Detection of Security and Safety Threats related to the Control of a SDN Architecture

Autor: Thierry Divoux, Jean-Philippe Georges, Loïc Desgeorges
Přispěvatelé: Desgeorges, Loïc, ISITE - Isite LUE - - LUE2015 - ANR-15-IDEX-0004 - IDEX - VALID, Centre de Recherche en Automatique de Nancy (CRAN), Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS), Digitrust, ANR-15-IDEX-0004,LUE,Isite LUE(2015)
Rok vydání: 2021
Předmět:
Zdroj: 4th IFAC Conference on Embedded Systems, Computational Intelligence and Telematics in Control, CESCIT 2021
4th IFAC Conference on Embedded Systems, Computational Intelligence and Telematics in Control, CESCIT 2021, Jul 2021, Valenciennes (virtuel), France
ISSN: 2405-8963
DOI: 10.1016/j.ifacol.2021.10.026
Popis: International audience; Software Defined Networking is a concept within the networking field which proposed a centralized control considering the control and data planes. To overcome the safety and security threats, solutions might be divided into two categories: enforcing the controller to make it more robust or the architecture using a multi-controller approach. This work aims to pave the way for a multi-controller architecture without East-West interface to avoid the spreading of an attack. There is one nominal controller in charge of the control while the second observes the traffic at the Southbound interface to detect anomalies of control. A detection method is introduced theoretically and relies on Intrusion Detection System theory, more precisely the specificationbased. Here, the specification is a template determined through a projection function of the control logic. The template is compared to the activity of the command observed such that any deviation generates an alarm. The method is finally explained in use cases.
Databáze: OpenAIRE