OpenFlowSec.orgHome.html
 


Publications and Presentations

Presentations

Security Enhanced Floodlight -   Phil gave a brief overview of our forthcoming SE-Floodlight project at the Open Network Summit, April 2013.

FRESCO Presentation -   Seungwon presented our paper at the ISOC Network and Distributed System Security Conference in San Diego, CA, February 2013.    

New Killer Applications for SDN -   Guofei presented killer SDN application concepts at DIMACS at Rutgers University, December 2012.

Overview of the FortNOX Security Kernel -   Phil’s  June Youtube Presentation explaining the FortNOX Security Mediator, December 2012.

SDN Security Seminary 2012 -   Phil gave a a talk at the 2012 SDN Security Seminar, held across from at RSA, San Francisco, February 2012.

HotSDN Workshop Talk  -   Vinod presented FortNOX at the HotSDN workshop in Helsinki FI, August 2012

Last updated: April 2022

P.A. Porras, S. Shin, S. Yegneswaran, M.W. Fong, M. Tyson, and G. Gu, "A Security Enforcement Kernel for OpenFlow Networks," in Proceedings of the ACM Sigcomm Workshop on Hot Topics in Software Defined Networking (HotSDN), Helsinki, FI, August 2012.


S. Son, S. Shin, V. Yegneswaran, P.A. Porras, G. Gu," Model Checking Invariant Security Properties in OpenFlow," in Proceedings of IEEE International Conference on Communications (ICC), June 2013.


S. Shin, V. Yegneswaran, P.A. Porras, and G. Gu, "AVANT-GUARD: Scalable and Vigilant Switch Flow Management in Software-Defined Networks," in Proceedings of the 20th ACM Conference on Computer and Communications Security (CCS), Berlin, Germany, November 2013.


S. Shin, P.A. Porras, V. Yegneswaran, M.W. Fong, G. Gu, M. Tyson, "FRESCO: Modular Composable Security Services for Software-Defined Networks," in Proceedings of the ISOC Network and Distributed System Security Symposium, San Diego, CA, February 2013.


S. Shin, Y. Song, T. Lee, S. Lee, J. Chung, P.A. Porras, V. Yegneswaran, J. Noh, B.B. Kang, "Rosemary: A Robust, Secure, and High-performance Network Operating System," in Proceedings of the 21st ACM Conference on Computer and Communications Security, November 2014.


P.A. Porras, S. Cheung, M. Fong, K. Skinner, and V. Yegneswaran, "Securing the Software-Defined Network Control Layer," in Proceedings of the ISOC Network and Distributed System Security Conference (NDSS), February 2015.


X. Pan, V. Yegneswaran, Y. Chen, P.A. Porras, and S. Shin, "HogMap: Using SDNs to Incentivize Collaborative Security Monitoring," in Proceeding of the ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization (SDN-NFV Security 2016), March 2016.


S. Lee, C.Yoon, C. Lee, S. Shin, V. Yegneswaran, P.A. Porras, "DELTA: A Security Assessment Framework for Software-Defined Networks," in Proceeding of the ISOC Network and Distributed System Security Symposium (NDSS), San Diego, CA, U.S.A., February, 2017.


S. Lee, J. Kim, S. Shin, P.A. Porras, V. Yegneswaran, "Athena: A Framework for Scalable Anomaly Detection in Software-Defined Networks" in Proceedings of IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), June 2017.


J. Nam and H. Jo and Y. Kim and P.A. Porras and V. Yegneswaran and S. Shin, "Bridging the Architectural Gap Between NOS Design Principles in Software-Defined Networks," in Proceedings of the ACM Symposium on Cloud Computing 2017 (SoCC '17), August, 2017.


C. Yoon, S. Lee, H. Kang, T. Park, S. Shin, V. Yegneswaran, P.A. Porras, G. Gu, "Flow Wars: Systemizing the Attack Surface and Defenses in Software-Defined Networks," in the IEEE/ACM Journal on Transactions on Networking, Issue 99, September 2017.


C. Yoon, S. Shin, P.A. Porras, V. Vegneswaran, H. Kang, M. Fong, B. O'Connor, T. Vachuska, "A Security-Mode for Carrier-Grade SDN Controllers" in Proceedings of the Annual Computer Security Application Conference (ACSAC), December 2017.


J. Nam, H. Jo, Y. Kim, P.A. Porras, V. Yegneswaran, S. Shin, "Barista: An Event-centric NOS Composition Framework for Software-Defined Networks," in the IEEE Conference on Computer Communications, Honolulu, HI, USA, 2018.


H. Kang, S. Shin, V. Yegneswaran, S. Ghosh, P.A. Porras, "AEGIS: An Automated Permission Generation and Verification System for SDN," in Proceedings of the ACM SIGCOMM 2018 Workshop on Security in Softwarized Networks: Prospects and Challenges, Budapest, Hungary, Aug., 2018.


J. Nam, H. Jo, Y. Kim, P.A. Porras, V. Yegneswaran, S.Shin , "Operator-defined Reconfigurable Network OS for Software-Defined Networks," in the IEEE/ACM Journal of Transaction on Networking 2019.


T. Park, Y. Kim, V. Yegneswaran, P.A. Porras, Z. Xu, K. Park, S. Shin, "DPX: Data-Plane eXtensions for SDN Security Service Instantiation," in Proceedings of the 16th Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA 2019), Gothenburg, Sweden, June, 2019.


T. Park, Y. Kim, V. Yegneswaran, P.A. Porras, Z. Xu, K. Park, S. Shin, "DPX: Data-Plane eXtensions for SDN Security Service Instantiation," in Proceedings of the 16th Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA 2019), Gothenburg, Sweden, June, 2019.


V. Nagendra, V. Yegneswaran, P.A. Porras, and S. Das, "Coordinated Dataflow Protection for Ultra-High Bandwidth Science Networks," in Proceeding of the Annual Computer Security Application Conference (ACSAC), December 2019.


H. Kang, V. Yegneswaran, S. Ghoshz, P. Porras and S. Shin, "Automated permission model generation for securing SDN control-plane," in Proceeding of the IEEE Journal on Transactions on Information Forensics and Security, doi: 10.1109/TIFS.2019.2946928, 2019.


J. Nam, H. Jo, Y. Kim, P.A. Porras, V. Yegneswaran, S.Shin , "Operator-defined Reconfigurable Network OS for Software-Defined Networks," in IEEE/ACM Journal of Transaction on Networking 2019.


S. Lee, J.Kim, S.Woo, C.Yoon, S.S.Hayward, V.Yegneswaran, P.A. Porras, and S.Shin, "A Comprehensive Security Assessment Framework for Software-Defined Networks," in the IFIP Journal Computers and Secuity, January 2020.


S.Lee, S. Woo, J. Kim, V. Yegneswaran, P.A. Porras, S. Shin, "AudiSDN: Automated Detection of Network Policy Inconsistencies in Software-Defined Networks," in Proceedings of IEEE International Conference on Computer Communications, April 2020.


J. Nam, S. Lee, H. Seo, P.A. Porras, V. Yegneswaran, S. Shin "BASTION: A Security Enforcement Network Stack for Container Networks," in Proceeding of the 2020 USENIX Annual Technical Conference (USENIX ATC 20), July 2020.


J. Kim, J. Nam, S. Lee, V. Yegneswaran, P. Porras and S. Shin, "BottleNet: Hiding Network Bottlenecks Using SDN-Based Topology Deception," in the IEEE Transactions on Information Forensics and Security, vol. 16, pp. 3138-3153, 2021.


S. Lee, S. Woo, J. Kim, J. Nam, V. Yegneswaran, P.A. Porras, S. Shin, "A Framework for Policy Inconsistency Detection in Software-Defined Networks," in the Journal of the IEEE/ACM Transactions on Networking, January, 2022.


Publications