Risk and avoidance strategy for blocking mechanism of SDN-based security service

Minjae Byun, Yongjun Lee, Jin Young Choi

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    1 Citation (Scopus)

    Abstract

    Software-Defined Network (SDN) is the dynamic network technology to address the issues of traditional networks. It provides centralized view of the whole network through decoupling the control planes and data planes of a network. Most SDN-based security services globally detect and block a malicious host based on IP address. However, the IP address is not verified during the forwarding process in most cases and SDN-based security service may block a normal host with forged IP address in the whole network, which means false-positive. In this paper, we introduce an attack scenario that uses forged packets to make the security service consider a victim host as an attacker so that block the victim. We also introduce cost-effective risk avoidance strategy.

    Original languageEnglish
    Title of host publication21st International Conference on Advanced Communication Technology
    Subtitle of host publicationICT for 4th Industrial Revolution!, ICACT 2019 - Proceeding
    PublisherInstitute of Electrical and Electronics Engineers Inc.
    Pages187-190
    Number of pages4
    ISBN (Electronic)9791188428021
    DOIs
    Publication statusPublished - 2019 Apr 29
    Event21st International Conference on Advanced Communication Technology, ICACT 2019 - Pyeongchang, Korea, Republic of
    Duration: 2019 Feb 172019 Feb 20

    Publication series

    NameInternational Conference on Advanced Communication Technology, ICACT
    Volume2019-February
    ISSN (Print)1738-9445

    Conference

    Conference21st International Conference on Advanced Communication Technology, ICACT 2019
    Country/TerritoryKorea, Republic of
    CityPyeongchang
    Period19/2/1719/2/20

    Bibliographical note

    Funding Information:
    This research was sponsored by Next-Generation Information Computing Development Program through the National Research Foundation of Korea (NRF) funded by the Ministry of Science and ICT (No. 2017M3C4A7083676).

    Keywords

    • IP forging
    • SDN attack
    • SDN-based Security Services
    • blocking mechanism
    • risk analysis

    ASJC Scopus subject areas

    • Electrical and Electronic Engineering

    Fingerprint

    Dive into the research topics of 'Risk and avoidance strategy for blocking mechanism of SDN-based security service'. Together they form a unique fingerprint.

    Cite this