poster

POSTER: OFX: Enabling OpenFlow Extensions for Switch-Level Security Applications

Authors:

John Sonchack,

Adam J. Aviv,

Eric Keller,

Jonathan M. SmithAuthors Info & Claims

CCS '15: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security

Pages 1678 - 1680

https://doi.org/10.1145/2810103.2810120

Published: 12 October 2015 Publication History

Get Access

Abstract

Network Security applications that run on Software Defined Networks (SDNs) often need to analyze and process traffic in advanced ways. Existing approaches to adding such functionality to SDNs suffer from either poor performance, or poor deployability. In this paper, we propose and benchmark OFX: an OpenFlow extension framework that provides a better tradeoff between performance and deployability for SDN security applications by allowing them to dynamically install software modules onto network switches.

References

[1]

Hping 3. http://www.hping.org/hping3.html, 2014.

Google Scholar

[2]

Open network linux. http://opennetlinux.org, 2014.

Google Scholar

[3]

White box switchs. http://www.whiteboxswitch.com, 2015.

Google Scholar

[4]

R. Braga, E. Mota, and A. Passito. Lightweight ddos flooding attack detection using nox/openflow. In Local Computer Networks (LCN), 2010 IEEE 35th Conference on, pages 408--415. IEEE, 2010.

Digital Library

Google Scholar

[5]

A. R. Curtis, J. C. Mogul, J. Tourrilhes, P. Yalagandula, P. Sharma, and S. Banerjee. DevoFlow: Scaling Flow Management for High-performance Networks. In Proc. SIGCOMM, 2011.

Digital Library

Google Scholar

[6]

J. H. Jafarian, E. Al-Shaer, and Q. Duan. Openflow random host mutation: transparent moving target defense using software defined networking. In Proc. Workshop on Hot topics in software defined networks (HotSDN), 2012.

Digital Library

Google Scholar

[7]

S. A. Mehdi, J. Khalid, and S. A. Khayam. Revisiting traffic anomaly detection using software defined networking. In Recent Advances in Intrusion Detection, pages 161--180. Springer, 2011.

Digital Library

Google Scholar

[8]

S. Shin, P. Porras, V. Yegneswaran, M. Fong, G. Gu, and M. Tyson. Fresco: Modular composable security services for software-defined networks. In Proc. Network and Distributed System Security Symposium (NDSS), February 2013.

Google Scholar

[9]

S. Shin, V. Yegneswaran, P. Porras, and G. Gu. AVANT-GUARD: Scalable and Vigilant Switch Flow Management in Software-defined Networks. In Proc. ACM SIGSAC Conference on Computer and Communications Security (CCS), 2013.

Digital Library

Google Scholar

Cited By

View all

Ahmed NBakar KZuhra FKehkashan TMujahid MRathore MDawood MIsyaku B(2022)Security & Privacy in Software Defined Networks, Issues, Challenges and Cost of Developed Solutions: A Systematic Literature ReviewInternational Journal of Wireless Information Networks10.1007/s10776-022-00561-y29:3(314-340)Online publication date: 23-Jun-2022
https://doi.org/10.1007/s10776-022-00561-y
Fukuda HKojima S(2019)PRS: A payload inspection mechanism for Software Defined Network2019 16th IEEE Annual Consumer Communications & Networking Conference (CCNC)10.1109/CCNC.2019.8651729(1-6)Online publication date: Jan-2019
https://doi.org/10.1109/CCNC.2019.8651729
Tseng YNaït‐Abdesselam FKhokhar A(2018)A comprehensive 3‐dimensional security analysis of a controller in software‐defined networkingSECURITY AND PRIVACY10.1002/spy2.211:2Online publication date: 29-Apr-2018
https://doi.org/10.1002/spy2.21
Show More Cited By

Index Terms

POSTER: OFX: Enabling OpenFlow Extensions for Switch-Level Security Applications
1. Security and privacy
  1. Network security

Recommendations

Security in Software Defined Networks: A Survey
Software defined networking (SDN) decouples the network control and data planes. The network intelligence and state are logically centralized and the underlying network infrastructure is abstracted from applications. SDN enhances network security by means ...
Available bandwidth measurement in software defined networks
SAC '16: Proceedings of the 31st Annual ACM Symposium on Applied Computing

Software Defined Networking (SDN) is an emerging paradigm that is expected to revolutionize computer networks. With the decoupling of data and control plane and the introduction of open communication interfaces between layers, SDN enables programmability ...
Challenges and Preparedness of SDN-based Firewalls
SDN-NFV Sec'18: Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization

Software-Defined Network (SDN) is a novel architecture created to address the issues of traditional and vertically integrated networks. To increase cost-effectiveness and enable logical control, SDN provides high programmability and centralized view of ...

Comments

Information & Contributors

Information

Published In

CCS '15: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security

October 2015

1750 pages

ISBN:9781450338325

DOI:10.1145/2810103

General Chair:
Indrajit Ray
Colorado State University, USA
,
Program Chairs:
Ninghui Li
Purdue University, USA
,
Christopher Kruegel
University of California, Santa Barbara, USA

Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the Owner/Author.

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 12 October 2015

Check for updates

Author Tags

Qualifiers

Poster

Funding Sources

National Science Foundation

Conference

CCS'15

Sponsor:

SIGSAC

CCS'15: The 22nd ACM Conference on Computer and Communications Security

October 12 - 16, 2015

Colorado, Denver, USA

Acceptance Rates

CCS '15 Paper Acceptance Rate 128 of 660 submissions, 19%;

Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Upcoming Conference

CCS '25

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 13 - 17, 2025

Taipei , Taiwan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

6
Total Citations
View Citations
407
Total Downloads

Downloads (Last 12 months)5
Downloads (Last 6 weeks)1

Reflects downloads up to 08 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Ahmed NBakar KZuhra FKehkashan TMujahid MRathore MDawood MIsyaku B(2022)Security & Privacy in Software Defined Networks, Issues, Challenges and Cost of Developed Solutions: A Systematic Literature ReviewInternational Journal of Wireless Information Networks10.1007/s10776-022-00561-y29:3(314-340)Online publication date: 23-Jun-2022
https://doi.org/10.1007/s10776-022-00561-y
Fukuda HKojima S(2019)PRS: A payload inspection mechanism for Software Defined Network2019 16th IEEE Annual Consumer Communications & Networking Conference (CCNC)10.1109/CCNC.2019.8651729(1-6)Online publication date: Jan-2019
https://doi.org/10.1109/CCNC.2019.8651729
Tseng YNaït‐Abdesselam FKhokhar A(2018)A comprehensive 3‐dimensional security analysis of a controller in software‐defined networkingSECURITY AND PRIVACY10.1002/spy2.211:2Online publication date: 29-Apr-2018
https://doi.org/10.1002/spy2.21
Park TKim YShin SAhn GGu GHu HShin S(2016)UNISAFEProceedings of the 2016 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization10.1145/2876019.2876025(13-18)Online publication date: 11-Mar-2016
https://dl.acm.org/doi/10.1145/2876019.2876025
Yang JYang XZhou ZWu XBenson THu C(2016)FOCUS: Function Offloading from a Controller to Utilize Switch power2016 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN)10.1109/NFV-SDN.2016.7919498(199-205)Online publication date: Nov-2016
https://doi.org/10.1109/NFV-SDN.2016.7919498
Li WMeng WKwok L(2016)A survey on OpenFlow-based Software Defined NetworksJournal of Network and Computer Applications10.1016/j.jnca.2016.04.01168:C(126-139)Online publication date: 1-Jun-2016
https://dl.acm.org/doi/10.1016/j.jnca.2016.04.011

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Abstract

References

Cited By

Index Terms

Recommendations

Security in Software Defined Networks: A Survey

Available bandwidth measurement in software defined networks

Challenges and Preparedness of SDN-based Firewalls

Comments

Information

Published In

Sponsors

Publisher

Publication History

Check for updates

Author Tags

Qualifiers

Funding Sources

Conference

Acceptance Rates

Upcoming Conference

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

Login options

Full Access

View options

PDF

eReader

Share

Share this Publication link

Share on social media

Affiliations