SHIELD: An Automated Framework for Static Analysis of SDN Applications
Software-Defined Network (SDN) is getting popular and increasingly deployed in both of academia and industry. As a result of which, its security issue is being magnified as a critical controversy, and some pioneering researchers have investigated
the vulnerabilities of SDN to discover the feasibility of compromising SDN networks. Especially, they prove that a simple malicious/buggy SDN application running on an SDN controller can kill an SDN control plane because it usually has a right to access the resources of SDN controller. To address this issue, we focus on the malicious SDN application themselves (i.e., how to understand if an SDN application is malicious). In this context, we consider analyzing SDN applications before running in a static manner. We present SHIELD, a new automated framework for static analysis of SDN applications carefully considering SDN abilities. SHIELD provides the Control-Flow Graph (CFG) and critical flows of SDN applications. We evaluate the effectiveness
of SHIELD with 33 real world applications (both benign and malicious applications), and from the results, we define 10 malicious behaviors of SDN applications.
- Publisher
- ACM CODASPY 2016
- Issue Date
- 2016-03-11
- Language
- English
- Citation
ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization (SDN-NFV Security 2016)
- Appears in Collection
- EE-Conference Papers(학술회의논문)
- Files in This Item
- There are no files associated with this item.
This item is cited by other documents in WoS
| ⊙ Detail Information in WoSⓡ | Click to see |  |
| ⊙ Cited 13 items in WoS | Click to see citing articles in |  |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.