Research Article
Bridging the Gap Between Security Tools and SDN Controllers
@ARTICLE{10.4108/eai.10-1-2019.156242, author={Li Wang and Dinghao Wu}, title={Bridging the Gap Between Security Tools and SDN Controllers}, journal={EAI Endorsed Transactions on Security and Safety}, volume={5}, number={17}, publisher={EAI}, journal_a={SESA}, year={2018}, month={12}, keywords={Software-defined networking (SDN), Network Function Virtualization (NFV), OpenFlow, SDN security application, SDN controller}, doi={10.4108/eai.10-1-2019.156242} }- Li Wang
Dinghao Wu
Year: 2018
Bridging the Gap Between Security Tools and SDN Controllers
SESA
EAI
DOI: 10.4108/eai.10-1-2019.156242
Abstract
Software-Defined Networking (SDN) is a promising paradigm to improve network security protections. However, current SDN-based security solutions can hardly provide suÿcient protections in a real SDN network, due to several reasons: 1) they are implemented at either the centralized SDN controllers or the decentralized network devices, which are subject to a performance limitation; 2) their designs are confined by the SDN network characteristics and can only provide limited security functions; and 3) many solutions have deployment challenges and compatibility issues. In this paper, we propose SecControl, a practical network protection framework combining the existing security tools and SDN technologies, to produce a comprehensive network security solution in an SDN environment. We implement a SecControl prototype with OpenFlow and evaluate its effectiveness and performance. Our experiment shows that SecControl can cooperate with many mainstream security tools and provide effective defense responses over SDN-supported networks.
Copyright © 2018 Li Wang and Dinghao Wu, licensed to EAI. This is an open access article distributed under the terms of the Creative Commons Attribution license (http://creativecommons.org/licenses/by/3.0/), which permits unlimited use, distribution and reproduction in any medium so long as the original work is properly cited.
