ETRI-Knowledge Sharing Plaform

ENGLISH

성과물

논문 검색
구분 SCI
연도 ~ 키워드

상세정보

학술지 A Comprehensive Security Assessment Framework for Software-defined Networks
Cited 11 time in scopus Download 0 time Share share facebook twitter linkedin kakaostory
저자
이승수, 김진우, 우승원, 윤창훈, Sandra Scott-Hayward, Vinod Yegneswaran, Phillip Porras, 신승원
발행일
202004
출처
Computers & Security, v.91, pp.1-15
ISSN
0167-4048
출판사
Elsevier
DOI
https://dx.doi.org/10.1016/j.cose.2020.101720
초록
As Software-Defined Networking (SDN) is getting popular, its security issue is being magnified as a new controversy, and this trend can be found from recent studies of presenting possible security vulnerabilities in SDN. Understanding the attack surface of SDN is necessary, and it is the starting point to make it more secure. However, most existing studies depend on empirical methods in different environments, and thus they have stopped short of converging on a systematic methodology or developing automated systems to rigorously test for security flaws in SDNs. Therefore, we need to disclose any possible attack scenarios in diverse SDN environments and examine how these attacks operate in those environments. Inspired by the necessity for disclosing the vulnerabilities in diverse SDN operating scenarios, we suggest an SDN penetration tool, DELTA, to regenerate known attack scenarios in diverse test cases. Furthermore, DELTA can even provide a chance of discovering unknown security problems in SDN by employing a fuzzing module. In our evaluation, DELTA successfully reproduced 26 known attack scenarios, across diverse SDN controller environments, and also discovered 9 novel SDN application mislead attacks.
키워드
Network security, Penetration testing, Security, Software-Defined Networking
KSP 제안 키워드
Attack Surface, Empirical Methods, Penetration Testing, SDN Application, Security Assessment, Security flaws, Security issues, Security problems, Security vulnerabilities, Software-Defined Networking(SDN), Starting point