TY - GEN
T1 - SDN-based edge computing security
T2 - 4th ACM/IEEE Symposium on Edge Computing, SEC 2019
AU - Bardya, Sonali Sen
AU - Hewett, Rattikorn
PY - 2019/11/7
Y1 - 2019/11/7
N2 - Edge Computing and Software Defined Networking (SDN) are two emerging technologies that have increasingly become popular for implementing modern infrastructures. The former enables data computation to be performed at the edge of the network (of users) giving benefits over cloud computing when large amount of data is produced near the edge. The latter offers advantages of programmable and flexible network management over the traditional practice. Recent research has focused on how to utilize SDN paradigm to enhance Edge Computing. As more and more SDN-based Edge Computing systems are being developed, it is necessary to consider security issues especially those that are inherent from SDN. This paper addresses an important SDN specific security breach, namely a flow rule attack, where a network switch is compromised and its flow rule for data transmission routing is modified. This attack can potentially lead to many devastating consequences including disruption of network traffic and denial of services. The paper presents an approach to flow rule attack detection and lightweight mitigation techniques that can be performed by the SDNs controller. To evaluate our detection and mitigation mechanisms, the paper describes experiments on simulation that shows promising results.
AB - Edge Computing and Software Defined Networking (SDN) are two emerging technologies that have increasingly become popular for implementing modern infrastructures. The former enables data computation to be performed at the edge of the network (of users) giving benefits over cloud computing when large amount of data is produced near the edge. The latter offers advantages of programmable and flexible network management over the traditional practice. Recent research has focused on how to utilize SDN paradigm to enhance Edge Computing. As more and more SDN-based Edge Computing systems are being developed, it is necessary to consider security issues especially those that are inherent from SDN. This paper addresses an important SDN specific security breach, namely a flow rule attack, where a network switch is compromised and its flow rule for data transmission routing is modified. This attack can potentially lead to many devastating consequences including disruption of network traffic and denial of services. The paper presents an approach to flow rule attack detection and lightweight mitigation techniques that can be performed by the SDNs controller. To evaluate our detection and mitigation mechanisms, the paper describes experiments on simulation that shows promising results.
KW - Flow rule attacks
KW - SDN security
KW - SDN-based edge computing
KW - Software-Defined Networking
UR - http://www.scopus.com/inward/record.url?scp=85076260296&partnerID=8YFLogxK
U2 - 10.1145/3318216.3363374
DO - 10.1145/3318216.3363374
M3 - Conference contribution
T3 - Proceedings of the 4th ACM/IEEE Symposium on Edge Computing, SEC 2019
SP - 364
EP - 370
BT - Proceedings of the 4th ACM/IEEE Symposium on Edge Computing, SEC 2019
PB - Association for Computing Machinery, Inc
Y2 - 7 November 2019 through 9 November 2019
ER -