Visible to the public Biblio

Filters: Author is Alshamrani, Adel  [Clear All Filters]
Chowdhary, Ankur, Huang, Dijiang, Alshamrani, Adel, Kang, Myong, Kim, Anya, Velazquez, Alexander.  2019.  TRUFL: Distributed Trust Management Framework in SDN. ICC 2019 - 2019 IEEE International Conference on Communications (ICC). :1–6.
Software Defined Networking (SDN) has emerged as a revolutionary paradigm to manage cloud infrastructure. SDN lacks scalable trust setup and verification mechanism between Data Plane-Control Plane elements, Control Plane elements, and Control Plane-Application Plane. Trust management schemes like Public Key Infrastructure (PKI) used currently in SDN are slow for trust establishment in a larger cloud environment. We propose a distributed trust mechanism - TRUFL to establish and verify trust in SDN. The distributed framework utilizes parallelism in trust management, in effect faster transfer rates and reduced latency compared to centralized trust management. The TRUFL framework scales well with the number of OpenFlow rules when compared to existing research works.
Chowdhary, Ankur, Alshamrani, Adel, Huang, Dijiang, Liang, Hongbin.  2018.  MTD Analysis and Evaluation Framework in Software Defined Network (MASON). Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization. :43–48.
Security issues in a Software Defined Network (SDN) environment like system vulnerabilities and intrusion attempts can pose a security risk for multi-tenant network managed by SDN. In this research work, Moving target defense (MTD)technique based on shuffle strategy - port hopping has been employed to increase the difficulty for the attacker trying to exploit the cloud network. Our research workMASON, considers the problem of multi-stage attacks in a network managed using SDN. SDN controller can be used to dynamically reconfigure the network and render attacker»s knowledge in multi-stage attacks redundant. We have used a threat score based on vulnerability information and intrusion attempts to identify Virtual Machines (VMs) in systems with high-security risk and implement MTD countermeasures port hopping to assess threat score reduction in a cloud network.
Chowdhary, Ankur, Pisharody, Sandeep, Alshamrani, Adel, Huang, Dijiang.  2017.  Dynamic Game Based Security Framework in SDN-enabled Cloud Networking Environments. Proceedings of the ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization. :53–58.
SDN provides a way to manage complex networks by introducing programmability and abstraction of the control plane. All networks suffer from attacks to critical infrastructure and services such as DDoS attacks. We make use of the programmability provided by the SDN environment to provide a game theoretic attack analysis and countermeasure selection model in this research work. The model is based on reward and punishment in a dynamic game with multiple players. The network bandwidth of attackers is downgraded for a certain period of time, and restored to normal when the player resumes cooperation. The presented solution is based on Nash Folk Theorem, which is used to implement a punishment mechanism for attackers who are part of DDoS traffic, and reward for players who cooperate, in effect enforcing desired outcome for the network administrator.