Dynamic Isolation of Network Devices Using OpenFlow for Keeping LAN Secure from Intra-LAN Attack

Abstract With the emergence of inexpensive network components and high-speed network services, a variety of network-capable electronic devices have become available. Typical examples of such devices include printers, network access storage (NAS), and video recorders. Because software on these devices is not always kept up-to-date, the devices are susceptible to intra-local- area-network (LAN) attacks. In this paper, a novel network system architecture is proposed to protect network devices from intra-LAN attacks by dynamically isolating infected devices with OpenFlow. Preliminary evaluation results demonstrate that the architecture is effective in actual LAN environments.

[1]  B. Tech,et al.  A Novel Approach to Troubleshoot Security Attacks in Local Area Networks , 2011 .

[2]  Vijay Varadharajan,et al.  TVLAN: Trusted and Virtualised Local Area Networks , 2011, 2011IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications.

[3]  Kai Wang,et al.  LiveSec: Towards Effective Security Management in Large-Scale Production Networks , 2012, 2012 32nd International Conference on Distributed Computing Systems Workshops.

[4]  Fakariah Hani Mohd Ali,et al.  Evaluation effectiveness of hybrid IDS using Snort with Naïve Bayes to detect attacks , 2012, 2012 Second International Conference on Digital Information and Communication Technology and it's Applications (DICTAP).

[5]  Zhenyu Zhang,et al.  The research and design of honeypot system applied in the LAN security , 2011, 2011 IEEE 2nd International Conference on Software Engineering and Service Science.

[6]  Yiqi Dai,et al.  Design of the multi-level security network switch system which restricts covert channel , 2011, 2011 IEEE 3rd International Conference on Communication Software and Networks.

[7]  Hirofumi Yamaki,et al.  Unknown Attacks Detection Using Feature Extraction from Anomaly-Based IDS Alerts , 2012, 2012 IEEE/IPSJ 12th International Symposium on Applications and the Internet.