Using Programmable Data Networks to Detect Critical Infrastructure Challenges

  • Kyle J. S. WhiteEmail author
  • Dimitrios P. Pezaros
  • Chris W. Johnson
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8985)


Critical infrastructures must be better protected against challenges to their data communications in the face of increasing numbers of emerging challenges, complexity and society’s demand and intolerance of failures. In this paper, we present a set of challenges and their characteristics by reviewing reported incidents. Using domain specific attributes we discuss how these could be mitigated. We advocate the adoption of the latest programmable networking approaches in critical infrastructure networks and we present our proposed modular architecture with configurable monitoring and security components. Lastly, we show results from a network challenge simulation which highlights the benefits of our approach in providing rapid, precise and effective challenge detection and mitigation.


Resilience Security Critical systems 


  1. 1.
    Dewaele, G., Fukuda, K., Borgnat, P., Abry, P., Cho, K.: Extracting hidden anomalies using sketch and non gaussian multiresolution statistical detection procedures. In: Workshop on Large Scale Attack Defense, pp. 145–152. ACM (2007)Google Scholar
  2. 2.
    Eurocontrol website: Rome Fiumicino Airport becomes the 10th A-CDM airport. Accessed 27 April 2014
  3. 3.
    FAA FTI Review Panel: Report on November 19, 2009 Outage (2010)Google Scholar
  4. 4.
    Flavel, A., Roughan, M., Bean, N., Shaikh, A.: Where’s Waldo? practical searches for stability in iBGP. In: ICNP, pp. 308–317. IEEE (2008)Google Scholar
  5. 5.
    IAA: Report of the IAA into the ATM System Malfunction, September 2008Google Scholar
  6. 6.
    Khurshid, A., Zhou, W., Caesar, M., Godfrey, P.: Veriflow : verifying network-wide invariants in real time. In: SIGCOMM, pp. 467–472. ACM (2012)Google Scholar
  7. 7.
    Kuniar, M., Pereni, P., Vasi, N., Canini, M., Kosti, D. Automatic failure recovery for software-defined networks. In: HotSDN, pp. 159–160. ACM (2013)Google Scholar
  8. 8.
    Los Angeles Times: LAX outage is blamed on 1 computer, August 2007Google Scholar
  9. 9.
    Mehdi, S.A., Khalid, J., Khayam, S.A.: Revisiting traffic anomaly detection using software defined networking. In: Balzarotti, D., Maier, G., Sommer, R. (eds.) RAID 2011. LNCS, vol. 6961, pp. 161–180. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  10. 10.
    Mirkovic, J., Reiher, P.: A taxonomy of DDoS attack and DDoS defense mechanisms. In: SIGCOMM, pp. 39–53. ACM (2004)Google Scholar
  11. 11.
    Open Networking Foundation: SDN: The New Norm for Networks, April 2012Google Scholar
  12. 12.
    Press of Atlantic City: Fire at Hughes Technical Center caused \(\$2.2\)M in damage. Accessed 27 April 2014
  13. 13.
    Rinaldi, S.M., Peerenboom, J.P., Kelly, T.K.: Identifying, understanding, and analyzing critical infrastructure interdependencies. In: IEEE Control Systems (2001)Google Scholar
  14. 14.
    Shalimov, A., Zuikov, D., Zimarina, D., Pashkov, V., Smeliansky, R.: Advanced study of SDN/OpenFlow controllers. In: CEE-SECR, p. 1. ACM (2013)Google Scholar
  15. 15.
    Sherwood, R., Gibb, G., Yap, K., Appenzeller, G., Casado, M., McKeown, N., Parulkar, G.: Flowvisor: a network virtualization layer. In: OpenFlowSwitch (2009)Google Scholar
  16. 16.
    Shin, S., Porras, P., Yegneswaran, V., Fong, M., Gu, G.: Fresco: modular composable security services for software-defined networks. In: Internet Society NDSS (2013)Google Scholar
  17. 17.
    Shirali-Shahreza, S., Ganjali, Y.: FleXam: flexible sampling extension for monitoring and security applications in openflow. In: HotSDN, pp. 167–168. ACM (2013)Google Scholar
  18. 18.
    White, K.J.S., Pezaros, D.P., Johnson, C.W.: Increasing resilience of ATM networks using traffic monitoring and automated anomaly analysis: In: ATACCS (2012)Google Scholar
  19. 19.
    White, K.J.S., Pezaros, D.P., Johnson, C.W.: Principles for increased resilience in critical networked infrastructures. In: Publication Pending, ICRAT (2014)Google Scholar
  20. 20.
    Zhang, Y.: An adaptive flow counting method for anomaly detection in SDN. In: Emerging Networking Experiments and Technologies, pp. 25–30. ACM (2013)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2016

Authors and Affiliations

  • Kyle J. S. White
    • 1
    Email author
  • Dimitrios P. Pezaros
    • 1
  • Chris W. Johnson
    • 1
  1. 1.School of Computing ScienceUniversity of GlasgowGlasgowScotland, UK

Personalised recommendations