a scalable security situation awareness tool to assist the system administrator in protecting the critical assets, as well as managing the security state of the system. There are many methods to provide security states' analysis and management. For instance, by using a Firewall to manage the security state, and/or a graphical analysis tools such as attack graphs for analysis.
Attack Graphs are powerful graphical security analysis tools as they provide a visual representation of all possible attack scenarios that an attacker may take to exploit system vulnerabilities. The attack graph's scalability, however, is a major concern for enumerating all possible attack scenarios as it is considered an NP-complete problem. There have been many research work trying to come up with a scalable solution for the attack graph. Nevertheless, non-practical attack graph based solutions have been used in practice for realtime security analysis.
In this thesis, a new framework, namely 3S (Scalable Security Sates) analysis framework is proposed, which present a new approach of utilizing Software-Defined Networking (SDN)-based distributed firewall capabilities and the concept of stateful data plane to construct scalable attack graphs in near-realtime, which is a practical approach to use attack graph for realtime security decisions. The goal of the proposed work is to control reachability information between different datacenter segments to reduce the dependencies among vulnerabilities and restrict the attack graph analysis in a relative small scope. The proposed framework is based on SDN's programmable capabilities to adjust the distributed firewall policies dynamically according to security situations during the running time. It apply white-list-based security policies to limit the attacker's capability from moving or exploiting different segments by only allowing uni-directional vulnerability dependency links between segments. Specifically, several test cases will be presented with various attack scenarios and analyze how distributed firewall and stateful SDN data plan can significantly reduce the security states construction and analysis. The proposed approach proved to achieve a percentage of improvement over 61% in comparison with prior modules were SDN and distributed firewall are not in use.Dissertation/ThesisMasters Thesis Computer Engineering 201
Software Defined Networking Reactive Stateful Firewall
Part 3: Cyber InfrastructureInternational audienceNetwork security is a crucial issue of Software Defined Networking (SDN). It is probably, one of the key features for the success and the future pervasion of the SDN technology. In this perspective, we propose a SDN reactive stateful firewall. Our solution is integrated into the SDN architecture. The application filters TCP communications according to the network security policies. It records and processes the different states of connections and interprets their possible transitions into OpenFlow (OF) rules. The proposition uses a reactive behavior in order to reduce the number of OpenFlow rules in the data plane devices and to mitigate some Denial of Service (DoS) attacks like SYN Flooding. The firewall processes the Finite State Machine of network protocols so as to withdraw useless traffic not corresponding to their transitions' conditions. In terms of cost efficiency, our proposal empowers the behavior of Openflow compatible devices to make them behaving like stateful firewalls. Therefore, organizations do not need to spend money and resources on buying and maintaining conventional firewalls. Furthermore, we propose an orchestrator in order to spread and to reinforce security policies in the whole network with a fine grained strategy. It is thereupon able to secure the network by filtering the traffic related to an application , a node, a subnetwork connected to a data plane device, a sub SDN network connected to a controller, traffic between different links, etc. The deployment of rules of the firewall becomes flexible according to a holistic network view provided by the management plane. In addition, the solution enlarges the security perimeter inside the network by securing accesses between its internal nodes
Towards Model Checking Real-World Software-Defined Networks (version with appendix)
In software-defined networks (SDN), a controller program is in charge of
deploying diverse network functionality across a large number of switches, but
this comes at a great risk: deploying buggy controller code could result in
network and service disruption and security loopholes. The automatic detection
of bugs or, even better, verification of their absence is thus most desirable,
yet the size of the network and the complexity of the controller makes this a
challenging undertaking. In this paper we propose MOCS, a highly expressive,
optimised SDN model that allows capturing subtle real-world bugs, in a
reasonable amount of time. This is achieved by (1) analysing the model for
possible partial order reductions, (2) statically pre-computing packet
equivalence classes and (3) indexing packets and rules that exist in the model.
We demonstrate its superiority compared to the state of the art in terms of
expressivity, by providing examples of realistic bugs that a prototype
implementation of MOCS in UPPAAL caught, and performance/scalability, by
running examples on various sizes of network topologies, highlighting the
importance of our abstractions and optimisations
- …