Detection of Security and Safety Threats related to the Control of a SDN Architecture
Autor: | Thierry Divoux, Jean-Philippe Georges, Loïc Desgeorges |
---|---|
Přispěvatelé: | Desgeorges, Loïc, ISITE - Isite LUE - - LUE2015 - ANR-15-IDEX-0004 - IDEX - VALID, Centre de Recherche en Automatique de Nancy (CRAN), Université de Lorraine (UL)-Centre National de la Recherche Scientifique (CNRS), Digitrust, ANR-15-IDEX-0004,LUE,Isite LUE(2015) |
Rok vydání: | 2021 |
Předmět: |
0209 industrial biotechnology
Observability [INFO.INFO-NI] Computer Science [cs]/Networking and Internet Architecture [cs.NI] Computer science Distributed computing Interface (computing) Control (management) 020206 networking & telecommunications 02 engineering and technology Intrusion detection system Multi-Controllers Software-Defined Networking Field (computer science) [SPI.AUTO]Engineering Sciences [physics]/Automatic [INFO.INFO-NI]Computer Science [cs]/Networking and Internet Architecture [cs.NI] [SPI.AUTO] Engineering Sciences [physics]/Automatic 020901 industrial engineering & automation Control and Systems Engineering Control theory Security 0202 electrical engineering electronic engineering information engineering Use case Safety Control logic Software-defined networking |
Zdroj: | 4th IFAC Conference on Embedded Systems, Computational Intelligence and Telematics in Control, CESCIT 2021 4th IFAC Conference on Embedded Systems, Computational Intelligence and Telematics in Control, CESCIT 2021, Jul 2021, Valenciennes (virtuel), France |
ISSN: | 2405-8963 |
DOI: | 10.1016/j.ifacol.2021.10.026 |
Popis: | International audience; Software Defined Networking is a concept within the networking field which proposed a centralized control considering the control and data planes. To overcome the safety and security threats, solutions might be divided into two categories: enforcing the controller to make it more robust or the architecture using a multi-controller approach. This work aims to pave the way for a multi-controller architecture without East-West interface to avoid the spreading of an attack. There is one nominal controller in charge of the control while the second observes the traffic at the Southbound interface to detect anomalies of control. A detection method is introduced theoretically and relies on Intrusion Detection System theory, more precisely the specificationbased. Here, the specification is a template determined through a projection function of the control logic. The template is compared to the activity of the command observed such that any deviation generates an alarm. The method is finally explained in use cases. |
Databáze: | OpenAIRE |
Externí odkaz: |