1 |
D. Kreutz, F. M. Ramos, and P. Verissimo, "Towards Secure and Dependable Software-Defined Networks," in Proc. of the 2nd ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, pp. 55-60, Aug. 2013.
|
2 |
L. Xu, J. Huang, S. Hong, J. Zhang, and G. Gu, "Attacking the Brain: Races in the SDN Control Plane," in Proc. of the 26th USENIX Security Symposium, pp. 451-468, Aug. 2017.
|
3 |
H. Wang, G. Yang, P. Chinprutthiwong, L. Xu, Y. Zhang, and G. Gu, "Towards Fine-Grained Network Security Forensics and Diagnosis in the SDN Era," in Proc. of the 25th ACM Conference on Computer and Communications Security, pp. 3-16, 2018.
|
4 |
H. Ropke and T. Holz, "SDN Rootkits: Subverting Network Operating Systems of Software-Defined Networks," in Proc. of International Symposium on Research in Attacks, Intrusions, and Defenses, pp. 339-356, 2015.
|
5 |
J. Hua, Z. Zhou, and S. Zhong, "Flow Misleading: Worm-Hole Attack in Software-Defined Networking via Building In-Band Covert Channel," IEEE Transactions on Information Forensics and Security, vol. 16, pp. 1029-1043, 2020.
DOI
|
6 |
I. Ahmad, S. Namal, M. Ylianttila, and A. Gurtov, "Security in Software Defined Networks: A Survey," IEEE Communications Surveys and Tutorials, vol. 17, no. 4, pp. 2317-2346, 2015.
DOI
|
7 |
P. Berde, M. Gerola, J. Hart, Y. Higuchi, M. Kobayashi, T. Koide, B. Lantz, B. O'Connor, P. Radoslavov, W. Snow, and G. Parulkar, "ONOS: towards an open, distributed SDN OS," in Proc. of the 3rd Workshop on Hot Topics in Software Defined Networking, pp. 1-6, Aug. 2014.
|
8 |
B. E. Ujcich, S. Jero, A. Edmundson, Q. Wang, R. Skowyra, J. Landry, A. Bates, W. H. Sanders, C. Nita-Rotaru, and H. Okhravi, "Cross-App Poisoning in Software-Defined Networking," in Proc. of the 25th ACM Conference on Computer and Communications Security, pp. 648-663, Oct. 2018.
|
9 |
S. Jero, X. Bu, C. Nitarotaru, H. Okhravi, R. Skowyra, and S. Fahmy, "BEADS: Automated Attack Discovery in OpenFlow-Based SDN Systems," in Proc. of International Symposium on Research in Attacks, Intrusions, and Defenses, pp. 311-333, Oct. 2017.
|
10 |
R. Krosche, K. Thimmaraju, L. Schiff, and S. Schmid, "I DPID It My Way! A Covert Timing Channel in Software-Defined Networks," in Proc. of IFIP Networking Conference (IFIP Networking) and Workshops, pp. 217-225, 2018.
|
11 |
U. Steinhoff, A. Wiesmaier, and R. Araujo, "The state of the art in DNS spoofing," ACNS, 2006.
|
12 |
J. King and K. Lauerman, "ARP poisoning (man-in-the-middle) attack and mitigation techniques," Oct. 2020.
|
13 |
S. Hong, L. Xu, H. Wang, and G. Gu, "Poisoning Network Visibility in Software-Defined Networks: New Attacks and Countermeasures," in Proc. of Network and Distributed System Security Symposium, 2015.
|
14 |
Pickett G, "Abusing Software Defined Networks,"
|
15 |
D. Smyth, V. Cionca, S. Mcsweeney, and D. O'Shea, "Exploiting Pitfalls in Software-Defined Networking Implementation," in Proc. of International Conference on Cyber Security and Protection of Digital Services (Cyber Security), pp. 1-8, July 2016.
|
16 |
Linux Foundation, "OpenDaylight".
|
17 |
M. Zhang, G. Li, S. Wang, C. Liu, A. Chen, H. Hu, G. Gu, Q. Li, M. Xu, and J. Wu, "Poseidon: Mitigating Volumetric DDoS Attacks with Programmable Switches," in Proc. of Network and Distributed System Security Symposium, Jan. 2020.
|
18 |
S. Shin and G. Guofei, "Attacking Software-Defined Networks: A First Feasibility Study," in Proc. of the 2nd ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, pp. 165-166, 2013.
|
19 |
Open Networking Foundation. [Online] Available: https://www.opennetworking.org
|
20 |
N. McKeown, T. Anderson, H. Balakrishnan, G. Parulka, and L. Peterson, "OpenFlow: Enabling innovation in campus networks," ACM SIGCOMM communication Review, vol. 38, no. 2, pp. 69-74, Mar. 2008.
|
21 |
N. Gude, T. Koponen, J. Pettit, B. Pfaff, M. Casado, N. McKeown, and S. Shenker, "NOX: towards an operating system for networks," ACM SIGCOMM Computer Communication Review, vol. 38, no. 3, pp. 105-110, July 2008.
DOI
|
22 |
K. Thimmaraju, L. Schiff, and S. Schmid, "Outsmarting Network Security with SDN Teleportation," in Proc. of IEEE European Symposium on Security and Privacy (EuroS&P), pp. 563-578, Apr. 2017.
|
23 |
C. Jiahao, X. Renjie, K. Sun, Q. Li, G. Gu, and M. Xu, "When Match Fields Do Not Need to Match: Buffered Packet Hijacking in SDN," in Proc. of the Network and Distributed System Security Symposium, Feb. 2020.
|
24 |
B. E. Ujcich, S. Jero, R. Skowyra, S. R. Gomez, A. Bates, W. H. Sanders, and H. Okhravi, "Automated Discovery of Cross-Plane Event-Based Vulnerabilities in Software-Defined Networking," in Proc. of Network and Distributed System Security Symposium, 2020.
|
25 |
Q. Duan, "End-to-End Service Delivery with QoS Guarantee in Software Defined Networks," Transactions on Networks and Communications, vol. 6, no. 2, 2018.
|
26 |
H. Wang, L. Xu, and G. Gu, "FloodGuard: A DoS Attack Prevention Extension in Software-Defined Networks," in Proc. of the 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, pp. 239-250, 2015.
|
27 |
J. Cao, Q. Li, R. Xie, K. Sun, G. Gu, M. Xu, and Y. Yang, "The CrossPath Attack: Disrupting the SDN Control Channel via Shared Links," in Proc. of the 28th USENIX Security Symposium, pp. 19-36, Aug. 2019.
|
28 |
S. Lee, C. Yoon, and S. Shin, "The Smaller, the Shrewder: A Simple Malicious Application Can Kill an Entire SDN Environment," in Proc. of the ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization, pp. 23-28, 2016.
|
29 |
S. Jain, A. Kumar, S. Mandal, J. Ong, L. Poutievski, and A. Singh, "B4: Experience with a globally-deployed software defined WAN," in Proc. of the Conference on SIGCOMM, vol. 43, no. 4, pp. 3-14, Aug. 2013.
|
30 |
W. Zehui, W. Qiang, and W. QingXian, "Survey for Attack and Defense Approaches of OpenFlow-Enabled Software Defined Network," Computer Science, vol. 44, pp. 121-132, 2017.
|
31 |
Ryu. [Online] Available: http://osrg.github.com/ryu
|
32 |
Y. Zhou, K. Chen, J. Zhang, J. Leng, and Y. Tang, "Exploiting the Vulnerability of Flow Table Overflow in Software-Defined Network: Attack Model, Evaluation, and Defense," Security and Communication Networks, vol. 2018, pp. 1-15, Jan. 2018.
|
33 |
A. Azzouni, O. Braham, T. M. Nguyen, G. Pujolle, and R. Boutaba, "Fingerprinting OpenFlow Controllers: The First Step to Attack an SDN Control Plane," in Proc. of IEEE Global Communications Conference (GLOBECOM), pp. 1-6, 2016.
|
34 |
J. Sonchack, A. J. Aviv, and E. Keller, "Timing SDN Control Planes to Infer Network Configurations," in Proc. of ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization, pp. 19-22, 2016.
|
35 |
M. Yu, T. He, P. Mcdaniel, and Q. K. Burke, "Flow Table Security in SDN: Adversarial Reconnaissance and Intelligent Attacks," in Proc. of IEEE Conference on Computer Communications, pp. 1519-1528, 2020.
|
36 |
J. Cao, Z. Yang, K. Sun, Q. Li, M. Xu, and P. Han, "Fingerprinting SDN Applications via Encrypted Control Traffic," in Proc. of the 22nd International Symposium on Research in Attacks, Intrusions and Defenses, pp. 501-515, 2019.
|
37 |
S. Deng, X. Gao, Z. Lu, and X. Gao, "Packet Injection Attack and Its Defense in Software-Defined Networks," IEEE Transactions on Information Forensics and Security, vol. 13, no. 3, pp. 695-705, Oct. 2017.
DOI
|
38 |
J. H. Jafarian, E. Alshaer, and Q. Duan, "Openflow Random Host Mutation: Transparent Moving Target Defense Using Software Defined Networking," in Proc.of the 1st Workshop on Hot Topics in Software Defined Networks, pp. 127-132, Aug. 2012.
|
39 |
P. Kampanakis, H. Perros, and T. Beyene, "SDN-Based Solutions for Moving Target Defense Network Protection," in Proc. of IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks, pp. 1-6, June 2014.
|
40 |
J. Wang, R. Wen, J. Li, F. Yan, B. Zhao, and F. Yu, "Detecting and Mitigating Target Link-Flooding Attacks Using SDN," IEEE Transactions on Dependable and Secure Computing, vol. 16, no. 6, pp. 944-956, Apr. 2018.
DOI
|
41 |
M. Zhang, G. Li, L. Xu, J. Bi, G. Gu, and J. Bai, "Control Plane Reflection Attacks in SDNs: New Attacks and Countermeasures," in Proc. of International Symposium on Research in Attacks, Intrusions, and Defenses, pp. 161-183, Sep. 2018.
|
42 |
H. Wang, L. Xu, and G. Gu, "FloodGuard: A DoS Attack Prevention Extension in Software-Defined Networks," in Proc. of the 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, pp. 239-250, 2015.
|
43 |
S. Jero, W. Koch, R. Skowyra, H. Okhravi, C. N. Rotaru, and D. Bigelow, "Identifier Binding Attacks and Defenses in Software-Defined Networks," in Proc. of the 26th USENIX Security Symposium (USENIX Security 17), pp. 415-432, 2017.
|
44 |
C. Yoon, S. Lee, H. Kang, S. Shin, V. Yegnesqaran, P. Porras, and G. Gu, "Flow Wars: Systemizing the Attack Surface and Defenses in Software-Defined Networks," IEEE/ACM Transactions on Networking, vol. 25, no. 6, pp. 3514-3530, 2017.
DOI
|
45 |
V. H. Dixit, A. Doupe, Y. Shoshitaishvili, Z. Zhao, and G. J. Ahn, "AIM-SDN: Attacking Information Mismanagement in SDN-Datastores," in Proc. of ACM SIGSAC Conference on Computer and Communications Security, pp. 664-676, 2018.
|
46 |
M. Dhawan, R. Poddar, K. Mahajan, and V. Mann, "SPHINX: Detecting Security Attacks in Software-Defined Networks," in Proc. of Network and Distributed System Security Symposium, 2015.
|
47 |
D. Smyth, V. Cionca, S. Mcsweeney, and D. O'Shea, "Exploiting Pitfalls in Software-Defined Networking Implementation," in Proc. of International Conference On Cyber Security And Protection Of Digital Services (Cyber Security), pp. 1-8, 2016.
|
48 |
D. Kreutz, F. M. V. Ramos, P. E. Verissimo, C. E. Rothenberg, S. Azodolmolky, and S. Uhlig, "Software-Defined Networking: A Comprehensive Survey," Proceedings of the IEEE, vol. 103, no. 1, pp. 14-76, Jan. 2015.
DOI
|
49 |
Y. Hori, S. Mizoguchi, R. Miyazaki, A. Yamada, Y. Feng, A. Kubota, and K. Sajurai, "A Comprehensive Security Analysis Checksheet for OpenFlow Networks," in Proc. of the International Conference on Broad-Band Wireless Computing, Communication and Applications, pp. 231-242, Oct. 2016.
|
50 |
S. Shin, P. Porras, V. Yegneswara, M. Fong, G. Gu, and M. Tyson, "FRESCO: Modular Composable Security Services for Software-Defined Networks," in Proc. of the 20th Annual Network Distributed System Security Symposium, 2013.
|
51 |
V. Tiago, B. Kimura, J. Ueyama, and V. Rosset, "Experimental Security Analysis of Controller Software in SDNs: A Review," ArXiv Preprint ArXiv:1906.09546, 2019.
|
52 |
W. Mengmeng, L. Jianwei, and M. Jian, "Software Defined Networking: Security Model, Threats and Mechanism," Journal of Software, vol. 27, no. 4, pp. 205-228, Apr. 2016.
|
53 |
Floodlight. [Online] Available: http://Floodlight.openflowhub.org
|
54 |
M. Dhawan, R. Poddar, K. Mahajan, and V. Mann, "SPHINX: Detecting Security Attacks in Software-Defined Networks," in Proc. of Network and Distributed System Security Symposium, 2015.
|
55 |
R. Kloti, V. Kotronis, and P. Smith, "OpenFlow: A Security Analysis," in Proc. of the 21st IEEE International Conference on Network Protocols (ICNP), pp. 1-6, 2013.
|
56 |
J. Cao, M. Xu, and Q. Li, "Disrupting SDN via the Data Plane: A Low-Rate Flow Table Overflow Attack," in Proc. of International Conference on Security and Privacy in Communication Systems, pp. 356-376, 2017.
|
57 |
S. Lee, C. Yoon, C. Lee, S. Shin, V. Yegneswaran, and P. Porras, "DELTA: A Security Assessment Framework for Software-Defined Networks," in Proc. of Network and Distributed System Security Symposium, 2017.
|