Visible to the public Biblio

Filters: Keyword is A Monitoring, Fusion and Response Framework to Provide Cyber Resiliency  [Clear All Filters]
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z   [Show ALL]
Ben Ujcich, University of Illinois at Urbana-Champaign.  2017.  Securing SDNs with App Provenance.

Presented at the UIUC/R2 Monthly Meeting on September 18, 2017.

Benjamin E. Ujcich, University of Illinois at Urbana-Champaign, Andrew Miller, University of Illinois at Urbana-Champaign, Adam Bates, University of Illinois at Urbana-Champaign, William H. Sanders, University of Illinois at Urbana-Champaign.  2017.  Towards an Accountable Software-Defined Networking Architecture. 3rd IEEE Conference on Network Softwarization (NetSoft 2017).

Software-defined networking (SDN) overcomes many limitations of traditional networking architectures because of its programmable and flexible nature. Security applications,for instance, can dynamically reprogram a network to respond to ongoing threats in real time. However, the same flexibility also creates risk, since it can be used against the network. Current SDN architectures potentially allow adversaries to disrupt one or more SDN system components and to hide their actions in doing so. That makes assurance and reasoning about past network
events more difficult, if not impossible. In this paper, we argue that an SDN architecture must incorporate various notions of accountability for achieving systemwide cyber resiliency goals.
We analyze accountability based on a conceptual framework, and we identify how that analysis fits in with the SDN architecture’s entities and processes. We further consider a case study in which accountability is necessary for SDN network applications, and we discuss the limits of current approaches.