TY - GEN
T1 - SDN Dynamic Controller Configuration to Mitigate Compromised Controllers
AU - Delany, Ryan
AU - Smith, Andrew
AU - Li, Yan
AU - Du, Liang
N1 - Publisher Copyright:
© 2023 IEEE.
PY - 2023
Y1 - 2023
N2 - Security of Supervisory Control and Data Acqui-sition (SCADA) network is essential for the Naval shipboard systems. Software-Defined Networking (SDN) is introduced in this paper towards security, which is configured with a controller or multiple controllers that are given total control over the network. This design makes it flexible to control the SD N framework. While the fact that these controllers are responsible for managing software-defined networks, it also makes the network vulnerable to the circumstance in which a controller is compromised. This necessitates a dynamic controller configuration that allows an SDN network to be able to defend itself against a threat that is attempting to or successful in compromising a controller. In order to accomplish this, the SDN network requires multiple controllers and the ability to detect and shift network control to another controller in case one becomes compromised. An SDN with a dynamic controller configuration is introduced in this paper to allow the network to remain resilient if an attacker is to compromise a controller and also if a controller were to fail. Dynamic SDN controller configuration is driven by the multi-controller configuration and methods for detecting and responding to attacks. Specifically, these methods are practical in the Mininet environment to ensure the security of Naval SCADA networks but are applicable to most SDN applications. Dynamic controller configuration adds an extra layer of network security to SD N and alleviates a controller from becoming a single point of failure.
AB - Security of Supervisory Control and Data Acqui-sition (SCADA) network is essential for the Naval shipboard systems. Software-Defined Networking (SDN) is introduced in this paper towards security, which is configured with a controller or multiple controllers that are given total control over the network. This design makes it flexible to control the SD N framework. While the fact that these controllers are responsible for managing software-defined networks, it also makes the network vulnerable to the circumstance in which a controller is compromised. This necessitates a dynamic controller configuration that allows an SDN network to be able to defend itself against a threat that is attempting to or successful in compromising a controller. In order to accomplish this, the SDN network requires multiple controllers and the ability to detect and shift network control to another controller in case one becomes compromised. An SDN with a dynamic controller configuration is introduced in this paper to allow the network to remain resilient if an attacker is to compromise a controller and also if a controller were to fail. Dynamic SDN controller configuration is driven by the multi-controller configuration and methods for detecting and responding to attacks. Specifically, these methods are practical in the Mininet environment to ensure the security of Naval SCADA networks but are applicable to most SDN applications. Dynamic controller configuration adds an extra layer of network security to SD N and alleviates a controller from becoming a single point of failure.
UR - http://www.scopus.com/inward/record.url?scp=85168242355&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85168242355&partnerID=8YFLogxK
U2 - 10.1109/ITEC55900.2023.10186974
DO - 10.1109/ITEC55900.2023.10186974
M3 - Conference contribution
AN - SCOPUS:85168242355
T3 - 2023 IEEE Transportation Electrification Conference and Expo, ITEC 2023
BT - 2023 IEEE Transportation Electrification Conference and Expo, ITEC 2023
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 2023 IEEE Transportation Electrification Conference and Expo, ITEC 2023
Y2 - 21 June 2023 through 23 June 2023
ER -