Computer Science ›› 2021, Vol. 48 ›› Issue (3): 295-306.doi: 10.11896/jsjkx.200300119
• Information Security • Previous Articles Next Articles
DONG Shi
CLC Number:
[1]MCKEOWN N,ANDERSON T,BALAKRISHNAN H,et al.OpenFlow:Enabling innovation in campus networks[J].ACM SIGCOMM Computer Communication Review,2008,38(2):69-74. [2]BOSSHART P,DALY D P,GIBB G,et al.P4:programming protocol-independent packet processors[J].ACM Special Interest Group on Data Communication,2014,44(3):87-95. [3]WANG H,SOULE R,DANG H T,et al.P4FPGA:A RapidPrototyping Framework for P4[C]//symposium on Sdn Research.2017:122-135. [4]ZUO Q Y,CHEN M,ZHAO G S,et al.Research on OpenFlow-based SDN technologies[J].Journal of Software,2013,24(5):1078-1097. [5]DONG S,ABBAS K,JAIN R.A Survey on Distributed Denial of Service (DDoS) Attacks in SDN and Cloud Computing Environments[J].IEEE Access,2019,7:80813-80828. [6]YU Y,WANG Z L,BI J,et al.A survey on the languages in the northbound interface of the software defined neworking[J/OL].Journal of Software,2016.http://www.jos.org.cn/ 1000-9825/5028.htm. [7]SHIN S,PORRAS P,YEGNESWARAN V,et al.A Framework For Integrating Security Services into Software-Defined Networks[C]//Proceedings of the 2013 Open Networking Summit (Research Track poster paper).2013. [8]KREUTZ D,RAMOS F,VERISSIMO P.Towards secure and dependable software-defined networks[C]//Proceedings of the Second ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking.ACM,2013:55-60. [9]HARTMAN S,WASSERMAN M,ZHANG D.Software driven networks problem statement[J/OL].Network Working Group Internet-Draft,2013.https://tools.ietf.org/html/drafthartman- sdnsec-requirements-00. [10]XIE H,TSOU T,LOPEZ D,et al.Use cases for ALTO with software defined networks[J/OL].Working Draft,IETF Secretariat,Internet-Draft,2012.https://tools.ietf.org/html/draft-xie-alto-sdn-use-cases-01. [11]NAOUS J,ERICKSON D,COVINGTON G A,et al.Implementing an OpenFlow switch on the NetFPGA platform[C]//Proceedings of the 4th ACM/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS ’08).2008:1-9. [12]JARSCHEL M,OECHSNER S,SCHLOSSER D,et al.Modeling and performance evaluation of an OpenFlow architecture[C]//23rd International Teletraffic Congress (ITC 2011).IEEE,2011. [13]YAO G,BI J,GUO L.On the cascading failures of multi-controllers in software defined networks[C]//21st IEEE International Conference on Network Protocols (ICNP).IEEE,2014. [14]FONSECA,BENNESBY R,MOTA E,et al.A replication component for resilient OpenFlow-based networking[C]//IEEE Network Operations and Management Symposium.2012:933-939. [15]SEEDORF J,BURGER E.Application-layer traffic optimization (ALTO)problem statement[OL].http://www.rfc-editor.org/rfc/rfc5693.txt. [16]NADEAU T,PAN P.Software driven networks problem statement[J/OL].Network Working Group Internet-Draft,2011.https://tools.ietf.org/html/draft-nadeau-sdn-problem-statement-00. [17]BROOKS M,YANG B.A man-in-the-middle attack againstopendaylight sdn controller[C]//Proceedings of the 4th Annual ACM Conference on Research in Information Technology.ACM,2015:45-49. [18]LIN P C,LI P C,NGUYEN V L.Inferring openflow rules by active probing in software-defined networks[C]//2017 19th International Conference Advanced Communication Technology (ICACT).IEEE,2017:415-420. [19]SHIN S,YEGNESWARAN V,PORRAS P,et al.Avant-guard:Scalable and vigilant switch flow management in software-defined networks[C]//ACM Sigsac Conference on Computer & Communications Security.2013:413-424. [20]ZHANG Y,BEHESHTI N,TATIPAMULA M.On resilience of splitarchitecture networks[C]//Proceedings of the Global Communications Conference.2011:1-6. [21]DIERKS T.The Transport Layer Security (TLS) protocol version 1.2 [EB/OL].http://tools.ietf.org/html/ rfc5246. [22]RESCORLA E,MODADUGU N.Datagram Transport LayerSecurity Version 1.2[EB/OL].http://tools.ietf.org/html/ rfc6347. [23]BENTON K,CAMP L J,SMALL C.OpenFlow vulnerability assessment[C]//Acm Sigcomm Workshop on Hot Topics in Software Defined Networking.2013:151-152. [24]LIYANAGE M,GURTOV A.Secured VPN models for LTE backhaul networks[C]//IEEE Vehicular Technology Conference (VTC Fall).2012:1-5. [25]STAESSENS D,SHARMA S,COLLE D,et al.Software defined networking:Meeting carrier grade requirements[C]//18th IEEE Workshop on Local & Metropolitan Area Networks (LANMAN).2011:1-6. [26]SHAGHAGHI A,KAAFAR M A,BUYYA R,et al.Software-Defined Network (SDN) Data Plane Security:Issues,Solutions and Future Directions[J].arXiv:1804.00262,2018. [27]ZHOU Y D,CHEN K Y,ZHANG J J,et al.Exploiting the Vulnerability of Flow Table Overflow in Software-Defined Network:Attack Model,Evaluation,and Defense[J].Security and Communication Networks,2018,2018:1-15. [28]SCOTT-HAYWARD S,NATARAJAN S,SEZER S.A Survey of Security in Software Defined Networks[J].IEEE Communications Surveys & Tutorials,2016,18(1):623-654. [29]SEZER S.Are we ready for SDN? Implementation challenges for software-defined networks[J].IEEE Communication Magazine,2013,51(7):36-43. [30]FOSTER N.Frenetic:A network programming language[J].SIGPLAN Notices,2011,46(9):279-291. [31]VOELLMY A,KIM H,FEAMSTER N.Procera:A languagefor high-level reactive network control[C]//First Workshop on Hot Topics in Software Defined Networks.2012:43-48. [32]MONSANTO C,FOSTER N,HARRISON R,et al.A compiler and run-time system for network programming languages[J].SIGPLAN Notices,2012,47(1):217-230. [33]SHIN S.FRESCO:Modular composable security services forsoftware-defined networks[C]//Proceedings of Network and Distributed Security Symposium.2013:1-16. [34]WEN X,CHEN Y,HU C,et al.Towards a secure controller platform for OpenFlow applications[C]//Proceedings of the second ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking.2013:171-172. [35]CHOWDHARY A,HUANG D,ALSHAMRANI A,et al.Trufl:Distributed trust management framework in sdn[C]//ICC 2019-2019 IEEE International Conference on Communications (ICC).IEEE,2019:1-6. [36]BECKETT R.An assertion language for debugging SDN applications[C]//Proc3rd ACM Workshop Hot Topics Software.Defined Network,2014:91-96. [37]KHURSHID A,ZOU W,ZHOU W X,et al.Veriflow:Verifying network-wide invariants in real time[C]//Proceedings of the 10th USENIX conference on Networked Systems Design and Implementation.2013:15-28. [38]SON S,SHIN S,YEGNESWARAN V,et al.Model checkinginvariant security properties in openflow[C]//IEEE International Conference on Communications.2013:1974-1979. [39]CANINI M,KOSTIC D,REXFORD J,et al.Automating thetesting of OpenFlow applications[C]//Proceedings of the 1st International Workshop on Rigorous Protocol Engineering(WRiPE).2011:1-6. [40]HANDIGOL N,HELLER B,JEYAKUMAR V,et al.Where is the debugger for my software-defined network?[C]//Workshop Hot Topics Software.Defined Network,2012:55-60. [41]WUNDSAM A,LEVIN D,SEETHARAMAN S,et al.OFRe-wind:Enabling record and replay troubleshooting for networks[C]//Usenix Conference on Usenix Technical Conference.2011:29. [42]Security-enhanced floodlight.SDx Central,Sunnyvale,CA,USA[EB/OL].http://www.sdncentral.com/education/ towardsecure-sdn-control-layer/2013/10/. [43]SWITCH B.Developing floodlight modules.Floodlight Open-low controller[EB/OL].http://www.projectfloodlight.org/floodlight/. [44]FERNANDEZ M.Comparing openflow controller paradigmsscalability:reactive and proactive[C]//IEEE International Conference on Advanced Information Networking & Applications.2013:1009-1016. [45]VOELLMY A,WANG J.Scalable software defined networkcontrollers[J].Acm Sigcomm Computer Communication Review,2012,42(4):289-290. [46]GUDE N,KOPONEN T,PETTIT J,et al.NOX:towards an ope-rating system for networks[J].ACM SIGCOMM Computer Communication Review,2008,38(3):105-110. [47]CAI Z,COX A L,EUGENE N G.Maestro:A system for scalable OpenFlow control[J/OL].Cs.rice.edu,https://scholarship.rice.edu/bitstream/handle/1911/96391/TR10-11.pdf?se-quence=1&isAllowed=y. [48]PHEMIUS K,BOUET M,LEGUAY J.DISCO:Distributedmultidomain SDN controllers[C]//IEEE Network Operations and Management Symposium (NOMS).2014:1-4. [49]PHEMIUS K,BOUET M,LEGUAY J.DISCO:DistributedSDN controllers in a multi-domain environment[C]//IEEE Network Operations and Management Symposium (NOMS).2014:1-2. [50]Advanced Message Queuing Protocol[EB/OL].http://www.amqp.org. [51]TOOTOONCHIAN A,GANJALI Y.HyperFlow:A distributed control plane for OpenFlow[C]//Internet Network Management Conference on Research on Enterprise Networking. USENIX Association,2010:3. [52]HELLER B,SHERWOOD R,MCKEOWN N.The controllerplacement problem[C]//Acm Sigcomm Workshop on Hot To-pics in Software Defined Networking.2012:7-12. [53]AHMAD I,KARUNARATHNA S N,YLIANTTILA M,et al.Load balancing in software defined mobile networks[C]//Software Defined Mobile Networks (SDMN):Beyond LTE Network Architecture.Hoboken,NJ,USA:Wiley,2015:225-245. [54]NAMAL S,AHMAD I,GURTOV A,et al.SDN based intertechnology load balancing leveraged by flow admission control[C]//IEEE SDN for Future Networks and Services(SDN4FNS).2013:1-5. [55]BRAGA R,MOTA E,PASSITO A.Lightweight DDoS flooding attack detection using NOX/OpenFlow[C]//The 35th Annual IEEE Conference on Local Computer Networks.2010:408-415. [56]KOHONEN T.The self-organizing map[J].Neurocomputing,1998,21(1):1-6. [57]DONG S,SAREM M.DDoS Attack Detection Method Based on Improved KNN With the Degree of DDoS Attack in Software-Defined Networks[J].IEEE Access,2020:5039-5048. [58]KALKAN K,ALTAY L,GÜR G,et al.JESS:Joint Entropy-Based DDoS Defense Scheme in SDN[J].IEEE Journal on Selected Areas in Communications,2018,36(10):2358-2372. [59]WU Z J,XU Q,WANG J J,et al.Low-Rate DDoS Attack Detection Based on Factorization Machine in Software Defined Network[J].IEEE Access,2020,8:17404-17418. [60]HU Y,WANG W,GONG X,et al.On reliability optimized controller placement for software-defined networks[J].China Communication,2014,11(2):38-54. [61]HU Y N,WANG W D,GONG X Y,et al.Reliability aware controller placement for software-defined networks[C]//FIP/IEEE International Symposium on Integrated Network Management.2013:672-675. [62]BARI M.Dynamic controller provisioning in software definednetworks[C]//International Conference on Network & Service Management.2013:18-25. [63]HOCK D.Pareto-optimal resilient controller placement in SDN-based core networks[C]//Proceedings of the 2013 25th International Teletraffic Congress (ITC).2013:1-9. [64]MOGUL J C.DevoFlow:Cost-effective flow management forhigh performance enterprise networks[C]//Acm Sigcomm Workshop on Hot Topics in Networks.2010:1-6. [65]GE J G,SHEN H J,PENG Y E,et al.An OpenFlow-based dynamic path adjustment algorithm for multicast spanning trees[C]//12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications.2013:1478-1483. [66]KEMPF J.Scalable fault management for OpenFlow[C]//IEEE International Conference on Communications (ICC).2012:6606-6610. [67]Porras P.A security enforcement kernel for OpenFlow networks[C]//ACM SIGCOMM Workshop on Hot Topics in Software Defined Networks.2012:121-126. [68]AL-SHAER E,AL-HAJ S.FlowChecker:Configuration analysis and verification of federated openflow infrastructures[C]//Proceedings of the 3rd ACM Workshop on Assurable and Usable Security Configuration.2010:37-44. [69]FAN Z,XIAO Y,NAYAK A.et al.An improved network security situation assessment approach in software defined networks[J].Peer-to-Peer Networking and Applications,2019,12(2):295-309. [70]NAYAK A K,REIMERS A,FEAMSTER N,et al.Resonance:dynamic access control for enterprise networks[C]//Proc 1st ACM Workshop Res.Enterprise Network,2009:11-18. [71]KEROMYTIS A.Voice-over-IP security:Research and practice[J].IEEE Security Privacy,2010,8(2):76-78. [72]SHIN S,GU G.Attacking software-defined networks:a firstfeasibility study[C]//Proceedings of the Second ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking.2013:165-166. [73]TOOTOONCHIAN A,GORBUNOV S,GANJALI Y,et al.On controller performance in software-defined networks[C]//Proc.USENIX Workshop Hot-ICE,2012:10. [74]GREENBERG A.A clean slate 4D approach to network control and management[J].Computer communication review,2005,35(5):43-54. [75]CASADO M,GARFINKEL T,AKELLA A,et al.SANE:AProtection Architecture for Enterprise Networks[C]//Confe-rence on Usenix Security Symposium.USENIX Association,2006. [76]CASADO M,FREEDMAN M J,PETTIT J,et al.ETHANE:Taking Control of the Enterprise[C]//Proceedings of the ACM SIGCOMM 2007 Conference on Applications,Technologies,Architectures,and Protocols for Computer Communications.Kyoto,Japan,2007:27-31. [77]WANG L,LI Q,JIANG Y,et al.Woodpecker:Detecting andmitigating link-flooding attacks via SDN[J].Computer Networks,2018,147:1-13. [78]LI C,WU Y,YUAN X,et al.Detection and defense of DDoS attack-based on deep learning in OpenFlow-based SDN[J].International Journal of Communication Systems,2018,31(5):e3497. [79]JENNINGS B,MEER S V D,BALASUBRAMANIAM S,et al.Towards autonomic management of communications networks[J].IEEE Communication Magazine,2007,45(10):112-121. [80]HAMED H,AL-SHAER E.Taxonomy of conflicts in network security policies[J].Communications Magazine,IEEE,2006,44(3):134-141. [81]WOOL A.A quantitative study of firewall configuration errors[J].Computer,2004,37(6):62-67. [82]KIM H,FEAMSTER N.Improving network management with software defined networking[J].IEEE Communication Magazine,2013,51(2):114-119. [83]Software-defined networking:The new norm for networks[EB/OL].https://www.opennetworking.org/sdn-resources/sdn-library/whitepapers/benefits-of-OFB-SDN. [84]KIM W,SHARMA P,LEE J,et al.Automated and ScalableQoS Control for Network Convergence[C]//Proc.Internet Network Management Workshop/Workshop on Research on Enterprise Networking (INM/WREN).2010. [85]MATTOS D M.OMNI:OpenFlow management infrastructure[C]//International Conference on the Network of the Future.2011:52-56. [86]REXFORD J,DOVROLIS C.Future internet architecture:clean-slate versus evolutionary research[J].Communications of the ACM,2010,53(9):36-40. [87]LI T.Design goals for scalable internet routing[OL].https://www.rfc-editor.org/rfc/pdfrfc/rfc6227.txt.pdf. [88]GURTOV A.Host Identity Protocol (HIP):Towards the Secure Mobile Internet[M/OL].https://onlinelibrary.wiley.com/doi/book/10.1002/9780470772898. [89]QIN X,TANG G D,CHANG C W.SDN security control and forwarding method based on cipher identification[J].Journal on Communications,2018,39(2):31-42. |
[1] | ZHOU Jian-xin, ZHANG Zhi-peng, ZHOU Ning. Load Balancing Technology of Segment Routing Based on CKSP [J]. Computer Science, 2020, 47(4): 256-261. |
[2] | YANG Ren-yu, HAN Yi-gang, ZHANG Fan, FENG Fei. Survey of Content Centric Network Based on SDN [J]. Computer Science, 2019, 46(1): 13-20. |
[3] | SUN Tao, ZHANG Jun-xing. Review of SDN Performance Optimization Technology [J]. Computer Science, 2018, 45(11A): 84-91. |
[4] | WU Qi, WANG Xing-wei, HUANG Min. OpenFlow Switch Packets Pipeline Processing Mechanism Based on SDN [J]. Computer Science, 2018, 45(10): 295-299. |
[5] | YE Xiao-qin, REN Yan-yang, SUN Ting and HENIGULI·Wumaier. Cache Location Decision and Operating Allocation Schema Based on SDN in WMN [J]. Computer Science, 2017, 44(8): 95-99. |
[6] | NONG Huang-wu, HUANG Chuan-he and HUANG Xiao-peng. SDN-based Multipath Routing Algorithm for Fat-tree Data Center Networks [J]. Computer Science, 2016, 43(6): 32-34. |
[7] | ZHU Ge, ZENG Guo-sun, DING Chun-ling and WANG Wei. Analysis and Verification for OpenFlow Multi-switch Protocol Based on Model Checking [J]. Computer Science, 2016, 43(10): 74-80. |
[8] | XU Ming-guang, LIU Ya-ping and DENG Wen-ping. Research and Analysis of OpenDaylight Controller [J]. Computer Science, 2015, 42(Z6): 249-252. |
[9] | ZENG Shan, CHEN Gang and QI Fa-zhi. Survey on Performance of Software Defined Networking [J]. Computer Science, 2015, 42(Z6): 243-248. |
[10] | LOU Heng-yue and DOU Jun. Research on DoS Attacks Against Control Level in OpenFlow-based SDN [J]. Computer Science, 2015, 42(Z11): 341-344. |
[11] | WU Jie, FU Bin-zhang, CHEN Ming-yu and ZHANG Li-xin. Quantitative Analysis of Flow-setup Cost in OpenFlow Network [J]. Computer Science, 2015, 42(11): 59-62. |
[12] | LI Hua,HE Nan,DONG Lu-lu and LV Liang-liang. Research on OpenFlow Modeling Based on Hierarchical CPN [J]. Computer Science, 2014, 41(7): 114-118. |
|