2 Example literature review PDF

Preview

Summary

Download 2 Example literature review PDF

Description

RESEARCH METHODS & PROJECT DESIGN ( MN 691)

Sc School hool of IT & Engi Engineering neering Mel Melbour bour bourne ne IInsti nsti nstitute tute of Tec echnolog hnolog hnologyy

Submitted to : Savitri Bevinakoppa (Course Coordinator)

Prepared by : Akshay Chawla MIT141559 03-08-2016

LITERATURE REVIEW ON SECURITY ISSUES IN SDN Software defined networking is one of the emerging technology in communication to meet the future need of users and applications. But there are some security challenges which need to addressed before implementing it widely. Some of the literature reviews on security challenges are discussed below to understand the possible threat to the new technology.

1. MAN-IN-THE-MIDDLE ATTACK IN SDN AND ITS COUNTER MEASURES According to given journal one of the security challenges in SDN is man-in-themiddle attack. As we know in SDN the forwarding plane is decoupled from control plane. This attack occurs in forwarding plane due to lack of authentication and sending of text in clear format. To overcome this proper encryption and digital signatures can be used to verify the users[1]. 2. DISTRIBUTED DENIAL OF SERVICE ATTACK IN SDN The given article describes that with advancements in SDN based cloud, the main challenge in this is DDos. There are 2 types of DDOS attacks, first occurs at transport level and other at application level. The potential reasons for these attacks in SDN are virtualisation technology and centralised control in SDN. Destination based mechanism, network based mechanism and hybrid mechanisms are possible countermeasure which should be taken in SDN based cloud[2]. 3. DATA LEAKAGE IN SDN As SDN uses open flow mechanism to transfer packet from source to destination via controller. This will make the attacker to calculate the packet processing time for the packet and take any harmful action on it. The data can be altered by the attacker or can be leaked to use for harmful purposes[3]. 4. VULNERABILITY OF SDN CONTROLLER As in SDN the application and controller have full control over the network which runs through open flow communication standard. If any attacker gets

access to the central controller then he can get access to full network which is very harmful for all users and network functioning. The whole network will have to compromise instead of single host[4]. 5 LACK OF IMPLEMENTATION OF ITRUSION DETECTION SYSTEM IN SDN As controller is the heart of SDN therefore it is necessary to protect it from any malicious programing intrusion by attacker. Till now no SDN controller has an effective intrusion detection system which protects it from malicious programing input from every angle of vulnerability. This problem is due to virtualization of whole network and devices[5]. 6. PACKET ENCRYPTION AND TUNNELING BYPASSING This is one of the data plane security threats which are caused by invisible header field of the packet. An attacker can insert malicious header to the packet which take the user to different source or destination in which attacker gets control over user information and steal some personal information for its own benefit. Possible solution to overcome this problem is implement packet type classification based traffic analysis[6]. 7. SACALABILITY ISSUE IN SDN In open flow, the centralised controller makes every decision about the flow of the packet by installed flow rules. If the controllers are required to install flow rules for each new flow in the data path, the controller can easily become bottleneck. The open flow controller available today is not capable of handling new flows as per requirement. Therefore lack of scalability increase chances denial of service attack and DDos attacks[7]. 8. REPLAY ATTACK IN SDN This is also one of the forwarding control plane attacks which is caused by lack of time stamping and sending of clear text. The user gets easily targeted from this and increases the chance of denial of service attack at the controller level. This can be minimised by encryption and time stamping inclusion in encrypted messages[8].

9. TAMPERING ISSUE IN SDN Tampering is also the potential threat in control plane of the SDN architecture. An attacker may insert false rule to the controller and modify the packet. Due to this integrity of the system is highly on risk[9].

REFERENCES [1] M. Dabbagh, "Software-defined networking security: pros and cons", IEEE Communications Magazine, vol. 53, no. 6, pp. 73-79, 2015. [2]Q. Yan and F. Yu, "Software-Defined Networking (SDN) and Distributed Denial of Service (DDoS) Attacks in Cloud Computing Environments: A Survey, Some Research Issues, and Challenges", IEEE Communications Surveys &, vol. 18, no. 1, pp. 602-622, 2016. [3]S. Hayward and S. Natarajan, "A Survey of Security in Software Defined Networks", IEEE Communications Surveys &, vol. 18, no. 1, pp. 623-654, 2016. [4]R. Hinden, "Why Take Over the Hosts When You Can Take Over the Network", in SDN and security, san francisco, 2014, pp. 1-41. [5]G. Garg and R. Garg, "Review On Architecture & Security Issues of SDN", in International Conference on Innovative Research in Computer and Communication Engineering, chandigarh, 2014, pp. 1-6. [6]Feghali and R. Kilany, "SDN security problems and solutions analysis", in 2015 International Conference on Protocol Engineering (ICPE) and International Conference on New Technologies of Distributed Systems (NTDS), paris, 2015, pp. 1-5. [7]Ahmad, S. Nama and A. Gurtov, "Security in Software Defined Networks: A Survey", IEEE Communications Surveys &, vol. 17, no. 4, pp. 2317-2346, 2015. [8] M. Guizani, D. He, K. Ren, J. J. P. Rodrigues, S. Chan, and Y. Zhang, “Security and privacy in emerging networks: Part II [Guest Editorial],” IEEE Commun. Mag. IEEE Communications Magazine, vol. 53, no. 8, pp. 40–41, 2015. [9]D. Kreutz, F. M. V. Ramos, P. E. Verissimo, C. E. Rothenberg, S. Azodolmolky, and S. Uhlig, “Software-Defined Networking: A Comprehensive Survey,” Proceedings of the IEEE Proc. IEEE, vol. 103, no. 1, pp. 14–76, 2015....