Huang et al., 2020 - Google Patents
Towards trusted and efficient SDN topology discovery: A lightweight topology verification schemeHuang et al., 2020
View PDF- Document ID
- 14871904153658605389
- Author
- Huang X
- Shi P
- Liu Y
- Xu F
- Publication year
- Publication venue
- Computer Networks
External Links
Snippet
Discovering network topology is critical for Software-defined Networking (SDN) controllers to establish the centralized network visibility. However, during the process of SDN topology discovery, SDN controllers tend to suffer from the topology poisoning attacks due to a lack of …
- 238000004519 manufacturing process 0 abstract description 47
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1458—Denial of Service
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1425—Traffic logging, e.g. anomaly detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network
- H04L63/0823—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1433—Vulnerability analysis
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
- H04L63/205—Network architectures or network communication protocols for network security for managing network security; network security policies in general involving negotiation or determination of the one or more network security mechanisms to be used, e.g. by negotiation between the client and the server or between peers or by selection according to the capabilities of the entities involved
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network
- H04L63/083—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network using passwords
- H04L63/0838—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network using passwords using one-time-passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0209—Architectural arrangements, e.g. perimeter networks or demilitarized zones
- H04L63/0218—Distributed architectures, e.g. distributed firewalls
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3271—Cryptographic mechanisms or cryptographic arrangements for secret or secure communication including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/061—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Pradhan et al. | Solutions to vulnerabilities and threats in software defined networking (SDN) | |
| Han et al. | A comprehensive survey of security threats and their mitigation techniques for next‐generation SDN controllers | |
| Huang et al. | Towards trusted and efficient SDN topology discovery: A lightweight topology verification scheme | |
| Lohachab et al. | Critical analysis of DDoS—An emerging security threat over IoT networks | |
| Tselios et al. | Enhancing SDN security for IoT-related deployments through blockchain | |
| US10735450B2 (en) | Trust topology selection for distributed transaction processing in computing environments | |
| Li et al. | A survey on OpenFlow-based Software Defined Networks: Security challenges and countermeasures | |
| Ghorbani et al. | Network intrusion detection and prevention: concepts and techniques | |
| CN118054973B (en) | Active defense method, system, device and medium based on network port lock | |
| Saxena et al. | DDoS attack prevention using collaborative approach for cloud computing | |
| Ahmed et al. | Modelling cyber security for software-defined networks those grow strong when exposed to threats: Analysis and propositions | |
| Karnani et al. | A comprehensive survey on low-rate and high-rate DDoS defense approaches in SDN: taxonomy, research challenges, and opportunities | |
| CN119576288A (en) | Design method of security protection algorithm for industrial control system | |
| Ahmed et al. | Security & privacy in software defined networks, issues, challenges and cost of developed solutions: a systematic literature review | |
| Salvakkam et al. | MESSB–LWE: multi-extractable somewhere statistically binding and learning with error-based integrity and authentication for cloud storage. | |
| Ravindrababu et al. | Analysis of vulnerability trends and attacks in ot systems | |
| Abdulqadder et al. | Validating user flows to protect software defined network environments | |
| Saxena et al. | DDoS prevention using third party auditor in cloud computing | |
| Bargayary et al. | Preserving flow table integrity in OpenFlow networks through smart contract | |
| Zhang et al. | HSDirSniper: A New Attack Exploiting Vulnerabilities in Tor's Hidden Service Directories | |
| Kumar et al. | IoT device security audit tools: a comprehensive analysis and a layered architecture approach for addressing expanded security requirements | |
| Huang et al. | Construction of switch information security protection system based on software‐defined networking | |
| Barika et al. | Agent IDS based on misuse approach | |
| Wang et al. | Smart contract based DDoS attack traceability audit mechanism in intelligent IoT | |
| Guelzim et al. | Formal methods of attack modeling and detection |