Please use this identifier to cite or link to this item:
|Title:||Risk based Security Enforcement in Software Defined Network|
|Keywords:||Common Vulnerability Scoring System (CVSS)|
Network control functions (NF)
Software Defined Network (SDN)
|Abstract:||Software Defined Network (SDN) paradigm provides intelligent and efficient management of different network control functions (NF) depending on changes in traffic behavior, service providers� requirements and application context. However, the logical centralization of controllers� functions opens up challenges towards enforcing security perimeter over the underlying network and the assets involved. In this paper, we propose a risk assessment model for pro-active secure flow control and routing of traffic in SDN. The proposed model determines threat value of different SDN entities by analyzing vulnerability and exposure with respect to Common Vulnerability Scoring System (CVSS). The risk of a given traffic is calculated as cumulative threat values of the SDN entities that guides the flow and routing control functions in generating secure flow rules for the forwarding switches. The efficacy of the proposed model is demonstrated through extensive case studies of an enterprise network. � 2018 Elsevier Ltd|
|Appears in Collections:||Research Publications|
Files in This Item:
There are no files associated with this item.
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.