Ph.D. started in: 2016
Expected year of graduation: 2020
COINS consortium member: University of Oslo
Supervised by: Paal Engelstad
Research area: Network Security
Project title: Software-Defined Networking Policy Conflict Detection: a holistic approach
Project description: Software-defined networking is a promising solution to encounter the current weakness of IP network’s infrastructure. The main idea behind SDN is to separate the logical control layer from the data forwarding layer. The complexity of network policies would be higher in software-defined networking due to the fact that a network administrator should care about the different type of policies in disparate zones and varied appliances such as load balancers, intrusion detection and prevention systems, firewalls, etc. Additionally, these network devices and middle-boxes could have distinct priority in each zone or architecture.
According to the Software-defined networking concept, which is making network configuration and management simpler and more reliable, detecting misconfiguration or policy conflict plays a major role in the future of this paradigm. Especially, when the devices’ diversity and level of architecture complexity in SDN are higher than traditional networks.
Unfortunately, there is not any accurate definition for anomalies in network policies. Different research efforts to this field try to present specific types of conflicts that took place in some part of network or after a sequence of events. Definitions of conflicts in some research efforts sometimes are quite different from the definitions in other ones. The situation is even worse for the SDN environment. New aspects of network management and configuring variant type of devices are included. As a result, there is no comprehensive definition for all types of anomalies.
In this project, we want to present a comprehensive anomaly definition and then propose a method for detect and solve them.