Security analysis of software defined wireless network monitoring with sFlow and FlowVisor

Today's mobile and wireless network are growing faster in size and complex to measure the services. Security is one of the most important aspects for such complex network and needs to be monitored properly to provide early detection of security breaches and Denial of Service attack. Tools that measure such detection of network threats and monitors network services requires internal security in their own mechanism. This paper analyzes two of such monitoring and measurement tools: sFlow and FlowVisor for underlying Software Defined Wireless Networking (SDWN) environment by applying STRIDE threat model. This analytical study represents that, sFlow requires an external secure deployment environment to ensure security in data flow and data store for SDWN. FlowVisor comes with secured access control in data store wherein isolated flow slice requires mechanism that improve its security.

[1]  Kpatcha M. Bayarou,et al.  Security Analysis of Security Applications for Software Defined Networks , 2014, AINTEC.

[2]  Adam Shostack,et al.  Experiences Threat Modeling at Microsoft , 2008, MODSEC@MoDELS.

[3]  Kpatcha M. Bayarou,et al.  Security Analysis of Software Defined Networking Architectures: PCE, 4D and SANE , 2014, AINTEC.

[4]  Kanmani Selvadurai,et al.  Risk-driven security testing using risk analysis with threat modeling approach , 2014, SpringerPlus.

[5]  Luis M. Contreras,et al.  Software-defined control of the virtualized mobile packet core , 2015, IEEE Communications Magazine.

[6]  M. Slater,et al.  Making the network visible to the user in virtual environments and online games , 2003 .

[7]  Antonio de la Oliva,et al.  An architecture for software defined wireless networking , 2014, IEEE Wireless Communications.

[8]  Jun Bi,et al.  Design and Implementation of a Software-Defined Mobility Architecture for IP Networks , 2015, Mobile Networks and Applications.

[9]  Kpatcha M. Bayarou,et al.  Security Analysis of Software Defined Networking Applications for Monitoring and Measurement: sFlow and BigTap , 2015, CFI.

[10]  Basil S. Maglaris,et al.  Combining OpenFlow and sFlow for an effective and scalable anomaly detection and mitigation mechanism on SDN environments , 2014, Comput. Networks.

[11]  Luís Henrique Maciel Kosmalski Costa,et al.  Vulnerabilities and solutions for isolation in FlowVisor-based virtual network environments , 2015, Journal of Internet Services and Applications.

[12]  Kpatcha M. Bayarou,et al.  OrchSec: An orchestrator-based architecture for enhancing network-security using Network Monitoring and SDN Control functions , 2014, 2014 IEEE Network Operations and Management Symposium (NOMS).

[13]  Bhaskar Krishnamachari,et al.  Software-Defined Networking Paradigms in Wireless Networks: A Survey , 2014, ACM Comput. Surv..