An Efficient Defense Method For Compromised Switch and Middlebox-Bypass Attacks In Service Function Chaining
DC Field | Value | Language |
---|---|---|
dc.contributor.author | Nguyen Canh Thang | - |
dc.contributor.author | Park, Minho | - |
dc.date.available | 2021-03-02T02:40:10Z | - |
dc.date.created | 2021-03-02 | - |
dc.date.issued | 2020-12 | - |
dc.identifier.issn | 1229-2370 | - |
dc.identifier.uri | http://scholarworks.bwise.kr/ssu/handle/2018.sw.ssu/40290 | - |
dc.description.abstract | Service function chaining (SFC) has a special and powerful ability to define an ordered list of required network services as a virtual chain and makes a network more flexible and manageable. However, there are many vulnerabilities to SFC, such as compromised switches and middlebox-bypass attacks, which can damage the operation and security of the network. In this study, we propose a mechanism that not only detects both middlebox-bypass attacks and compromised switch attacks in multiple service function chains scenario but also prevents such attacks and protects the network. The proposed mechanism uses both probe-based and statistics-based methods to handle the probe packets and collect statistics from middleboxes for detecting any attacks in SFC. After detection, the mechanism changes the network topology to eliminate the compromised switches, while meeting the initial requirements of the service chains. By combining probe-based and statistics-based methods, our proposal overcomes the disadvantages of other proposed solutions and brings about a robust protection to SFC. As the experimental results indicate, the proposed mechanism is an effective and relevant approach for detecting and preventing compromised switches and middlebox-bypass attacks in SFC. | - |
dc.language | 영어 | - |
dc.language.iso | en | - |
dc.publisher | KOREAN INST COMMUNICATIONS SCIENCES (K I C S) | - |
dc.relation.isPartOf | JOURNAL OF COMMUNICATIONS AND NETWORKS | - |
dc.title | An Efficient Defense Method For Compromised Switch and Middlebox-Bypass Attacks In Service Function Chaining | - |
dc.type | Article | - |
dc.identifier.doi | 10.23919/JCN.2020.000028 | - |
dc.type.rims | ART | - |
dc.identifier.bibliographicCitation | JOURNAL OF COMMUNICATIONS AND NETWORKS, v.22, no.6, pp.493 - 504 | - |
dc.description.journalClass | 1 | - |
dc.identifier.wosid | 000611082700007 | - |
dc.citation.endPage | 504 | - |
dc.citation.number | 6 | - |
dc.citation.startPage | 493 | - |
dc.citation.title | JOURNAL OF COMMUNICATIONS AND NETWORKS | - |
dc.citation.volume | 22 | - |
dc.contributor.affiliatedAuthor | Park, Minho | - |
dc.type.docType | Article | - |
dc.description.isOpenAccess | N | - |
dc.subject.keywordAuthor | Compromised switches | - |
dc.subject.keywordAuthor | middlebox-bypass attack | - |
dc.subject.keywordAuthor | service function chaining (SFC) | - |
dc.relation.journalResearchArea | Computer Science | - |
dc.relation.journalResearchArea | Telecommunications | - |
dc.relation.journalWebOfScienceCategory | Computer Science, Information Systems | - |
dc.relation.journalWebOfScienceCategory | Telecommunications | - |
dc.description.journalRegisteredClass | scie | - |
dc.description.journalRegisteredClass | scopus | - |
dc.description.journalRegisteredClass | kci | - |
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.
Soongsil University Library 369 Sangdo-Ro, Dongjak-Gu, Seoul, Korea (06978)02-820-0733
COPYRIGHT ⓒ SOONGSIL UNIVERSITY, ALL RIGHTS RESERVED.
Certain data included herein are derived from the © Web of Science of Clarivate Analytics. All rights reserved.
You may not copy or re-distribute this material in whole or in part without the prior written consent of Clarivate Analytics.