printlogo
ETH Zuerich - Homepage
Computer Engineering and Networks Laboratory (TIK)
 
ETH Zurich - ITET - TIK - Publications
print
  

Publication Details for Inproceedings "OpenFlow: A Security Analysis"

 

 Back

 New Search

 

Authors: Rowan Klöti, Vasileios Kotronis, Paul Smith
Group: Communication Systems
Type: Inproceedings
Title: OpenFlow: A Security Analysis
Year: 2013
Month: October
Book Titel: Proceedings of the 21st IEEE International Conference on Network Protocols (ICNP)
Pages: 1-6
Publisher: IEEE
Abstract: Software Defined Networking (SDN) has been proposed as a drastic shift in the networking paradigm, by decoupling network control from the data plane and making the switching infrastructure truly programmable. The key enabler of SDN, OpenFlow, has seen widespread deployment on production networks and its adoption is constantly increasing. Although openness and programmability are primary features of OpenFlow, security is of core importance for real-world deployment. In this work, we perform a security analysis of OpenFlow using STRIDE and attack tree modeling methods, and we evaluate our approach on an emulated network testbed. The evaluation assumes an attacker model with access to the network data plane. Finally, we propose appropriate counter-measures that can potentially mitigate the security issues associated with OpenFlow networks. Our analysis and evaluation approach are not exhaustive, but are intended to be adaptable and extensible to new versions and deployment contexts of OpenFlow.
Location: Göttingen, Germany
Resources: [BibTeX] [ External LINK ] [Paper as PDF] [Slides as PDF]

 

 Back

 New Search

top
© 2019 Laboratory TIK, ETH Zurich | Imprint | Last updated on Wed, 16 May, 2018 17:35 | t=0.0029s | Valid HTML 4.01