Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

Security Analysis of SDN WAN Applications - B4 and IWAN

: Jain, R.; Khondoker, R.


Khondoker, R.:
SDN and NFV Security. Security Analysis of Software-Defined Networking and Network Function Virtualization
Cham: Springer International Publishing, 2018 (Lecture Notes in Networks and Systems 30)
ISBN: 978-3-319-71760-9 (Print)
ISBN: 978-3-319-71761-6 (Online)
Book Article
Fraunhofer SIT ()

Software defined applications for WAN (Wide Area Network) are primarily designed to manage and deploy enterprise WAN infrastructure. SDN controller feature helps an organization to automate complex WAN configuration and route data efficiently among its remote sites from a centralized point. Recently various vendors have stepped in this market and claim their product to be the solution for WAN management problems. However, automating the network through a centralized controller makes the network a handy target for attackers to exploit. Compromising the controller or its application can pose serious threat to network devices and traffic flow. This motivated us to study the vulnerabilities of two such SDN WAN applications—Google’s B4 and Cisco’s IWAN . For the analysis, we used the Microsoft’s threat analysis method called STRIDE . In the analysis, we found out that both B4 and IWAN might suffer from security threats like Spoofing , Tampering, Information Disclosure and Denial of Service (DoS) and each vulnerability found in the application using STRIDE threat model, can be mitigated using available IT security mechanisms.