FRChain: A Blockchain-based Flow-Rules-oriented Data Forwarding Security Scheme in SDN |
Lian, Weichen
(Department of Electronics and Communication Engineering Beijing Electronic Science & Technology Institute)
Li, Zhaobin (Department of Electronics and Communication Engineering Beijing Electronic Science & Technology Institute) Guo, Chao (Department of Electronics and Communication Engineering Beijing Electronic Science & Technology Institute) Wei, Zhanzhen (Department of Electronics and Communication Engineering Beijing Electronic Science & Technology Institute) Peng, Xingyuan (Department of Electronics and Communication Engineering Beijing Electronic Science & Technology Institute) |
1 | S. Shin, V. Yegneswaran, P. Porras, and G. Gu, "Avant-guard: Scalable and vigilant switch flow management in software-defined networks," in Proc. of the 2013 ACM SIGSAC Conference on Computer & Communications Security, pp. 413-424, Nov. 2013. |
2 | S. Hong, L. Xu, H. Wang, and G. Gu, "Poisoning Network Visibility in Software-Defined Networks: New Attacks and Countermeasures," in Proc. of The Network and Distributed System Security Symposium (NDSS), pp. 8-11, Feb. 2015. |
3 | N. Mckeown, T. Anderson, H. Balakrishnan, G. Parulkar, L. Peterson, J. Rexford, S. Shenker, and J. Turner, "OpenFlow: enabling innovation in campus networks," ACM SIGCOMM Computer Communication Review, vol. 38, no. 2, pp. 69-74, Apr. 2008. DOI |
4 | T. Zhang, A. Bianco, P. Giaccone, and A. P. Nezhad, "Dealing with misbehaving controllers in SDN networks," in Proc. of GLOBECOM 2017-2017 IEEE Global Communications Conference, pp. 1-6, Dec. 2017. |
5 | A. Ranjbar, M. Komu, P. Salmela, and T. Aura, "An SDN-based approach to enhance the end-toend security: SSL/TLS case study," in Proc. of NOMS 2016 - 2016 IEEE/IFIP Network Operations and Management Symposium, pp. 281-288, July 2016. |
6 | M. Antikainen, T. Aura, and M. Sarela, "Spook in your network: Attacking an SDN with a compromised openflow switch," in Proc. of Nordic Conference on Secure IT Systems, vol. 8788, pp. 229-244, 2014. |
7 | E. Alshaer and S. Alhaj, "FlowChecker: Configuration analysis and verification of federated OpenFlow infrastructures," in Proc. of the 3rd ACM Workshop on Assurable and Usable Security Configuration, pp. 37-44, Oct. 2010. |
8 | S. Son, S. Shin, V. Yegneswaran, P. Porras, and G. Gu, "Model checking invariant security properties in OpenFlow," in Proc. of IEEE International Conference on Communications, pp. 1974-1979, Nov. 2013. |
9 | A. Khurshid, W. Zhou, M. Caesar, and P. B. Godfrey, "Veriflow: Verifying network-wide invariants in real time," in Proc. of the 1st Workshop on Hot Topics in Software Defined Network, pp. 49-54, 2013. |
10 | P. W. Chi, C. Kuo, J. W. Guo, and C. L. Lei, "How to detect a compromised SDN switch," in Proc. of 2015 1st IEEE Conference on Network Softwarization (NetSoft), pp. 1-6, 2015. |
11 | Z. Zhibin, C. Chaowen, and Z. Xianwei, "A Software-Defined Networking Packet Forwarding Verification Mechanism Based on Programmable Data Plane," Journal of Electronics & Information Technology, vol. 42, no. 5, pp. 1110-1117, 2020. |
12 | S. Nakamoto, "Bitcoin: A peer-to-peer electronic cash system," White Paper Bitcoin, pp. 1-9, 2009. |
13 | C. Tselios, I. Politis, and S. Kotsopoulos, "Enhancing SDN security for IoT-related deployments through blockchain," in Proc. of 2017 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN), pp. 303-308, Nov. 2017. |
14 | M. Ali, J. Nelson, R. Shea, and M. J. Freedman, "Blockstack: A global naming and storage system secured by blockchains," in Proc. of 2016 USENIX Annual Technical Conference, pp. 181-194, June 2016. |
15 | M. Dhawan, R. Poddar, K. Mahajan, and V. Mann, "SPHINX: Detecting Security Attacks in Software-Defined Networks," in Proc. of The Network and Distributed System Security Symposium (NDSS), vol. 15, pp. 8-11, Jan. 2015. |
16 | Y. Wang, J. Bi, and K. Zhang, "A tool for tracing network data plane via SDN/OpenFlow," Science China (Information Sciences), vol. 60, no. 2, pp. 74-86, Feb. 2017. |
17 | M. Wang, J. Liu, J. Mao, H. Cheng, J. Chen, and C. Qi, "Route Guardian: Constructing Secure Routing Paths in Software-Defined Networking," Tsinghua Science and Technology, vol. 22, no. 4, pp. 400-412, Aug. 2017. DOI |
18 | T. Wang and H. Chen, "SGuard: A Lightweight SDN Safe-Guard rchitecture for DoS Attack," China Communications, vol. 14, no. 6, pp. 113-125, June 2017. DOI |
19 | X. Qiu, K. Zhang, and Q. Ren, "Global Flow Table: A convincing mechanism for security operations in SDN," Computer Networks, vol. 120, pp. 56-70, 2017. DOI |
20 | T. Sasaki, C. Pappas, T. Lee, T. Hoefler, and A. Perrig, "SDNsec: Forwarding Accountability for the SDN Data Plane," in Proc. of 2016 25st International Conference on Computer Communication and Networks (ICCCN), pp. 1-10, Sep. 2016. |
21 | K. Kataoka, S. Gangwar, and P. Podili, "Trust list: Internet-wide and distributed IoT traffic management using blockchain and SDN," in Proc. of 2018 IEEE 4th World Forum on Internet of Things (WF-IoT), pp. 296-301, May 2018. |
22 | M. Singh and S. Kim, "Blockchain based intelligent vehicle data sharing framework," arXiv: Cryptography and Security, July 2017. |
23 | P. K. Sharma, M. Y. Chen, and J. H. Park, "A software defined fog node based. distributed blockchain cloud architecture for IoT," IEEE Access, vol. 6, pp. 115-124, Sep. 2017. DOI |
24 | P. K. Sharma, S. Singh, Y. Jeong, and J. H. Park, "Distblocknet: A distributed blockchains-based secure SDN architecture for IoT networks," IEEE Communications Magazine, vol. 55, no. 9, pp. 78-85, Sep. 2017. DOI |
25 | J. Chen, "Flowchain: A distributed ledger designed for peer-to-peer IoT networks and real-time data transactions," in Proc. of the 2nd International Workshop on Linked Data and Distributed Ledgers (LDDL2), pp. 1-10, Jan. 2017. |
26 | A. Yazdinejad, R. M. Parizi, A. Dehghantanha, and K. R. Choo, "Blockchain-enabled Authentication Handover with Efficient Privacy Protection in SDN-based 5G Networks," IEEE Transactions on Network Science and Engineering, p. 1, Aug. 2019. |
27 | Z. A. El Houda, A. S. Hafid, and L. Khoukhi, "Cochain-SC: An Intra- and Inter-Domain Ddos Mitigation Scheme Based on Blockchain Using SDN and Smart Contract," IEEE Access, vol. 7, pp. 98893-98907, July 2019. DOI |
28 | X. Zhang and X. Chen, "Data Security Sharing and Storage Based on a Consortium Blockchain in a Vehicular Ad-hoc Network," IEEE Access, vol. 7, pp. 58241-58254, Jan. 2019. DOI |
29 | T. McConaghy, R. Marques, A. Müller, D. D. Jonghe, T. McConaghy, G. McMullen, R. Henderson, S. Bellemare, and A. Granzotto, "BigchainDB: a scalable blockchain database," White Paper, BigChainDB, 2016. |
30 | J. Kang, R. Yu, X. Huang, M. Wu, S. Maharjan, S. Xie, and Y. Zhang, "Blockchain for Secure and Efficient Data Sharing in Vehicular Edge Computing and Networks," IEEE Internet of Things Journal, vol. 6, no. 3, pp. 4660-4670, June 2019. DOI |
31 | M. Szydlo, "Merkle tree traversal in log space and time," in Proc. of International Conference on the Theory and Applications of Cryptographic Techniques, pp. 541-554, 2004. |
32 | Z. Guan, H. Lyu, H. Zheng, D. Li, and J. Liu, "Distributed Audit System of SDN Controller Based on Blockchain," in Proc. of International Conference on Smart Blockchain, vol. 11911, pp. 21-31, 2019. |
![]() |