Abstract
Vaccines are used to prevent known malware from infecting computer systems. However, owing to the low security awareness of users, the latest vaccine updates are not being applied appropriately. A host that has not yet been updated with a vaccine may present a risk of data manipulation or infection to the network from new malware. Therefore, this paper proposes a technique for creating a flow rule in software defined networking that controls the packet path of the network, logically separates the non-updated vaccine hosts, and induces a vaccine update. Network security was evaluated by distinguishing between an abnormal host packet blocking process and a normal host packet transmission process through a comparison with existing network security equipment. The proposed technique was implemented in a virtual environment, and the experiment results demonstrated that a 100% blocking rate can be achieved with a block latency of less than 0.2 ms.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Symantec: Internet Security Threat Report (ISTR), vol. 24, pp. 14–21 (2019). https://www.symantec.com/content/dam/symantec/docs/reports/istr-24-2019-en.pdf
Se-Min, O.: Detection mechanism for malicious code using the behavior pattern analysis based on file DNA. Ph.D. Daejeon University (2011)
Chen, C.C., Shaw, R.S., Yang, S.C.: Mitigating information security risks by increasing user security awareness: a case study of an information security awareness system. Inf. Technol. Learn. Perform. J. 24(1), 1–14 (2015)
Lee, D.: Threats according to the type of software updates and white-list construction scheme for advanced security. J. Korea Inst. Inf. Commun. Eng. 18(6), 1369–1374 (2014)
In-Suk, J.: A studies for strengthening the research security system through analysis of enterprise research security system. M.A. Sungkyunkwan University (2015)
Seungwoo, K.: A study on the effect of internal information leakage prevention on the security recognition of insiders. Myongji University. Ph.D. (2020)
Lee, W.J., Choi, I.W.: A tool to support efficient development of node software for various operating system platforms in sensor network environment. J. Korea Acad. Ind. Coop. Soc. 15(7), 4536–4537 (2014)
Zhang, H., Yan, J.: Performance of SDN routing in comparison with legacy routing protocols. In: International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery. IEEE (2015)
Yoon, B.Y., Lee, B.C.: Future networking technology of SDN. Electron. Telecommun. Trends 27(2), 129–136 (2012)
Recommendation ITU-T Y.3300: Framework of software-defined networking. International Telecommunication Union (2014). https://www.itu.int/rec/T-REC-Y.3300-201406-I
Arora, H.: Software Defined Networking (SDN) - Architecture and role of OpenFlow. https://www.howtoforge.com/tutorial/software-defined-networking-sdn-architecture-and-role-of-openflow
Ye, H.J.: A scalable message flow control mechanism in SDN. M.A. Ajou University (2015)
Kang, N.-G., Kwon, T.: Unauthorized software blocking techniques. J. Korea Inst. Inf. Secur. Cryptol. (JKIISC) 29(2), 393–399 (2019)
Jo, J., Lee, S., Kong, J., Kim, J.: A centralized network policy controller for SDN-based service overlay networking. J. Korean Inst. Commun. Inf. Sci. Netw. Serv. 38B(4), 266–278 (2013)
Jung, J.H.: Communication history based latency reduction for QUIC protocol. M.A. Changwon University (2018)
Ahn, S.: Defense against SYN flooding attack for SDN network. M.A. Soongsil University (2018)
Acknowledgments
This work was supported by the National Research Foundation of Korea (NRF) grant funded by the Korea government (MSIT) (No. 2018R1A4A1025632) and by the Basic Science Research Program through the National Research Foundation of Korea (NRF) that is funded by the Ministry of Education (NRF-2018R1D1A1B07047656).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
Bak, D., Kim, M., Lim, J., Jang, R., Jang, W., Lee, SY. (2021). Logical Network Separation and Update Inducing Techniques of Non-updated Vaccine Host by Creating Flow Rule in SDN. In: Barolli, L., Poniszewska-Maranda, A., Park, H. (eds) Innovative Mobile and Internet Services in Ubiquitous Computing . IMIS 2020. Advances in Intelligent Systems and Computing, vol 1195. Springer, Cham. https://doi.org/10.1007/978-3-030-50399-4_42
Download citation
DOI: https://doi.org/10.1007/978-3-030-50399-4_42
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-50398-7
Online ISBN: 978-3-030-50399-4
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)