Visible to the public Security and Performance Modeling and Optimization for Software Defined Networking

TitleSecurity and Performance Modeling and Optimization for Software Defined Networking
Publication TypeConference Paper
Year of Publication2019
AuthorsEom, Taehoon, Hong, Jin Bum, An, SeongMo, Park, Jong Sou, Kim, Dong Seong
Conference Name2019 18th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/13th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE)
Date Publishedaug
Keywordsbig data security metrics, communication demands, computer network security, Computing Theory, Databases, Generators, genetic algorithm, genetic algorithms, graphical security models, Measurement, network traffic, networking capabilities, Optimization, performance constraints, Performance modeling, pubcrawl, queueing theory, resilience, Resiliency, Scalability, SDN, security, security constraints, security metrics, security modeling, Security Optimization, security optimization approach, software defined networking, telecommunication traffic, Web servers

Software Defined Networking (SDN) provides new functionalities to efficiently manage the network traffic, which can be used to enhance the networking capabilities to support the growing communication demands today. But at the same time, it introduces new attack vectors that can be exploited by attackers. Hence, evaluating and selecting countermeasures to optimize the security of the SDN is of paramount importance. However, one should also take into account the trade-off between security and performance of the SDN. In this paper, we present a security optimization approach for the SDN taking into account the trade-off between security and performance. We evaluate the security of the SDN using graphical security models and metrics, and use queuing models to measure the performance of the SDN. Further, we use Genetic Algorithms, namely NSGA-II, to optimally select the countermeasure with performance and security constraints. Our experimental analysis results show that the proposed approach can efficiently compute the countermeasures that will optimize the security of the SDN while satisfying the performance constraints.

Citation Keyeom_security_2019