ENHANCING SECURITY OF
THE NEXT GENERATION
NETWORKING TECHNOLOGY

RECENT RESEARCHES

ONOS-SECURITY-MODE

ONOS provides “useful Northbound abstractions and APIs to enable easier application development”. Such abstractions and APIs are not only easy to use but also powerful as they basically allow ONOS applications to do anything desired, and it is indeed necessary to grant such a powerful authority to applications to offer as much network programmability as possible. Such powerful capabilities of ONOS applications may introduce potential misuse opportunities or software failures, and eventually affect the behavior of the managed network. In the case of the network with certain requirements (e.g., mission-critical networks), the network operators may want to configure the controller environment to be a bit more conservative by restricting the capability of the applications. For those who wish to configure ONOS to behave in a conservative manner, we propose two features that could be applied to ONOS.

Delta

In this project, we focus on the vulnerabilities of SDN network environments and aim to systematize or characterize existing vulnerabilities motivated by above questions. Also, besides existing the vulnerabilities, we are trying to find some new vulnerabilities that have not been reported yet. With such out effort, we could disclose some new vulnerabilities, which means that we seriously need to scrutinize the security problems of ongoing SDN techniques. These vulnerabilities explicitly call for the need to develop secure SDN environments.

ROSEMARY

In this project, we focus on the question of control layer resilience, when rapidly developed prototype network applications go away, or third-party network applications incorporate unexpected vulnerabilities, fatal instabilities, or even malicious logic. To address these concerns we present the ROSEMARY controller, which implements a network application containment and resilience strategy based around the notion of spawning applications independently within a micro-NOS. ROSEMARY distinguishes itself by its blend of process containment, resource utilization monitoring, and an application permission structure, all designed to prevent common failures of network applications from halting operation of the SDN Stack. ROSEMARY offers a competitive performance advantage over the majority of other controllers.

About NSS.

Research Areas
Network
System
Security

Our laboratory studies network and system security.
Currently, our research interests are largely divided into three. We mainly research on Software-Defined-Network(SDN), also with regard to research mobile system security and botnet.

  • SDN / NFV / IOT
  • Mobile System Security
  • Botnet Analysis and Detection

Our Members

Uploaded image

Seungwon Shin

Faculty
Uploaded image

Jaehyun Nam

PH. D. Student
Uploaded image

Seunghyeon Lee

PH. D. Student
Uploaded image

Changhoon Yoon

PH. D. Student
Uploaded image

Taejune Park

PH. D. Student
Uploaded image

Heedo Kang

PH. D. Student
Uploaded image

Seungsoo Lee

PH. D. Student
Uploaded image

Yeonkeun Kim

PH. D. Student
Uploaded image

Hwanjo Heo

PH. D. Student
Uploaded image

Chanhee Lee

Master Student
Uploaded image

Hyeonsung Jo

Master Student
Uploaded image

Jinwoo Kim

Master Student
Uploaded image

Kwangjoon Yang

Master Student

CONTACT US