Leveraging SDN to improve the security of DHCP

Jacob H. Cox; Russell J. Clark; Henry L. Owen

doi:10.1145/2876019.2876028

Leveraging SDN to improve the security of DHCP

Jacob H. Cox, Russell J. Clark, Henry L. Owen

Computer & Cyber Sciences

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

13 Scopus citations

Abstract

Current State of the art technologies for detecting and neu- tralizing rogue DHCP servers are tediously complex and prone to error. Network operators can spend hours (even days) before realizing that a rogue server is affecting their network. Additionally, once network operators suspect that a rogue server is active on their network, even more hours can be spent & nding the server's MAC address and prevent- ing it from affecting other clients. Not only are such meth- ods slow to eliminate rogue servers, they are also likely to affect other clients as network operators shutdown services while attempting to locate the server. In this paper, we present Network Flow Guard (NFG), a simple security ap- plication that utilizes the software de& ned networking (SDN) paradigm of programmable networks to detect and disable rogue servers before they are able to affect network clients. Consequently, the key contributions of NFG are its modular approach and its automated detection/prevention of rogue DHCP servers, which is accomplished with little impact to network architecture, protocols, and network operators.

Original language	English (US)
Title of host publication	SDN-NFV Security 2016 - Proceedings of the 2016 ACM International Workshop on Security in Software Defined Networks and Network Function Virtualization, co-located with CODASPY 2016
Publisher	Association for Computing Machinery, Inc
Pages	35-38
Number of pages	4
ISBN (Electronic)	9781450340786
DOIs	https://doi.org/10.1145/2876019.2876028
State	Published - Mar 11 2016
Event	2016 ACM International Workshop on Security in Software Defined Networks and Network Function Virtualization, SDN-NFV Security 2016 - New Orleans, United States Duration: Mar 11 2016 → …

Publication series

Name	SDN-NFV Security 2016 - Proceedings of the 2016 ACM International Workshop on Security in Software Defined Networks and Network Function Virtualization, co-located with CODASPY 2016

Conference

Conference	2016 ACM International Workshop on Security in Software Defined Networks and Network Function Virtualization, SDN-NFV Security 2016
Country/Territory	United States
City	New Orleans
Period	3/11/16 → …

Keywords

DHCP
IDPS
Network security
Programmable networks
Rogue servers
SDN

ASJC Scopus subject areas

Computer Science Applications
Software
Information Systems

Access to Document

10.1145/2876019.2876028

Cite this

Cox, J. H., Clark, R. J., & Owen, H. L. (2016). Leveraging SDN to improve the security of DHCP. In SDN-NFV Security 2016 - Proceedings of the 2016 ACM International Workshop on Security in Software Defined Networks and Network Function Virtualization, co-located with CODASPY 2016 (pp. 35-38). (SDN-NFV Security 2016 - Proceedings of the 2016 ACM International Workshop on Security in Software Defined Networks and Network Function Virtualization, co-located with CODASPY 2016). Association for Computing Machinery, Inc. https://doi.org/10.1145/2876019.2876028

Leveraging SDN to improve the security of DHCP. / Cox, Jacob H.; Clark, Russell J.; Owen, Henry L.
SDN-NFV Security 2016 - Proceedings of the 2016 ACM International Workshop on Security in Software Defined Networks and Network Function Virtualization, co-located with CODASPY 2016. Association for Computing Machinery, Inc, 2016. p. 35-38 (SDN-NFV Security 2016 - Proceedings of the 2016 ACM International Workshop on Security in Software Defined Networks and Network Function Virtualization, co-located with CODASPY 2016).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Cox, JH, Clark, RJ & Owen, HL 2016, Leveraging SDN to improve the security of DHCP. in SDN-NFV Security 2016 - Proceedings of the 2016 ACM International Workshop on Security in Software Defined Networks and Network Function Virtualization, co-located with CODASPY 2016. SDN-NFV Security 2016 - Proceedings of the 2016 ACM International Workshop on Security in Software Defined Networks and Network Function Virtualization, co-located with CODASPY 2016, Association for Computing Machinery, Inc, pp. 35-38, 2016 ACM International Workshop on Security in Software Defined Networks and Network Function Virtualization, SDN-NFV Security 2016, New Orleans, United States, 3/11/16. https://doi.org/10.1145/2876019.2876028

Cox JH, Clark RJ, Owen HL. Leveraging SDN to improve the security of DHCP. In SDN-NFV Security 2016 - Proceedings of the 2016 ACM International Workshop on Security in Software Defined Networks and Network Function Virtualization, co-located with CODASPY 2016. Association for Computing Machinery, Inc. 2016. p. 35-38. (SDN-NFV Security 2016 - Proceedings of the 2016 ACM International Workshop on Security in Software Defined Networks and Network Function Virtualization, co-located with CODASPY 2016). doi: 10.1145/2876019.2876028

Cox, Jacob H. ; Clark, Russell J. ; Owen, Henry L. / Leveraging SDN to improve the security of DHCP. SDN-NFV Security 2016 - Proceedings of the 2016 ACM International Workshop on Security in Software Defined Networks and Network Function Virtualization, co-located with CODASPY 2016. Association for Computing Machinery, Inc, 2016. pp. 35-38 (SDN-NFV Security 2016 - Proceedings of the 2016 ACM International Workshop on Security in Software Defined Networks and Network Function Virtualization, co-located with CODASPY 2016).

@inproceedings{472bbb8ab06e4ba19ff0529d7089307e,

title = "Leveraging SDN to improve the security of DHCP",

abstract = "Current State of the art technologies for detecting and neu- tralizing rogue DHCP servers are tediously complex and prone to error. Network operators can spend hours (even days) before realizing that a rogue server is affecting their network. Additionally, once network operators suspect that a rogue server is active on their network, even more hours can be spent & nding the server's MAC address and prevent- ing it from affecting other clients. Not only are such meth- ods slow to eliminate rogue servers, they are also likely to affect other clients as network operators shutdown services while attempting to locate the server. In this paper, we present Network Flow Guard (NFG), a simple security ap- plication that utilizes the software de& ned networking (SDN) paradigm of programmable networks to detect and disable rogue servers before they are able to affect network clients. Consequently, the key contributions of NFG are its modular approach and its automated detection/prevention of rogue DHCP servers, which is accomplished with little impact to network architecture, protocols, and network operators.",

keywords = "DHCP, IDPS, Network security, Programmable networks, Rogue servers, SDN",

author = "Cox, {Jacob H.} and Clark, {Russell J.} and Owen, {Henry L.}",

note = "Publisher Copyright: {\textcopyright} 2016 ACM.; 2016 ACM International Workshop on Security in Software Defined Networks and Network Function Virtualization, SDN-NFV Security 2016 ; Conference date: 11-03-2016",

year = "2016",

month = mar,

day = "11",

doi = "10.1145/2876019.2876028",

language = "English (US)",

series = "SDN-NFV Security 2016 - Proceedings of the 2016 ACM International Workshop on Security in Software Defined Networks and Network Function Virtualization, co-located with CODASPY 2016",

publisher = "Association for Computing Machinery, Inc",

pages = "35--38",

booktitle = "SDN-NFV Security 2016 - Proceedings of the 2016 ACM International Workshop on Security in Software Defined Networks and Network Function Virtualization, co-located with CODASPY 2016",

}

TY - GEN

T1 - Leveraging SDN to improve the security of DHCP

AU - Cox, Jacob H.

AU - Clark, Russell J.

AU - Owen, Henry L.

PY - 2016/3/11

Y1 - 2016/3/11

N2 - Current State of the art technologies for detecting and neu- tralizing rogue DHCP servers are tediously complex and prone to error. Network operators can spend hours (even days) before realizing that a rogue server is affecting their network. Additionally, once network operators suspect that a rogue server is active on their network, even more hours can be spent & nding the server's MAC address and prevent- ing it from affecting other clients. Not only are such meth- ods slow to eliminate rogue servers, they are also likely to affect other clients as network operators shutdown services while attempting to locate the server. In this paper, we present Network Flow Guard (NFG), a simple security ap- plication that utilizes the software de& ned networking (SDN) paradigm of programmable networks to detect and disable rogue servers before they are able to affect network clients. Consequently, the key contributions of NFG are its modular approach and its automated detection/prevention of rogue DHCP servers, which is accomplished with little impact to network architecture, protocols, and network operators.

AB - Current State of the art technologies for detecting and neu- tralizing rogue DHCP servers are tediously complex and prone to error. Network operators can spend hours (even days) before realizing that a rogue server is affecting their network. Additionally, once network operators suspect that a rogue server is active on their network, even more hours can be spent & nding the server's MAC address and prevent- ing it from affecting other clients. Not only are such meth- ods slow to eliminate rogue servers, they are also likely to affect other clients as network operators shutdown services while attempting to locate the server. In this paper, we present Network Flow Guard (NFG), a simple security ap- plication that utilizes the software de& ned networking (SDN) paradigm of programmable networks to detect and disable rogue servers before they are able to affect network clients. Consequently, the key contributions of NFG are its modular approach and its automated detection/prevention of rogue DHCP servers, which is accomplished with little impact to network architecture, protocols, and network operators.

KW - DHCP

KW - IDPS

KW - Network security

KW - Programmable networks

KW - Rogue servers

KW - SDN

UR - http://www.scopus.com/inward/record.url?scp=84966570578&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84966570578&partnerID=8YFLogxK

U2 - 10.1145/2876019.2876028

DO - 10.1145/2876019.2876028

M3 - Conference contribution

AN - SCOPUS:84966570578

T3 - SDN-NFV Security 2016 - Proceedings of the 2016 ACM International Workshop on Security in Software Defined Networks and Network Function Virtualization, co-located with CODASPY 2016

SP - 35

EP - 38

BT - SDN-NFV Security 2016 - Proceedings of the 2016 ACM International Workshop on Security in Software Defined Networks and Network Function Virtualization, co-located with CODASPY 2016

PB - Association for Computing Machinery, Inc

T2 - 2016 ACM International Workshop on Security in Software Defined Networks and Network Function Virtualization, SDN-NFV Security 2016

Y2 - 11 March 2016

ER -

Leveraging SDN to improve the security of DHCP

Abstract

Publication series

Conference

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this