Accession Number : ADA607173


Title :   Hardening Software Defined Networks


Descriptive Note : Final technical rept. Dec 2012-Jan 2014


Corporate Author : INDIANA UNIV AT BLOOMINGTON


Personal Author(s) : Camp, Jean ; Anderson, Ross ; odlyzko, Ander ; Zhang, Zhi-Lang ; Hall, Chris ; Small, Chris ; Kelley, Tim


Full Text : https://apps.dtic.mil/dtic/tr/fulltext/u2/a607173.pdf


Report Date : Jul 2014


Pagination or Media Count : 65


Abstract : Software Defined Networking (SDN) presents an extremely rare point of inflection which offers the potential to leverage the economics of SDN to harden the network as a whole. Utilizing this inflection point requires security technologies that have two characteristics. First, security technologies must be incentive-aligned for initial adoption. Securing SDN requires designing technologies that provide immediate returns for the early adopters. Compare with BGPSEC, which helps only peers and not the investing organization. We have a demonstration providing risk-aware routing given the previous RIB. Second, the technologies must function without complete adoption. And of course, third, these must be resilient against attack. Compare with egress filtering, which works with ISP adoption. We offer a proof of concept showing herd immunity to classes of DoS attacks with partial adoption by second-tier ISP s. Failing to secure next-generation networks risks increasingly vulnerable cyber=physical systems, including homes and even individual persons as the internet of things is diffused to households and surgeries. We focused on six use cases: data centers, then large ISPs, an IXP case, two cyber-physical cases, and the case of the next generation battlefield. The two cyber-physical cases were international airports and industrial control systems.


Descriptors :   *COMPUTER NETWORKS , *COMPUTER PROGRAMS , ATTACK , DATA TRANSMISSION SECURITY , ECONOMICS , HUMAN FACTORS ENGINEERING


Subject Categories : Computer Programming and Software


Distribution Statement : APPROVED FOR PUBLIC RELEASE