HEX switch: Hardware-assisted security extensions of OpenFlow

Cited 0 time in webofscience Cited 0 time in scopus
  • Hit : 197
  • Download : 0
Software-defined networking (SDN) and Network Function Virtualization (NFV) have inspired security researchers to devise new security applications for these new network technology. However, since SDN and NFV are basically faithful to operating a network, they only focus on providing features related to network control. Therefore, it is challenging to implement complex security functions such as packet payload inspection. Several studies have addressed this challenge through an SDN data plane extension, but there were problems with performance and control interfaces. In this paper, we introduce a new data plane architecture, HEX which leverages existing data plane architectures for SDN to enable network security applications in an SDN environment efficiently and effectively. HEX provides security services as a set of OpenFlow actions ensuring high performance and a function of handling multiple SDN actions with a simple control command. We implemented a DoS detector and Deep Packet Inspection (DPI) as the prototype features of HEX using the NetFPGA-1G-CML, and our evaluation results demonstrate that HEX can provide security services as a line-rate performance.
Publisher
Association for Computing Machinery, Inc
Issue Date
2018-08-24
Language
English
Citation

1st Workshop on Security in Softwarized Networks: Prospects and Challenges, SecSoN 2018, held in conjunction with the ACM SIGCOMM 2018, pp.33 - 39

DOI
10.1145/3229616.3229622
URI
http://hdl.handle.net/10203/247942
Appears in Collection
EE-Conference Papers(학술회의논문)
Files in This Item
There are no files associated with this item.

qr_code

  • mendeley

    citeulike


rss_1.0 rss_2.0 atom_1.0