Abstract

Security issues in a Software Defined Network (SDN) environment like system vulnerabilities and intrusion attempts can pose a security risk for multi-tenant network managed by SDN. In this research work, Moving target defense (MTD) technique based on shuffle strategy - port hopping has been employed to increase the difficulty for the attacker trying to exploit the cloud network. Our research work MASON, considers the problem of multi-stage attacks in a network managed using SDN. SDN controller can be used to dynamically reconfigure the network and render attacker’s knowledge in multi-stage attacks redundant. We have used a threat score based on vulnerability information and intrusion attempts to identify Virtual Machines (VMs) in systems with high-security risk and implement MTD countermeasures port hopping to assess threat score reduction in a cloud network.

Original languageEnglish (US)
Title of host publicationSDN-NFVSec 2018 - Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks and Network Function Virtualization, Co-located with CODASPY 2018
PublisherAssociation for Computing Machinery, Inc
Pages43-48
Number of pages6
Volume2018-January
ISBN (Electronic)9781450356350
DOIs
StatePublished - Mar 14 2018
Event2018 ACM International Workshop on Security in Software Defined Networks and Network Function Virtualization, SDN-NFVSec 2018 - Tempe, United States
Duration: Mar 21 2018 → …

Other

Other2018 ACM International Workshop on Security in Software Defined Networks and Network Function Virtualization, SDN-NFVSec 2018
CountryUnited States
CityTempe
Period3/21/18 → …

Fingerprint

Controllers
Virtual machine

Keywords

  • Intrusion Detection System (IDS)
  • Moving Target Defense (MTD)
  • Software Defined Networking (SDN)

ASJC Scopus subject areas

  • Computer Science Applications
  • Information Systems
  • Software

Cite this

Chowdhary, A., Huang, D., Alshamrani, A., & Liang, H. (2018). MTD analysis and evaluation framework in software defined network (MASON). In SDN-NFVSec 2018 - Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks and Network Function Virtualization, Co-located with CODASPY 2018 (Vol. 2018-January, pp. 43-48). Association for Computing Machinery, Inc. https://doi.org/10.1145/3180465.3180473

MTD analysis and evaluation framework in software defined network (MASON). / Chowdhary, Ankur; Huang, Dijiang; Alshamrani, Adel; Liang, Hongbin.

SDN-NFVSec 2018 - Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks and Network Function Virtualization, Co-located with CODASPY 2018. Vol. 2018-January Association for Computing Machinery, Inc, 2018. p. 43-48.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Chowdhary, A, Huang, D, Alshamrani, A & Liang, H 2018, MTD analysis and evaluation framework in software defined network (MASON). in SDN-NFVSec 2018 - Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks and Network Function Virtualization, Co-located with CODASPY 2018. vol. 2018-January, Association for Computing Machinery, Inc, pp. 43-48, 2018 ACM International Workshop on Security in Software Defined Networks and Network Function Virtualization, SDN-NFVSec 2018, Tempe, United States, 3/21/18. https://doi.org/10.1145/3180465.3180473
Chowdhary A, Huang D, Alshamrani A, Liang H. MTD analysis and evaluation framework in software defined network (MASON). In SDN-NFVSec 2018 - Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks and Network Function Virtualization, Co-located with CODASPY 2018. Vol. 2018-January. Association for Computing Machinery, Inc. 2018. p. 43-48 https://doi.org/10.1145/3180465.3180473
Chowdhary, Ankur ; Huang, Dijiang ; Alshamrani, Adel ; Liang, Hongbin. / MTD analysis and evaluation framework in software defined network (MASON). SDN-NFVSec 2018 - Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks and Network Function Virtualization, Co-located with CODASPY 2018. Vol. 2018-January Association for Computing Machinery, Inc, 2018. pp. 43-48
@inproceedings{01c9293f3c2547e3be42be17fa29baa4,
title = "MTD analysis and evaluation framework in software defined network (MASON)",
abstract = "Security issues in a Software Defined Network (SDN) environment like system vulnerabilities and intrusion attempts can pose a security risk for multi-tenant network managed by SDN. In this research work, Moving target defense (MTD) technique based on shuffle strategy - port hopping has been employed to increase the difficulty for the attacker trying to exploit the cloud network. Our research work MASON, considers the problem of multi-stage attacks in a network managed using SDN. SDN controller can be used to dynamically reconfigure the network and render attacker’s knowledge in multi-stage attacks redundant. We have used a threat score based on vulnerability information and intrusion attempts to identify Virtual Machines (VMs) in systems with high-security risk and implement MTD countermeasures port hopping to assess threat score reduction in a cloud network.",
keywords = "Intrusion Detection System (IDS), Moving Target Defense (MTD), Software Defined Networking (SDN)",
author = "Ankur Chowdhary and Dijiang Huang and Adel Alshamrani and Hongbin Liang",
year = "2018",
month = "3",
day = "14",
doi = "10.1145/3180465.3180473",
language = "English (US)",
volume = "2018-January",
pages = "43--48",
booktitle = "SDN-NFVSec 2018 - Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks and Network Function Virtualization, Co-located with CODASPY 2018",
publisher = "Association for Computing Machinery, Inc",

}

TY - GEN

T1 - MTD analysis and evaluation framework in software defined network (MASON)

AU - Chowdhary, Ankur

AU - Huang, Dijiang

AU - Alshamrani, Adel

AU - Liang, Hongbin

PY - 2018/3/14

Y1 - 2018/3/14

N2 - Security issues in a Software Defined Network (SDN) environment like system vulnerabilities and intrusion attempts can pose a security risk for multi-tenant network managed by SDN. In this research work, Moving target defense (MTD) technique based on shuffle strategy - port hopping has been employed to increase the difficulty for the attacker trying to exploit the cloud network. Our research work MASON, considers the problem of multi-stage attacks in a network managed using SDN. SDN controller can be used to dynamically reconfigure the network and render attacker’s knowledge in multi-stage attacks redundant. We have used a threat score based on vulnerability information and intrusion attempts to identify Virtual Machines (VMs) in systems with high-security risk and implement MTD countermeasures port hopping to assess threat score reduction in a cloud network.

AB - Security issues in a Software Defined Network (SDN) environment like system vulnerabilities and intrusion attempts can pose a security risk for multi-tenant network managed by SDN. In this research work, Moving target defense (MTD) technique based on shuffle strategy - port hopping has been employed to increase the difficulty for the attacker trying to exploit the cloud network. Our research work MASON, considers the problem of multi-stage attacks in a network managed using SDN. SDN controller can be used to dynamically reconfigure the network and render attacker’s knowledge in multi-stage attacks redundant. We have used a threat score based on vulnerability information and intrusion attempts to identify Virtual Machines (VMs) in systems with high-security risk and implement MTD countermeasures port hopping to assess threat score reduction in a cloud network.

KW - Intrusion Detection System (IDS)

KW - Moving Target Defense (MTD)

KW - Software Defined Networking (SDN)

UR - http://www.scopus.com/inward/record.url?scp=85052016948&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85052016948&partnerID=8YFLogxK

U2 - 10.1145/3180465.3180473

DO - 10.1145/3180465.3180473

M3 - Conference contribution

AN - SCOPUS:85052016948

VL - 2018-January

SP - 43

EP - 48

BT - SDN-NFVSec 2018 - Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks and Network Function Virtualization, Co-located with CODASPY 2018

PB - Association for Computing Machinery, Inc

ER -