Publikationen

Security analysis of software defined networking applications for monitoring and measurement. sFlow and BigTap

AutorDauer, Pascal; Khondoker, Rahamatullah; Marx, Ronald; Bayarou, Kpatcha
Datum2015
ArtConference Paper, Electronic Publication
AbstraktSecurity is one of the most important aspects in networks which sometimes need network monitoring and measurement tools to identify the source of misbehavior and performance degradation. Monitoring and measurement tools promise to provide critical functions including an early detection of a Denial of Service (DoS) attack. To ensure the internal security of those tools, they must also be evaluated. This paper analyses two networking monitoring and measurement tools: sFlow (open source) and BigTap (commercial), by applying the STRIDE threat model. This paper concludes that sFlow relies on the correct configuration of the agent and that the deployment environment must be properly secured. BigTap comes with several security mechanisms, however, other mechanisms are required to improve its security.
KonferenzInternational Conference on Future Internet (CFI) <10, 2015, Seoul>
ReferenzAssociation for Computing Machinery -ACM-: CFI 2015, 10th International Conference on Future Internet. Proceedings: June 8-10, 2015, Seoul, Korea. New York: ACM, 2015, pp. 51-56
SchlüsselISBN : 9781450335645
Urlhttp://publica.fraunhofer.de/eprints/urn:nbn:de:0011-n-3605625.pdf