A Reflectornet Based on Software Defined Network

Software-Defined Networking (SDN), which separates the control plane from the data plane and manages data planes in a centralized way, is now considered as a future networking technology, and many researchers and practitioners have dived into this area to devise new network applications, such new routing methods. Likewise, network security applications could be redesigned with SDN, and some pioneers have proposed several interesting network security applications with SDN. However, most approaches have just reimplemented some well-known network security applications, although SDN provides many interesting features, They didn’t effectively use them. To investigate if we can use SDN in realizing sophisticated network security applications, we have designed and implemented an advanced network security application, Reflectornet, which redirects malicious or suspicious network trials to other security monitoring points (e.g., honeypot). In addition, we have tested its performance and practicability in diverse angles. Our findings and some insights will encourage other researchers to design better or intelligent network security applications with SDN. 논문 14-39B-06-08 The Journal of Korea Information and Communications Society '14-06 Vol.39B No.06 http://dx.doi.org/10.7840/kics.2014.39B.6.397 397 First Author : KAIST Graduate School of Information Security, taejune.park@kaist.ac.kr, 학생회원 ° Corresponding Author : KAIST Graduate School of Information Security, claude@kaist.ac.kr, 정회원 * KAIST Graduate School of Information Security, lss365@kaist.ac.kr, 학생회원 논문번호:KICS2014-06-219, Received June 2, 2014; Revised June 18, 2014; Accepted June 18, 2014 The Journal of Korea Information and Communications Society '14-06 Vol.39B No.06

[1]  Mabry Tyson,et al.  FRESCO: Modular Composable Security Services for Software-Defined Networks , 2013, NDSS.

[2]  Vinod Yegneswaran,et al.  AVANT-GUARD: scalable and vigilant switch flow management in software-defined networks , 2013, CCS.

[3]  Min Zhu,et al.  B4: experience with a globally-deployed software defined wan , 2013, SIGCOMM.

[4]  Mabry Tyson,et al.  A security enforcement kernel for OpenFlow networks , 2012, HotSDN '12.

[5]  Sujata Banerjee,et al.  ElasticTree: Saving Energy in Data Center Networks , 2010, NSDI.

[6]  Sajad Shirali-Shahreza,et al.  Efficient Implementation of Security Applications in OpenFlow Controller with FleXam , 2013, 2013 IEEE 21st Annual Symposium on High-Performance Interconnects.

[7]  Guofei Gu,et al.  CloudWatcher: Network security monitoring using OpenFlow in dynamic cloud networks (or: How to provide security monitoring as a service in clouds?) , 2012, 2012 20th IEEE International Conference on Network Protocols (ICNP).

[8]  Harsha V. Madhyastha,et al.  FlowSense: Monitoring Network Utilization with Zero Measurement Cost , 2013, PAM.

[9]  Rob Sherwood,et al.  Can the Production Network Be the Testbed? , 2010, OSDI.

[10]  Marco Canini,et al.  A NICE Way to Test OpenFlow Applications , 2012, NSDI.

[11]  Minlan Yu,et al.  Software Defined Traffic Measurement with OpenSketch , 2013, NSDI.

[12]  Russell J. Clark,et al.  Resonance: dynamic access control for enterprise networks , 2009, WREN '09.

[13]  Rodrigo Braga,et al.  Lightweight DDoS flooding attack detection using NOX/OpenFlow , 2010, IEEE Local Computer Network Conference.