Info: Zenodo’s user support line is staffed on regular business days between Dec 23 and Jan 5. Response times may be slightly longer than normal.

Published August 1, 2014 | Version 9999341
Journal article Open

Towards Security in Virtualization of SDN

Description

In this paper, the potential security issues brought by the virtualization of a Software Defined Networks (SDN) would be analyzed. The virtualization of SDN is achieved by FlowVisor (FV). With FV, a physical network is divided into multiple isolated logical networks while the underlying resources are still shared by different slices (isolated logical networks). However, along with the benefits brought by network virtualization, it also presents some issues regarding security. By examining security issues existing in an OpenFlow network, which uses FlowVisor to slice it into multiple virtual networks, we hope we can get some significant results and also can get furtherdiscussions among the security of SDN virtualization.

Files

9999341.pdf

Files (190.1 kB)

Name Size Download all
md5:2e56cf7e0459365d95f707349fa8ddaf
190.1 kB Preview Download

Additional details

References

  • Rob Sherwood, Glen Gibb, Kok-kiongYap, Guido Appenzeller, Martin Casado, Nick Mckeown, and Guru Parulkar. FlowVisor: A Network Virtualization Layer.OpenFlow Switch, page 15, 2009
  • Rowan Kloeti, OpenFlow: A Security Analysis, 2012 ftp://yosemite.ee.ethz.ch/pub/students/2012-HS/MA-2012-20_signed.pdf
  • incntre.iu.edu/sites/default/files/FlowVisor%20Intro.pptx, accessed 2014
  • Victor T. Costa, Luıs Henrique M. K. Costa, Vulnerability Study of FlowVisor-based Virtualized Network Environments http://www.gta.ufrj.br/wnetvirt13/papers/ts5-02.pdf
  • Romão, Daniel, et al. "Practical security analysis of OpenFlow implementation." ,2013
  • D. Kreutz, F. Ramos, and P. Verissimo, "Towards secure and dependable software-defined networks," in Proceedings of the second ACM SIGCOMM workshop on Hot topics in software defined networking. ACM,pp. 55–60, 2013
  • Canini, Marco, et al. "A NICE way to test OpenFlow applications." NSDI,04/2012
  • Khurshid, Ahmed, et al. "Veriflow: Verifying network-wide invariants in real time." ACM SIGCOMM Computer Communication Review 42.4: 467-472, 2012