Search for: All records

In the Software Defined Networking (SDN) and Network Function Virtualization (NFV) era, it is critical to enable dynamic network access control. Traditionally, network access control policies are statically predefined as router entries or firewall rules. SDN enables more flexibility by re-actively installing flow rules into the switches to achieve dynamic network access control. However, SDN is limited in capturing network anomalies, which are usually important signs of security threats. In this paper, we propose to employ anomaly-based Intrusion Detection System (IDS) to capture network anomalies and generate SDN flow rules to enable dynamic network access control. We gain the knowledge of network anomalies from anomaly-based IDS by training an interpretable model to explain its outcome. Based on the explanation, we derive access control policies. We demonstrate the feasibility of our approach by explaining the outcome of an anomaly-based IDS built upon a Recurrent Neural Network (RNN) and generating SDN flow rules based on our explanation. 

Software-Defined Networking (SDN) has been changing inflexible networks in software-based programmable networks for more flexibility, scalability, and visibility into networking. At the same time, it brings many new security challenges, but there are very few educational materials for students in learning about SDN security. In this workshop, we present our newly designed SDN security education materials, which can be used to meet the ever-increasing demand for high-quality cybersecurity professionals with expertise in SDN security. For effective hands-on learning, the security labs are designed in CloudLab, a free open cloud platform supported by NSF. Participants receive handouts describing security problems, lab instructions, techniques to use CloudLab, and worksheets for Q&A, which can be directly used for their networking classes at their home institutions. The workshop proceeds in three sessions in which we: present the way to use CloudLab and to understand SDN; practice in simulating three networking attacks in SDN on CloudLab; and discussion and critique in small groups for new SDN security labs. 

Software-Defined Networking (SDN) represents a major shift from ossified hardware-based networks to programmable software-based networks. It introduces significant granularity, visibility, and flexibility into networking, but at the same time brings new security challenges. Although the research community is making progress in addressing both the opportunities in SDN and the accompanying security challenges, very few educational materials have been designed to incorporate the latest research results and engage students in learning about SDN security. In this paper, we presents our newly designed SDN security education materials, which can be used to meet the ever-increasing demand for high quality cybersecurity professionals with expertise in SDN security. The designed security education materials incorporate the latest research results in SDN security and are integrated into CloudLab, an open cloud platform, for effective hands-on learning. Through a user study, we demonstrate that students have a better understanding of SDN security after participating in these well-designed CloudLab-based security labs, and they also acquired strong research interests in SDN security.