Haggag, 2019 - Google Patents
Network optimization for improved performance and speed for SDN and security analysis of SDN vulnerabilitiesHaggag, 2019
View PDF- Document ID
- 12954969809747804492
- Author
- Haggag A
- Publication year
- Publication venue
- International Journal of Computer Networks and Communications Security
External Links
Snippet
Software defined Network (SDN) has shown a great interest since its emergence. The extreme efficiency in comparison with traditional networks and its agility introduced by separating control and data planes provided many benefits to the market. Yet, there are …
- 238000004458 analytical method 0 title abstract description 5
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
- H04L63/0218—Distributed architectures, e.g. distributed firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing packet switching networks
- H04L43/02—Arrangements for monitoring or testing packet switching networks involving a reduction of monitoring data
- H04L43/026—Arrangements for monitoring or testing packet switching networks involving a reduction of monitoring data using flow generation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing packet switching networks
- H04L43/06—Report generation
- H04L43/062—Report generation for traffic related reporting
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Shaghaghi et al. | Software-defined network (SDN) data plane security: issues, solutions, and future directions | |
| Pradhan et al. | Solutions to vulnerabilities and threats in software defined networking (SDN) | |
| Li et al. | A survey on OpenFlow-based Software Defined Networks: Security challenges and countermeasures | |
| US9800592B2 (en) | Data center architecture that supports attack detection and mitigation | |
| US20220141254A1 (en) | Consistent monitoring and analytics for security insights for network and security functions for a security service | |
| JP6980944B1 (en) | Flow metadata exchange between network and security features for security services | |
| Monshizadeh et al. | Detection as a service: An SDN application | |
| Haggag | Network optimization for improved performance and speed for SDN and security analysis of SDN vulnerabilities | |
| Tri et al. | Assessing the impact of resource attack in software defined network | |
| EP2903238A2 (en) | A router-based honeypot for detecting advanced persistent threats | |
| CN111295640B (en) | Fine-grained firewall policy enforcement using session App ID and endpoint process ID correlation | |
| Polat et al. | The effects of DoS attacks on ODL and POX SDN controllers | |
| Tudosi et al. | Secure network architecture based on distributed firewalls | |
| Brandt et al. | Security analysis of software defined networking protocols—openflow, of-config and ovsdb | |
| Smyth et al. | Exploiting pitfalls in software-defined networking implementation | |
| Pandya et al. | Framework for securing SDN southbound communication | |
| US20240372829A1 (en) | Networking and security split architecture | |
| Sattar et al. | A delay-based countermeasure against the discovery of default rules in firewalls | |
| DeCusatis et al. | Zero trust cloud networks using transport access control and high availability optical bypass switching | |
| Mutaher et al. | OPENFLOW CONTROLLER-BASED SDN: SECURITY ISSUES AND COUNTERMEASURES. | |
| Chiba et al. | An SDN-based moving target defense as a countermeasure to prevent network scans | |
| Shetty et al. | Assessing network path vulnerabilities for secure cloud computing | |
| Hyppönen | Securing a linux server against cyber attacks | |
| Bhardwaj et al. | Layer-Based Attacks in the Ternary Planes of Software-Defined Networking | |
| Ahn et al. | NetShifter: A Comprehensive Multi-Dimensional Network Obfuscation and Deception Solution |