Visible to the public Towards an Accountable Software-Defined Networking ArchitectureConflict Detection Enabled

TitleTowards an Accountable Software-Defined Networking Architecture
Publication TypeConference Paper
Year of Publication2017
AuthorsBenjamin E. Ujcich, University of Illinois at Urbana-Champaign, Andrew Miller, University of Illinois at Urbana-Champaign, Adam Bates, University of Illinois at Urbana-Champaign, William H. Sanders, University of Illinois at Urbana-Champaign
Conference Name3rd IEEE Conference on Network Softwarization (NetSoft 2017)
PublisherInstitute of Electrical and Electronics Engineers
Conference LocationBologna, Italy
KeywordsA Monitoring, Fusion and Response Framework to Provide Cyber Resiliency, network accountability, science of security
Abstract

Software-defined networking (SDN) overcomes many limitations of traditional networking architectures because of its programmable and flexible nature. Security applications,for instance, can dynamically reprogram a network to respond to ongoing threats in real time. However, the same flexibility also creates risk, since it can be used against the network. Current SDN architectures potentially allow adversaries to disrupt one or more SDN system components and to hide their actions in doing so. That makes assurance and reasoning about past network
events more difficult, if not impossible. In this paper, we argue that an SDN architecture must incorporate various notions of accountability for achieving systemwide cyber resiliency goals.
We analyze accountability based on a conceptual framework, and we identify how that analysis fits in with the SDN architecture's entities and processes. We further consider a case study in which accountability is necessary for SDN network applications, and we discuss the limits of current approaches.

Citation Keynode-36600

Other available formats:

Towards an Accountable Software-Defined Networking Architecture