×

Securing of software defined network controllers

  • US 9,497,207 B2
  • Filed: 08/15/2014
  • Issued: 11/15/2016
  • Est. Priority Date: 08/15/2014
  • Status: Active Grant
First Claim
Patent Images

1. A method of detecting security attacks and securing a software defined network, said method comprising:

  • utilizing at least one processor to execute computer code configured to perform the steps of;

    generating a representative global network state and a plurality of network constraints, wherein the representative global network state identifies representative traffic flow paths and traffic volume of the software defined network;

    intercepting one or more control messages;

    extracting information from the one or more control messages to create a current global network state, wherein the current global network state identifies current traffic flow paths and traffic volume of the software defined network;

    determining, from the extracted information, presence of at least one modification to the software defined network, wherein the determining comprises validating the current global network state against the representative global network state and plurality of network constraints and identifying at least one change between the representative traffic flow paths and traffic volume of the software defined network and current traffic flow paths and traffic volume of the software defined network; and

    thereupon determining whether the at least one modification presents a threat to security of the software defined network.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×