SDN based scalable MTD solution in cloud network

Ankur Chowdhary, Sandeep Pisharody, Dijiang Huang

Research output: Chapter in Book/Report/Conference proceedingConference contribution

49 Scopus citations

Abstract

Software-Defined Networking (SDN) has emerged as a framework for centralized command and control in cloud data centric environments. SDN separates data and control plane, which provides network administrator better visibility and policy enforcement capability compared to traditional networks. The SDN controller can assess reachability infor- mation of all the hosts in a network. There are many critical assets in a network which can be compromised by a malicious attacker through a multistage attack. Thus we make use of centralized controller to assess the security state of the entire network and pro-actively perform attack analysis and coun- termeasure selection. This approach is also known as Mov- ing Target Defense (MTD). We use the SDN controller to assess the attack scenarios through scalable Attack Graphs (AG) and select necessary countermeasures to perform net- work reconfiguration to counter network attacks. Moreover, our framework has a comprehensive con ict detection and resolution module that ensures that no two ow rules in a distributed SDN-based cloud environment have conflicts at any layer; thereby assuring consistent conflict-free policy implementation and preventing information leakage.

Original languageEnglish (US)
Title of host publicationMTD 2016 - Proceedings of the 2016 ACM Workshop on Moving Target Defense, co-located with CCS 2016
PublisherAssociation for Computing Machinery, Inc
Pages27-36
Number of pages10
ISBN (Electronic)9781450345705
DOIs
StatePublished - Oct 24 2016
Event2016 ACM Workshop on Moving Target Defense, MTD 2016 - Vienna, Austria
Duration: Oct 24 2016 → …

Publication series

NameMTD 2016 - Proceedings of the 2016 ACM Workshop on Moving Target Defense, co-located with CCS 2016

Other

Other2016 ACM Workshop on Moving Target Defense, MTD 2016
Country/TerritoryAustria
CityVienna
Period10/24/16 → …

Keywords

  • Attack graph (AG)
  • Moving target de-fense (MTD)
  • Software-defined networking (SDN)

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Control and Systems Engineering
  • Computer Science Applications

Fingerprint

Dive into the research topics of 'SDN based scalable MTD solution in cloud network'. Together they form a unique fingerprint.

Cite this