DC Field | Value | Language |
---|---|---|
dc.contributor.author | Yoon, Changhoon | ko |
dc.contributor.author | Park, Taejune | ko |
dc.contributor.author | Lee, Seungsoo | ko |
dc.contributor.author | Kang, Heedo | ko |
dc.contributor.author | Shin, S | ko |
dc.contributor.author | Zhang, Zonghua | ko |
dc.date.accessioned | 2015-11-20T08:56:12Z | - |
dc.date.available | 2015-11-20T08:56:12Z | - |
dc.date.created | 2015-07-30 | - |
dc.date.created | 2015-07-30 | - |
dc.date.issued | 2015-07 | - |
dc.identifier.citation | COMPUTER NETWORKS, v.85, pp.19 - 35 | - |
dc.identifier.issn | 1389-1286 | - |
dc.identifier.uri | http://hdl.handle.net/10203/200889 | - |
dc.description.abstract | Software-defined networking (SON) is being strongly considered as the next promising networking platform, and studies regarding SON have been actively conducted accordingly. However, the security of SDN remains undefined and unknown when considering the enhancement of network security in SDN. In this paper, we verify whether SDN can enhance network security. Specifically, the idea of enabling security functions with diverse SDN features is explored thoroughly. In order to elucidate the feasibility of SDN-based security functions, we implement four types of security functions with SON in Floodlight applications: (i) in-line mode security functions (e.g. firewalls and IPS), (ii) passive mode security functions (e.g. IDS), (iii) network anomaly detection functions (e.g. scan and DDoS detector), and (iv) advanced security functions (e.g. stateful firewall and reflector networks). Furthermore, we focus on discovering issues that might arise throughout the implementation of SDN-based security applications and discuss how these issues can be addressed. In order to appropriately prove the feasibility of the SDN-based security applications, we evaluate our Floodlight applications in real testbeds that consist of SON-enabled switches and a number of physical hosts. | - |
dc.language | English | - |
dc.publisher | ELSEVIER SCIENCE BV | - |
dc.title | Enabling security functions with SDN: A feasibility study | - |
dc.type | Article | - |
dc.identifier.wosid | 000357239800002 | - |
dc.identifier.scopusid | 2-s2.0-84937973181 | - |
dc.type.rims | ART | - |
dc.citation.volume | 85 | - |
dc.citation.beginningpage | 19 | - |
dc.citation.endingpage | 35 | - |
dc.citation.publicationname | COMPUTER NETWORKS | - |
dc.identifier.doi | 10.1016/j.comnet.2015.05.005 | - |
dc.contributor.localauthor | Shin, S | - |
dc.contributor.nonIdAuthor | Park, Taejune | - |
dc.contributor.nonIdAuthor | Lee, Seungsoo | - |
dc.contributor.nonIdAuthor | Kang, Heedo | - |
dc.contributor.nonIdAuthor | Zhang, Zonghua | - |
dc.type.journalArticle | Article | - |
dc.subject.keywordAuthor | Network security | - |
dc.subject.keywordAuthor | Software-defined networking security | - |
dc.subject.keywordAuthor | SDN security | - |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.