Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Attack Modeling and Risk Assessments in Software Defined networking (SDN)
Linnaeus University, Faculty of Technology, Department of computer science and media technology (CM).
2019 (English)Independent thesis Basic level (degree of Bachelor), 10 credits / 15 HE creditsStudent thesis
Abstract [en]

Software Defined Networking (SDN) is a technology which provides a network architecture with three distinct layers that is, the application layer which is made up of SDN applications, the control layer which is made up of the controller and the data plane layer which is made up of switches. However, the exits different types of SDN architectures some of which are interconnected with the physical network. At the core of SDN, the control plane is physically and logically separated from the data plane. The controller is connected to the application layer through an interface known as the northbound interface and to the data plane through another interface known as the southbound interface. The centralized control plane uses APIs to communicate through the northbound and southbound interface with the application layer and the data plane layer respectively. By default, these APIs such as Restful and OpenFlow APIs do not implement security mechanisms like data encryption and authentication thus, this introduces new network security threats to the SDN architecture. This report presents a technique known as threat modeling in SDN. To achieve this technique, attack scenarios are created based on the OpenFlow SDN vulnerabilities. After which these vulnerabilities are defined as predicates or facts and rules, a framework known as multihost multistage vulnerability analysis (MulVAL) then takes these predicates and rules to produce a threat model known as attack graph. The attack graph is further used to performed quantitative risk analysis using a metric to depict the risks associated to the OpenFlow SDN model

Place, publisher, year, edition, pages
2019. , p. 70
Series
Rapporter: Fakulteten för teknik, Linnéuniversitetet
Keywords [en]
SDN, Application layer, Northbound Interface, Controller, Southbound Interface, data plane OpenFlow, Threat Model, MulVAL, Attack Graph, Attack Trees, Risk Analysis
National Category
Other Engineering and Technologies not elsewhere specified
Identifiers
URN: urn:nbn:se:lnu:diva-88806OAI: oai:DiVA.org:lnu-88806DiVA, id: diva2:1346557
Subject / course
Computer Science
Educational program
Network Security Programme, 180 credits
Presentation
(English)
Supervisors
Examiners
Available from: 2019-08-28 Created: 2019-08-28 Last updated: 2019-08-28Bibliographically approved

Open Access in DiVA

fulltext(1805 kB)38 downloads
File information
File name FULLTEXT01.pdfFile size 1805 kBChecksum SHA-512
0b39f9a53ef463ed67b9408665d1667acfd94c37debc90da424231f4c85276a158fddda5ec4ccc3002b0acce06416008b6c2a4714b1002da73f39fb56119beb3
Type fulltextMimetype application/pdf

Search in DiVA

By author/editor
Frankeline, Tanyi
By organisation
Department of computer science and media technology (CM)
Other Engineering and Technologies not elsewhere specified

Search outside of DiVA

GoogleGoogle Scholar
Total: 38 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 72 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf