Improving network security through SDN in cloud scenarios

Proceedings of the 10th International Conference on Network and Service Management, CNSM 2014

Volumn , Issue , 2014, Pages 376-381

  Seeber, Sebastian ^a   Rodosek, Gabi Dreo ^a  

^a BUNDESWEHR UNIVERSITY MUNICH   (Germany)

Author keywords

[No Author keywords available]

Indexed keywords

CRYPTOGRAPHY; KNOWLEDGE BASED SYSTEMS;

CENTRALIZED DATA-BASE; CLOUD ENVIRONMENTS; CLOUD PROVIDERS; EXISTING SYSTEMS; RECONFIGURATION PROCESS; SECURITY APPROACH; SECURITY REQUIREMENTS; VIRTUALIZATION LAYERS;

NETWORK SECURITY;

EID: 84922806292     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/CNSM.2014.7014198     Document Type: Conference Paper

References (31)

1. A. Wool, "A quantitative study of firewall configuration errors, " Computer, vol. 37, no. 6, pp. 62-67, June 2004.
2. A. Sundaram, "An introduction to intrusion detection, " Crossroads, vol. 2, no. 4, pp. 3-7, 1996.
3. Z. Jiang, L. Zhu, and Q. Xiao, "Semi-proxy based on protocol analysis: A new design of http anti-virus gateway, " in Networks Security Wireless Communications and Trusted Computing (NSWCTC), 2010 Second International Conference on, vol. 2, April 2010, pp. 430-433.
4. B. Kandukuri, V. Paturi, and A. Rakshit, "Cloud security issues, " in Services Computing, 2009. SCC '09. IEEE International Conference on, Sept 2009, pp. 517-520.
5. Softlayer. Service level agreement and master service agreement. Last visited on 2014-07-09. [Online]. Available: http://www. softlayer. com/ sla. html
6. D. P. Kormann and A. D. Rubin, "Risks of the passport single signon protocol, " Computer Networks, vol. 33, no. 1, pp. 51-58, 2000.
7. K. D. Bowers, A. Juels, and A. Oprea, "Hail: a high-availability and integrity layer for cloud storage, " in Proceedings of the 16th ACM conference on Computer and communications security. ACM, 2009, pp. 187-198.
8. M. Blaze, J. Feigenbaum, J. Ioannidis, and A. D. Keromytis, "The role of trust management in distributed systems security, " in Secure Internet Programming. Springer, 1999, pp. 185-210.
9. Oracle. Wiring through an enterprise service bus. Last visited on 2014-07-09. [Online]. Available: http://www. oracle. com/technology/tech/soa/ mastering-soa-series/part2. html
10. S. Subashini and V. Kavitha, "A survey on security issues in service delivery models of cloud computing, " Journal of Network and Computer Applications, vol. 34, no. 1, pp. 1-11, 2011.
11. D. Kreutz, F. Ramos, and P. Verissimo, "Towards secure and dependable software-defined networks, " in Proceedings of the second ACM SIGCOMM workshop on Hot topics in software defined networking. ACM, 2013, pp. 55-60.
12. S. Scott-Hayward, G. O'Callaghan, and S. Sezer, "Sdn security: A survey, " in Future Networks and Services (SDN4FNS), 2013 IEEE SDN for. IEEE, 2013, pp. 1-7.
13. K. Benton, L. J. Camp, and C. Small, "Openflow vulnerability assessment, " in Proceedings of the second ACM SIGCOMM workshop on Hot topics in software defined networking. ACM, 2013, pp. 151-152.
14. K. Giotis, C. Argyropoulos, G. Androulidakis, D. Kalogeras, and V. Maglaris, "Combining openflow and sflow for an effective and scalable anomaly detection and mitigation mechanism on sdn environments, " Computer Networks, vol. 62, pp. 122-136, 2014.
15. R. Braga, E. Mota, and A. Passito, "Lightweight ddos flooding attack detection using nox/openflow, " in Local Computer Networks (LCN), 2010 IEEE 35th Conference on. IEEE, 2010, pp. 408-415.
16. N. Feamster, "Outsourcing home network security, " in Proceedings of the 2010 ACM SIGCOMM workshop on Home networks. ACM, 2010, pp. 37-42.
17. R. Jin and B. Wang, "Malware detection for mobile devices using software-defined networking, " in Research and Educational Experiment Workshop (GREE), 2013 Second GENI. IEEE, 2013, pp. 81-88.
18. J. H. Jafarian, E. Al-Shaer, and Q. Duan, "Openflow random host mutation: transparent moving target defense using software defined networking, " in Proceedings of the first workshop on Hot topics in software defined networks. ACM, 2012, pp. 127-132.
19. S. Frei, B. Tellenbach, and B. Plattner, "0-day patch exposing vendors (in) security performance, " BlackHat Europe, 2008.
20. BSI-Bundesamt für Sicherheit in der Informationstechnik, "Lebenszyklus einer Schwachstelle, " https://www. allianz-fuer-cybersicherheit. de/ACS/DE/-downloads/materialien/sensibilisierung/BSI-CS-027. pdf, 2014, online. Accessed 2014-07-09.
21. Heartbleed. The Heartbleed Bug. Last visited on 2014-07-18. [Online]. Available: http://www. heartbleed. com
22. F. Scherschel, "Heartbleed-Aufräumaktion kommt zum Erliegen, " http: //heise. de/-2236853, online. Accessed 2014-07-18.
23. Ronald Eikenberg, "Das Router-Desaster: Fritzbox-Update gerät ins Stocken, " http://heise. de/-2173043, 2014, online. Accessed 2014-07-18.
24. S. Frei, M. May, U. Fiedler, and B. Plattner, "Large-scale vulnerability analysis, " in Proceedings of the 2006 SIGCOMM workshop on Largescale attack defense. ACM, 2006, pp. 131-138.
25. OpenVAS. OpenVAS (Open Vulnerability Assessment System). Last visited on 2014-07-09. [Online]. Available: http://www. openvas. org
26. Tenable. Nessus vulnerability scanner. Last visited on 2014-07-09. [Online]. Available: http://www. Tenable. com/products/nessus
27. SAINT Corporation. System administrator's integrated network tool. Last visited on 2014-07-09. [Online]. Available: http: //www. saintcorporation. com
28. R. Koch, M. Golling, and G. Dreo, "Evaluation of state of the art ids message exchange protocols, " in International Conference on Communication and Network Security (CNS 2013), 2013.
29. Sourcefire. Snort-network intrusion prevention and detection system. Last visited on 2014-07-09. [Online]. Available: https://www. snort. org
30. OpenBSD. PF: Packet Filtering. Last visited on 2014-07-09. [Online]. Available: http://www. openbsd. org/faq/pf/filter. html
31. R. Sherwood, G. Gibb, K.-K. Yap, G. Appenzeller, M. Casado, N. McKeown, and G. Parulkar, "Flowvisor: A network virtualization layer, " OpenFlow Switch Consortium, Tech. Rep, 2009.