Commenced in January 2007
Frequency: Monthly
Edition: International
Paper Count: 30458
Towards Security in Virtualization of SDN

Authors: Kai Qian, Wanqing You, Xi He, Ying Qian

Abstract:

In this paper, the potential security issues brought by the virtualization of a Software Defined Networks (SDN) would be analyzed. The virtualization of SDN is achieved by FlowVisor (FV). With FV, a physical network is divided into multiple isolated logical networks while the underlying resources are still shared by different slices (isolated logical networks). However, along with the benefits brought by network virtualization, it also presents some issues regarding security. By examining security issues existing in an OpenFlow network, which uses FlowVisor to slice it into multiple virtual networks, we hope we can get some significant results and also can get furtherdiscussions among the security of SDN virtualization.

Keywords: network virtualization, possible solutions, FlowVisor, Potential threats

Digital Object Identifier (DOI): doi.org/10.5281/zenodo.1337445

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1737

References:


[1] Rob Sherwood, Glen Gibb, Kok-kiongYap, Guido Appenzeller, Martin Casado, Nick Mckeown, and Guru Parulkar. FlowVisor: A Network Virtualization Layer.OpenFlow Switch, page 15, 2009
[2] Rowan Kloeti, OpenFlow: A Security Analysis, 2012 ftp://yosemite.ee.ethz.ch/pub/students/2012-HS/MA-2012-20_signed.pdf
[3] incntre.iu.edu/sites/default/files/FlowVisor%20Intro.pptx, accessed 2014
[4] Victor T. Costa, Luıs Henrique M. K. Costa, Vulnerability Study of FlowVisor-based Virtualized Network Environments http://www.gta.ufrj.br/wnetvirt13/papers/ts5-02.pdf
[5] Romão, Daniel, et al. "Practical security analysis of OpenFlow implementation." ,2013
[6] D. Kreutz, F. Ramos, and P. Verissimo, "Towards secure and dependable software-defined networks,” in Proceedings of the second ACM SIGCOMM workshop on Hot topics in software defined networking. ACM,pp. 55–60, 2013
[7] Canini, Marco, et al. "A NICE way to test OpenFlow applications." NSDI,04/2012
[8] Khurshid, Ahmed, et al. "Veriflow: Verifying network-wide invariants in real time." ACM SIGCOMM Computer Communication Review 42.4: 467-472, 2012