SECURING OF SOFTWARE DEFINED NETWORK CONTROLLERS
First Claim
1. A method of detecting security attacks and securing a software defined network, said method comprising:
- utilizing at least one processor to execute computer code configured to perform the steps of;
intercepting one or more control messages;
extracting information from the one or more control messages to create a global network state model;
determining, from the extracted information, presence of at least one prospective modification to the global network state model; and
thereupon determining whether the at least one prospective modification presents a threat to security of the software defined network.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods and arrangements for securing a software defined network. One or more control messages are intercepted. Information is extracted from the one or more control messages to create a global network state model, and there is determined, from the extracted information, presence of at least one prospective modification to the global network state model. Thereupon, a determination is made as to whether the at least one prospective modification presents a threat to security of the software defined network. Other variants and embodiments are broadly contemplated herein.
10 Citations
20 Claims
-
1. A method of detecting security attacks and securing a software defined network, said method comprising:
-
utilizing at least one processor to execute computer code configured to perform the steps of; intercepting one or more control messages; extracting information from the one or more control messages to create a global network state model; determining, from the extracted information, presence of at least one prospective modification to the global network state model; and thereupon determining whether the at least one prospective modification presents a threat to security of the software defined network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. An apparatus for detecting security attacks and securing a software defined network, said apparatus comprising:
-
at least one processor; and a computer readable storage medium having computer readable program code embodied therewith and executable by the at least one processor, the computer readable program code comprising; computer readable program code configured to intercept one or more control messages; computer readable program code configured to extract information from the one or more control messages to create a global network state model; computer readable program code configured to determine, from the extracted information, presence of at least one prospective modification to the global network state model; and computer readable program code configured to thereupon determine whether the at least one prospective modification presents a threat to security of the software defined network.
-
-
17. A computer program product for detecting security attacks and securing a software defined network, said computer program product comprising:
-
a computer readable storage medium having computer readable program code embodied therewith, the computer readable program code comprising; computer readable program code configured to intercept one or more control messages; computer readable program code configured to extract information from the one or more control messages to create a global network state model; computer readable program code configured to determine, from the extracted information, presence of at least one prospective modification to the global network state model; and computer readable program code configured to thereupon determine whether the at least one prospective modification presents a threat to security of the software defined network. - View Dependent Claims (18, 19)
-
-
20. A method comprising:
-
intercepting one or more control messages flowing to one or more network controllers, the one or more control messages comprising one or more control messages determined to be relevant to network security; extracting information from the one or more control messages to create a global network state model; defining a permissible global network state; and determining whether at least one prospective modification to the global network state model presents a threat to security, via; recording a deviation from the permissible global network state; and thereupon generating an alert.
-
Specification