Advertisement

Security Classification Transmission Method Based on SDN in Industrial Networks

  • Jianming ZhaoEmail author
  • Wenli Shang
  • Zhoubin Liu
  • Zixiang Wang
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11068)

Abstract

Software Defined Networking (SDN) is a new type of network architecture, which provides an important way to implement automated network deployment and flexible management. However, security problems in SDN are also inevitable in industrial networks. In the research area of SDN security and traditional network security, feasibility and influence of defense in depth in industrial networks should thus be explored. In this paper, a security classification transmission method based on SDN in industrial networks is proposed, which provides a better security level of transmission paths. In the proposed method, the security classification transmission system is first presented. By designing five service mechanisms, including request, strategy generation, distribution/maintenance, updating/loading and execution, the security classification transmission service model is defined. In an experimental study, the proposed method is shown to be feasible in industrial heterogeneous networks and provide better security paths without affecting availability in the multi-domain and multi-nodes case of industrial networks.

Keywords

SDN Security classification transmission Service mechanisms Industrial network 

Notes

Acknowledgments

This work is supported by State Grid Science and Technology Project (Grant No. 52110118001H), the National Natural Science Foundation of China (Grant No. 61501447), the National Natural Science Foundation of China (Grant No. 61773368). The authors are grateful to the anonymous referees for their insightful comments and suggestions.

References

  1. 1.
    Singh, S., Jha, R.K.: A survey on software defined networking: architecture for next generation network. J. Netw. Syst. Manag. 25, 1–54 (2017)CrossRefGoogle Scholar
  2. 2.
    Scott-Hayward, S., O’Callaghan, G., Sezer, S.: SDN Security: A Survey Future Networks and Services, pp. 1–7. IEEE, Trento (2013)Google Scholar
  3. 3.
    Adami, D., Giordano, S., D’Amore, G., et al.: A new SDN traffic control application for security routing in critical infrastructures. In: The 13th International Joint Conference on e-Business and Telecommunications, pp. 129–138. SCITEPRESS-Science and Technology Publications, Lda (2016)Google Scholar
  4. 4.
    Shin, S., Wang, H., Gu, G.: A first step toward network security virtualization: from concept to prototype. IEEE Trans. Inf. Forensics Secur. 10(10), 2236–2249 (2015)CrossRefGoogle Scholar
  5. 5.
    Wang, M., Liu, J., Chen, J., et al.: Perm-guard: authenticating the validity of flow rules in software defined networking. J. Signal Process. Syst. 86(2–3), 1–17 (2016)Google Scholar
  6. 6.
    Binkui, L., Lei, Z., et al.: Security routing strategy based on switch level division in SDN. Appl. Res. Comput. 34(2), 522–525 (2017)Google Scholar
  7. 7.
    Henneke, D., Wisniewski, L., Jasperneite, J.: Analysis of realizing a future industrial network by means of Software-Defined Networking (SDN). In: IEEE World Conference on Factory Communication Systems, pp. 1–4. IEEE, Aveiro (2016)Google Scholar
  8. 8.
    Hussein, A., Elhajj, I.H., Chehab, A., Kayssi, A.: SDN security plane: an architecture for resilient security services. In: IEEE International Conference on Cloud Engineering Workshop, pp. 54–59. IEEE, Berlin (2016)Google Scholar
  9. 9.
    Yahya, W., Basuki, A., Jiang, J.R.: The extended dijkstra’s-based load balancing for openflow network. Int. J. Electr. Comput. Eng. 5(2), 289–296 (2015)Google Scholar
  10. 10.
    Singh, V.K., Nimisha, I.K.T.: Applications of maximal network flow problems in transportation and assignment problems. J. Math. Res. 2(1) (2010)Google Scholar
  11. 11.
    Mininet tools. http://mininet.org/. Accessed 11 Feb 2018
  12. 12.
    Project Floodlight. http://www.projectfloodlight.org/. Accessed 11 Feb 2018
  13. 13.
    Ming, W., Wenli, S., Peng, Z., et al.: Modbus/TCP communication access control method based on function code depth detection. Inf. Control 45(2), 248–256 (2016)Google Scholar
  14. 14.
    Rotsos, C., Sarrar, N., Uhlig, S., Sherwood, R., Moore, Andrew W.: OFLOPS: an open framework for openflow switch evaluation. In: Taft, N., Ricciato, F. (eds.) PAM 2012. LNCS, vol. 7192, pp. 85–95. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-28537-0_9CrossRefGoogle Scholar
  15. 15.
    Gelberger, A., Yemini, N., Ran, G.: Performance analysis of software-defined networking (SDN). In: IEEE International Symposium on Modelling, Analysis & Simulation of Computer and Telecommunication Systems, pp. 389–393. IEEE Computer Society, San Francisco (2013)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2018

Authors and Affiliations

  • Jianming Zhao
    • 1
    • 2
    Email author
  • Wenli Shang
    • 1
    • 2
  • Zhoubin Liu
    • 3
  • Zixiang Wang
    • 3
  1. 1.Shenyang Institute of AutomationChinese Academy of SciencesShenyangChina
  2. 2.Key Laboratory of Networked Control SystemsChinese Academy of SciencesShenyangChina
  3. 3.State Grid Zhejiang Electric Power Research InstituteHangzhouChina

Personalised recommendations