Skip to main content
SpringerLink
Log in

DREAD-R: Severity Assessment of ONOS SDN Controller

  • Conference paper
  • First Online:
Multi-disciplinary Trends in Artificial Intelligence (MIWAI 2017)

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 10607))

Abstract

In few past years, popularity of Software Defined Networking (SDN) among academia and industry is rapidly increased, and users are conferenced about choosing suited and secured SDN controller. Recently, Open Network Operating System (ONOS), which provides the control plane for SDN, appears as best choice for service provider in term of high availability, scalability, and security. There are some existing models for security assessment of SDN. However, there is still a room for more assessments. This paper address the severity assessment of ONOS using proposed DREAD-R model which considers traditional DREAD (Damage potential, Reproducibility, Exploitability, Affected users and Discoverability) model with additional “Reputation” parameter. This paper found that control plane vulnerabilities are critical in nature and disrupt entire network functions and need immediate attention for solutions.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Nunes, B.A.A., Mendonca, M., Nguyen, X.N., Obraczka, K., Turletti, T.: A survey of software-defined networking: past, present, and future of programmable networks. IEEE Commun. Surv. Tutor. 16(3), 1617–1634 (2014)

    Article  Google Scholar 

  2. Kreutz, D., Ramos, F.M., Verissimo, P.E., Rothenberg, C.E., Azodolmolky, S., Uhlig, S.: Software-defined networking: a comprehensive survey. Proc. IEEE 103(1), 14–76 (2015)

    Article  Google Scholar 

  3. Shin, M.-K., Nam, K.-H., Kim, H.-J.: Software-defined networking (SDN): a reference architecture and open APIs. In: 2012 International Conference on ICT Convergence (ICTC), pp. 360–361. IEEE (2012)

    Google Scholar 

  4. SDN Architecture. Technical report, Open Networking Foundation (2014)

    Google Scholar 

  5. Arbettu, R.K., Khondoker, R., Bayarou, K., Weber, F.: Security analysis of OpenDaylight, ONOS, Rosemary and Ryu SDN controllers. In: 2016 17th International Telecommunications Network Strategy and Planning Symposium (Networks), pp. 37–44. IEEE (2016)

    Google Scholar 

  6. Yan, Q., Yu, F.R., Gong, Q., Li, J.: Software-defined networking (SDN) and distributed denial of service (DDoS) attacks in cloud computing environments: a survey, some research issues, and challenges. IEEE Commun. Surv. Tutor. 18(1), 602–622 (2016)

    Article  Google Scholar 

  7. Lee, S., Yoon, C., Lee, C., Shin, S., Yegneswaran, V., Porras, P.: Delta: a security assessment framework for software-defined networks. In: Proceedings of NDSS, vol. 17 (2017)

    Google Scholar 

  8. Hong, S., Xu, L., Wang, H., Gu, G.: Poisoning network visibility in software-defined networks: new attacks and countermeasures. In: NDSS (2015)

    Google Scholar 

  9. Benton, K., Camp, L.J., Small, C.: Openflow vulnerability assessment. In: Proceedings of the Second ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, pp. 151–152. ACM (2013)

    Google Scholar 

  10. Berde, P., Gerola, M., Hart, J., Higuchi, Y., Kobayashi, M., Koide, T., Lantz, B., O’Connor, B., Radoslavov, P., Snow, W., et al.: ONOS: towards an open, distributed SDN OS. In: Proceedings of the Third Workshop on Hot Topics in Software Defined Networking, pp. 1–6. ACM (2014)

    Google Scholar 

  11. Meier, J.D., Mackman, A., Dunner, M., Vasireddy, S., Escamilla, R., Murukan, A.: Improving Web Application Security: Threats and Countermeasures. Microsoft Corporation (2003)

    Google Scholar 

  12. Adam Shostack: Threat Modeling: Designing for Security. Wiley (2014)

    Google Scholar 

  13. Thompson, D.R., Di, J., Sunkara, H., Thompson, C.: Categorizing RFID privacy threats with stride. In: Proceedings ACMs Symposium on Usable Privacy and Security held at CMU (2006)

    Google Scholar 

  14. Saitta, P., Larcom, B., Eddington, M.: Trike v. 1 methodology document [draft] (2005). http://dymaxion.org/trike/Trike_v1_Methodology_Documentdraft.pdf

  15. Jürjens, J.: UMLsec: extending UML for secure systems development. In: Jézéquel, J.-M., Hussmann, H., Cook, S. (eds.) UML 2002. LNCS, vol. 2460, pp. 412–425. Springer, Heidelberg (2002). doi:10.1007/3-540-45800-X_32

    Chapter  Google Scholar 

  16. Gilliam, D.P., Powell, J.D.: Integrating a flexible modeling framework (FMF) with the network security assessment instrument to reduce software security risk. In: Proceedings of Eleventh IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, WET ICE 2002, pp. 153–158. IEEE (2002)

    Google Scholar 

  17. UcedaVelez, T., Morana, M.M.: Risk Centric Threat Modeling: Process for Attack Simulation and Threat Analysis. Wiley, Hoboken (2015)

    Book  Google Scholar 

  18. Schehlmann, L., Abt, S., Baier, H.: Blessing or curse? Revisiting security aspects of software-defined networking. In: 2014 10th International Conference on Network and Service Management (CNSM), pp. 382–387. IEEE (2014)

    Google Scholar 

  19. Chen, M., Qian, Y., Mao, S., Tang, W., Yang, X.: Software-defined mobile networks security. Mob. Netw. Appl. 21(5), 729–743 (2016)

    Article  Google Scholar 

  20. Shin, S., Yegneswaran, V., Porras, P., Gu, G.: Avant-guard: scalable and vigilant switch flow management in software-defined networks. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, pp. 413–424. ACM (2013)

    Google Scholar 

  21. FIRST. Common Vulnerability Scoring System v3.0: Specification Document

    Google Scholar 

  22. Selcuk, A.A., Uzun, E., Pariente, M.R.: A reputation-based trust management system for P2P networks. In: IEEE International Symposium on Cluster Computing and the Grid, CCGrid 2004, pp. 251–258. IEEE (2004)

    Google Scholar 

  23. Anantvalee, T., Wu, J.: Reputation-based system for encouraging the cooperation of nodes in mobile ad hoc networks. In: IEEE International Conference on Communications, ICC 2007, pp. 3383–3388. IEEE (2007)

    Google Scholar 

Download references

Acknowledgment

This work was partly supported by Institute for Information & Communications Technology Promotion (IITP) grant funded by the Korea government (MIST) [2015-0-00533, Development of TII (Trusted Information Infrastructure) S/W Framework for Realizing Trustworthy IoT Eco-system], and partly supported by BK 21 plus program.

Author information

Authors and Affiliations

  1. Korea Advanced Institute of Science and Technology (KAIST), Daejeon, Korea

    Muhammad Shakil, Alaelddin Fuad Yousif Mohammed, Hyeontaek Oh & Jun Kyun Choi

Authors
  1. Muhammad Shakil
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Alaelddin Fuad Yousif Mohammed
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Hyeontaek Oh
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Jun Kyun Choi
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Alaelddin Fuad Yousif Mohammed .

Editor information

Editors and Affiliations

  1. Universiti Teknologi Brunei, Gadong, Brunei Darussalam

    Somnuk Phon-Amnuaisuk

  2. Universiti Teknologi Brunei, Gadong, Brunei Darussalam

    Swee-Peng Ang

  3. Korea Advanced Institute of Science and Technology, Daejeon, Korea (Republic of)

    Soo-Young Lee

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Cite this paper

Shakil, M., Mohammed, A.F.Y., Oh, H., Choi, J.K. (2017). DREAD-R: Severity Assessment of ONOS SDN Controller. In: Phon-Amnuaisuk, S., Ang, SP., Lee, SY. (eds) Multi-disciplinary Trends in Artificial Intelligence. MIWAI 2017. Lecture Notes in Computer Science(), vol 10607. Springer, Cham. https://doi.org/10.1007/978-3-319-69456-6_27

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-69456-6_27

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-69455-9

  • Online ISBN: 978-3-319-69456-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation