A comprehensive security analysis checksheet for openflow networks

Yoshiaki Hori; Seiichiro Mizoguchi; Ryosuke Miyazaki; Akira Yamada; Yaokai Feng; Ayumu Kubota; Kouichi Sakurai

doi:10.1007/978-3-319-49106-6_22

A comprehensive security analysis checksheet for openflow networks

Yoshiaki Hori, Seiichiro Mizoguchi, Ryosuke Miyazaki, Akira Yamada, Yaokai Feng, Ayumu Kubota, Kouichi Sakurai

Research output: Chapter in Book/Report/Conference proceeding › Chapter

4 Citations (Scopus)

Abstract

Software-defined networking (SDN) enables the exible and dynamic configuration of a network, and OpenFlow is one practical SDN implementation. Although it has been widely deployed in actual environments, it can cause fatal aws. In this paper, we consolidate the security threats to OpenFlow mentioned in previous work and introduce a new security checksheet that includes risk assessment methods. We compare the Kreutz et al. threat vectors with the SDNSecurity.org attack list to discover new threats. Our checksheet enables the security of a given OpenFlow network design to be comprehensively assessed. Furthermore, we evaluate the performance of an OpenFlow network with two attack scenarios using the checksheet and identify critical performance degradations.

Original language	English
Title of host publication	Lecture Notes on Data Engineering and Communications Technologies
Publisher	Springer Science and Business Media Deutschland GmbH
Pages	231-242
Number of pages	12
DOIs	https://doi.org/10.1007/978-3-319-49106-6_22
Publication status	Published - 2017

Publication series

Name	Lecture Notes on Data Engineering and Communications Technologies
Volume	2
ISSN (Print)	2367-4512
ISSN (Electronic)	2367-4520

All Science Journal Classification (ASJC) codes

Information Systems
Electrical and Electronic Engineering
Computer Networks and Communications
Media Technology
Computer Science Applications

Access to Document

10.1007/978-3-319-49106-6_22

Cite this

Hori, Y., Mizoguchi, S., Miyazaki, R., Yamada, A., Feng, Y., Kubota, A., & Sakurai, K. (2017). A comprehensive security analysis checksheet for openflow networks. In Lecture Notes on Data Engineering and Communications Technologies (pp. 231-242). (Lecture Notes on Data Engineering and Communications Technologies; Vol. 2). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-3-319-49106-6_22

A comprehensive security analysis checksheet for openflow networks. / Hori, Yoshiaki; Mizoguchi, Seiichiro; Miyazaki, Ryosuke et al.
Lecture Notes on Data Engineering and Communications Technologies. Springer Science and Business Media Deutschland GmbH, 2017. p. 231-242 (Lecture Notes on Data Engineering and Communications Technologies; Vol. 2).

Research output: Chapter in Book/Report/Conference proceeding › Chapter

Hori, Y, Mizoguchi, S, Miyazaki, R, Yamada, A, Feng, Y, Kubota, A & Sakurai, K 2017, A comprehensive security analysis checksheet for openflow networks. in Lecture Notes on Data Engineering and Communications Technologies. Lecture Notes on Data Engineering and Communications Technologies, vol. 2, Springer Science and Business Media Deutschland GmbH, pp. 231-242. https://doi.org/10.1007/978-3-319-49106-6_22

Hori Y, Mizoguchi S, Miyazaki R, Yamada A, Feng Y, Kubota A et al. A comprehensive security analysis checksheet for openflow networks. In Lecture Notes on Data Engineering and Communications Technologies. Springer Science and Business Media Deutschland GmbH. 2017. p. 231-242. (Lecture Notes on Data Engineering and Communications Technologies). doi: 10.1007/978-3-319-49106-6_22

@inbook{55a95d10689f49edb40baa3ee5429420,

title = "A comprehensive security analysis checksheet for openflow networks",

abstract = "Software-defined networking (SDN) enables the exible and dynamic configuration of a network, and OpenFlow is one practical SDN implementation. Although it has been widely deployed in actual environments, it can cause fatal aws. In this paper, we consolidate the security threats to OpenFlow mentioned in previous work and introduce a new security checksheet that includes risk assessment methods. We compare the Kreutz et al. threat vectors with the SDNSecurity.org attack list to discover new threats. Our checksheet enables the security of a given OpenFlow network design to be comprehensively assessed. Furthermore, we evaluate the performance of an OpenFlow network with two attack scenarios using the checksheet and identify critical performance degradations.",

author = "Yoshiaki Hori and Seiichiro Mizoguchi and Ryosuke Miyazaki and Akira Yamada and Yaokai Feng and Ayumu Kubota and Kouichi Sakurai",

note = "Publisher Copyright: {\textcopyright} Springer International Publishing AG 2017.",

year = "2017",

doi = "10.1007/978-3-319-49106-6_22",

language = "English",

series = "Lecture Notes on Data Engineering and Communications Technologies",

publisher = "Springer Science and Business Media Deutschland GmbH",

pages = "231--242",

booktitle = "Lecture Notes on Data Engineering and Communications Technologies",

address = "Germany",

}

TY - CHAP

T1 - A comprehensive security analysis checksheet for openflow networks

AU - Hori, Yoshiaki

AU - Mizoguchi, Seiichiro

AU - Miyazaki, Ryosuke

AU - Yamada, Akira

AU - Feng, Yaokai

AU - Kubota, Ayumu

AU - Sakurai, Kouichi

PY - 2017

Y1 - 2017

N2 - Software-defined networking (SDN) enables the exible and dynamic configuration of a network, and OpenFlow is one practical SDN implementation. Although it has been widely deployed in actual environments, it can cause fatal aws. In this paper, we consolidate the security threats to OpenFlow mentioned in previous work and introduce a new security checksheet that includes risk assessment methods. We compare the Kreutz et al. threat vectors with the SDNSecurity.org attack list to discover new threats. Our checksheet enables the security of a given OpenFlow network design to be comprehensively assessed. Furthermore, we evaluate the performance of an OpenFlow network with two attack scenarios using the checksheet and identify critical performance degradations.

AB - Software-defined networking (SDN) enables the exible and dynamic configuration of a network, and OpenFlow is one practical SDN implementation. Although it has been widely deployed in actual environments, it can cause fatal aws. In this paper, we consolidate the security threats to OpenFlow mentioned in previous work and introduce a new security checksheet that includes risk assessment methods. We compare the Kreutz et al. threat vectors with the SDNSecurity.org attack list to discover new threats. Our checksheet enables the security of a given OpenFlow network design to be comprehensively assessed. Furthermore, we evaluate the performance of an OpenFlow network with two attack scenarios using the checksheet and identify critical performance degradations.

UR - http://www.scopus.com/inward/record.url?scp=85090369624&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85090369624&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-49106-6_22

DO - 10.1007/978-3-319-49106-6_22

M3 - Chapter

AN - SCOPUS:85090369624

T3 - Lecture Notes on Data Engineering and Communications Technologies

SP - 231

EP - 242

BT - Lecture Notes on Data Engineering and Communications Technologies

PB - Springer Science and Business Media Deutschland GmbH

ER -

A comprehensive security analysis checksheet for openflow networks

Abstract

Publication series

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this