SDNLog-Foren: Ensuring the Integrity and Tamper Resistance of Log Files for SDN Forensics using Blockchain
Despite bringing many benefits of global network configuration and control, Software Defined Networking (SDN) also presents potential challenges for both digital forensics and cybersecurity. In fact, there are various attacks targeting a range of vulnerabilities on vital elements of this paradigm su...
Saved in:
| Published in | 2019 6th NAFOSTED Conference on Information and Computer Science (NICS) pp. 416 - 421 |
|---|---|
| Main Authors | , , , , |
| Format | Conference Proceeding |
| Language | English |
| Published |
IEEE
01.12.2019
|
| Subjects | |
| Online Access | Get full text |
| DOI | 10.1109/NICS48868.2019.9023852 |
Cover
| Abstract | Despite bringing many benefits of global network configuration and control, Software Defined Networking (SDN) also presents potential challenges for both digital forensics and cybersecurity. In fact, there are various attacks targeting a range of vulnerabilities on vital elements of this paradigm such as controller, Northbound and Southbound interfaces. In addition to solutions of security enhancement, it is important to build mechanisms for digital forensics in SDN which provide the ability to investigate and evaluate the security of the whole network system. It should provide features of identifying, collecting and analyzing log files and detailed information about network devices and their traffic. However, upon penetrating a machine or device, hackers can edit, even delete log files to remove the evidences about their presence and actions in the system. In this case, securing log files with fine-grained access control in proper storage without any modification plays a crucial role in digital forensics and cybersecurity. This work proposes a blockchain-based approach to improve the security of log management in SDN for network forensics, called SDNLog-Foren. This model is also evaluated with different experiments to prove that it can help organizations keep sensitive log data of their network system in a secure way regardless of being compromised at some different components of SDN. |
|---|---|
| AbstractList | Despite bringing many benefits of global network configuration and control, Software Defined Networking (SDN) also presents potential challenges for both digital forensics and cybersecurity. In fact, there are various attacks targeting a range of vulnerabilities on vital elements of this paradigm such as controller, Northbound and Southbound interfaces. In addition to solutions of security enhancement, it is important to build mechanisms for digital forensics in SDN which provide the ability to investigate and evaluate the security of the whole network system. It should provide features of identifying, collecting and analyzing log files and detailed information about network devices and their traffic. However, upon penetrating a machine or device, hackers can edit, even delete log files to remove the evidences about their presence and actions in the system. In this case, securing log files with fine-grained access control in proper storage without any modification plays a crucial role in digital forensics and cybersecurity. This work proposes a blockchain-based approach to improve the security of log management in SDN for network forensics, called SDNLog-Foren. This model is also evaluated with different experiments to prove that it can help organizations keep sensitive log data of their network system in a secure way regardless of being compromised at some different components of SDN. |
| Author | Do Hoang, Hien Duy, Phan The Thu Hien, Do Thi Pham, Van-Hau Ba Khanh, Nguyen |
| Author_xml | – sequence: 1 givenname: Phan The surname: Duy fullname: Duy, Phan The organization: University of Information Technology, VNU-HCM,Information Security Laboratory – sequence: 2 givenname: Hien surname: Do Hoang fullname: Do Hoang, Hien organization: University of Information Technology, VNU-HCM,Information Security Laboratory – sequence: 3 givenname: Do Thi surname: Thu Hien fullname: Thu Hien, Do Thi organization: University of Information Technology, VNU-HCM,Information Security Laboratory – sequence: 4 givenname: Nguyen surname: Ba Khanh fullname: Ba Khanh, Nguyen organization: University of Information Technology, VNU-HCM,Information Security Laboratory – sequence: 5 givenname: Van-Hau surname: Pham fullname: Pham, Van-Hau organization: University of Information Technology, VNU-HCM,Information Security Laboratory |
| BookMark | eNot0MtOwkAYBeAx0YUiT2Bi_hcodi6diztFUJIGE8E1mXb-ltEyJTNlwduLyuokJznf4tyQy9AHJOSe5hNKc_OwXExXQmupJyynZmJyxnXBLsjYKE0V07SgkrNr8rV6WZZ9m837iOERZiEdog8tDFuERRiwjX44gg0O1na3xwgfmHwabKgR-gZOU5j7DhM0fYSTBX9Q8nWCQ_qFnru-_q631odbctXYLuH4nCPyOZ-tp29Z-f66mD6VmWc5HzItCmlVpbhG4WxdSKwd55XODZeNkNRKwxx1p55XTlJVGcOt01o1gikjBB-Ru3_XI-JmH_3OxuPm_AD_AQ59VVU |
| ContentType | Conference Proceeding |
| DBID | 6IE 6IL CBEJK RIE RIL |
| DOI | 10.1109/NICS48868.2019.9023852 |
| DatabaseName | IEEE Electronic Library (IEL) Conference Proceedings IEEE Proceedings Order Plan All Online (POP All Online) 1998-present by volume IEEE Xplore All Conference Proceedings IEEE Electronic Library (IEL) IEEE Proceedings Order Plans (POP All) 1998-Present |
| DatabaseTitleList | |
| Database_xml | – sequence: 1 dbid: RIE name: IEEE Electronic Library (IEL) url: https://proxy.k.utb.cz/login?url=https://ieeexplore.ieee.org/ sourceTypes: Publisher |
| DeliveryMethod | fulltext_linktorsrc |
| EISBN | 9781728151632 1728151635 |
| EndPage | 421 |
| ExternalDocumentID | 9023852 |
| Genre | orig-research |
| GroupedDBID | 6IE 6IL CBEJK RIE RIL |
| ID | FETCH-LOGICAL-i203t-8456a7b738e4dac56ecd33b80936f461a692d1d56e3bd617b993ad887f4279443 |
| IEDL.DBID | RIE |
| IngestDate | Thu Jun 29 18:38:48 EDT 2023 |
| IsPeerReviewed | false |
| IsScholarly | false |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-i203t-8456a7b738e4dac56ecd33b80936f461a692d1d56e3bd617b993ad887f4279443 |
| PageCount | 6 |
| ParticipantIDs | ieee_primary_9023852 |
| PublicationCentury | 2000 |
| PublicationDate | 2019-Dec. |
| PublicationDateYYYYMMDD | 2019-12-01 |
| PublicationDate_xml | – month: 12 year: 2019 text: 2019-Dec. |
| PublicationDecade | 2010 |
| PublicationTitle | 2019 6th NAFOSTED Conference on Information and Computer Science (NICS) |
| PublicationTitleAbbrev | NICS |
| PublicationYear | 2019 |
| Publisher | IEEE |
| Publisher_xml | – name: IEEE |
| Score | 1.8595686 |
| Snippet | Despite bringing many benefits of global network configuration and control, Software Defined Networking (SDN) also presents potential challenges for both... |
| SourceID | ieee |
| SourceType | Publisher |
| StartPage | 416 |
| SubjectTerms | Blockchain-based security Computer hacking Control systems Digital forensics Integrity and Tamper Resistance SDN forensics SDN security Secure log files |
| Title | SDNLog-Foren: Ensuring the Integrity and Tamper Resistance of Log Files for SDN Forensics using Blockchain |
| URI | https://ieeexplore.ieee.org/document/9023852 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwjV1NT8JAEN0gJ09qwPidPXi0pbTd7a5HEQJGiBFIuJH9KiJJa2i5-Oud3VaNxoO3ZtNOm33bmdftvBmErhlVYZqSwOOEGfhAiQX4QUK9hBkiExoo4eTR4wkdzuOHBVk00M2XFsYY45LPjG8P3b98naud3SrrcBtgCDjcPVhmlVarFv12A96ZjHpTWI7UJWxxvz75R9cUFzQGB2j8ebsqV2Tj70rpq_dflRj_-zyHqP0tz8NPX4HnCDVM1kKv0_vJY77ybK_N7Bb3s8IJEDEQPDxyNSGAb2ORaTwTQJW3-NkUljtaY3mK4VI8AA9RYGCxGGxhZwgwLLDNjV_hOwh7G_Ui1lkbzQf9WW_o1Y0UvHUYRKXHgCWJRCYRM7EWilCjdBRJFvCIpjHtCspD3dUwHkkNlEYCaREa3E8ah_C-xtExamZ5Zk4QBroIqAumgEnEXGsGaCaUaM5kGsaKn6KWnaflW1UrY1lP0dnfw-do32JVpYdcoGa53ZlLCPKlvHLofgB-Xqge |
| linkProvider | IEEE |
| linkToHtml | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwjV3PT8IwFG6IHvSkBoy_7cGjg7G1XetRhIACMQIJN9JfQyTZDIyLf72vBTEaD96WZn1b-rr3fdve9x5CN5zpKE1pGAjKLbygEAlxkLIg4ZaqhIVaenl0r8_aI_I4puMSut1qYay1PvnMVt2h_5dvcr1yn8pqwgEMhYC7C7hP6FqttZH91kNR63caA9iQzKdsierm9B99UzxstA5Q7-uC62yReXVVqKr--FWL8b93dIgq3wI9_LyFniNUslkZvQ0e-t18Grhum9kdbmZLL0HEQPFwx1eFAMaNZWbwUAJZXuAXu3Ts0RnLUwxTcQtixBIDj8VgC3tD4MUldtnxU3wPwDfXr3KWVdCo1Rw22sGmlUIwi8K4CDjwJJmoJOaWGKkps9rEseKhiFlKWF0yEZm6gfFYGSA1CmiLNBCAUhLBE0viY7ST5Zk9QRgII_hdcg1cgghjOPgzYdQIrtKIaHGKym6dJu_rahmTzRKd_T18jfbaw1530u30n87RvvPbOlnkAu0Ui5W9BMgv1JX39Cd5tqtr |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=proceeding&rft.title=2019+6th+NAFOSTED+Conference+on+Information+and+Computer+Science+%28NICS%29&rft.atitle=SDNLog-Foren%3A+Ensuring+the+Integrity+and+Tamper+Resistance+of+Log+Files+for+SDN+Forensics+using+Blockchain&rft.au=Duy%2C+Phan+The&rft.au=Do+Hoang%2C+Hien&rft.au=Thu+Hien%2C+Do+Thi&rft.au=Ba+Khanh%2C+Nguyen&rft.date=2019-12-01&rft.pub=IEEE&rft.spage=416&rft.epage=421&rft_id=info:doi/10.1109%2FNICS48868.2019.9023852&rft.externalDocID=9023852 |