City Research Online - Reactive Security for SDN/NFV-enabled Industrial Networks leveraging Service Function Chaining

Reactive Security for SDN/NFV-enabled Industrial Networks leveraging Service Function Chaining

Petroulakis, N. E., Fysarakis, K., Askoxylakis, I. G. & Spanoudakis, G. (2017). Reactive Security for SDN/NFV-enabled Industrial Networks leveraging Service Function Chaining. Transactions on Emerging Telecommunications Technologies, 29(7), article number e3269. doi: 10.1002/ett.3269

Abstract

The innovative application of 5G core technologies, namely Software Defined Networking (SDN) and Network Function Virtualization (NFV), can help reduce capital and operational expenditures in industrial networks. Nevertheless, SDN expands the attack surface of the communication infrastructure, thus necessitating the introduction of additional security mechanisms. These major changes could not leave the industrial environment unaffected, with smart industrial deployments gradually becoming a reality; a trend that is often referred to as the 4th industrial revolution or Industry 4.0. A wind park is a good example of an industrial application relying on a network with strict performance, security, and reliability requirements, and was chosen as a representative example of industrial systems. This work highlights the benefit of leveraging the flexibility of SDN/NFV-enabled networks to deploy enhanced, reactive security mechanisms for the protection of the industrial network, via the use of Service Function Chaining. Moreover, the implementation of a proof-of-concept reactive security framework for an industrial-grade wind park network is presented, along with a performance evaluation of the proposed approach. The framework is equipped with SDN and Supervisory Control and Data Acquisition (SCADA) honeypots, modelled on and deployable to the wind park, allowing continuous monitoring of the industrial network and detailed analysis of potential attacks, thus isolating attackers and enabling the assessment of their level of sophistication. Moreover, the applicability of the proposed solutions is assessed in the context of the specific industrial application, based on the analysis of the network characteristics and requirements of an actual, operating wind park.

Publication Type:	Article
Additional Information:	This is the peer reviewed version of the following article: Petroulakis, N. E., Fysarakis, K., Askoxylakis, I. G. & Spanoudakis, G. (2017). Reactive Security for SDN/NFV-enabled Industrial Networks leveraging Service Function Chaining. Transactions on Emerging Telecommunications Technologies, which has been published in final form at http://dx.doi.org/10.1002/ett.3269. This article may be used for non-commercial purposes in accordance with Wiley Terms and Conditions for Self-Archiving.
Departments:	School of Science & Technology > Engineering
SWORD Depositor:	Symplectic Administrator

Preview

Text - Accepted Version
Download (2MB) | Preview

Official URL: http://onlinelibrary.wiley.com/journal/10.1002/(IS...

Export

Downloads

Downloads per month over past year

View more statistics

Metadata

Altmetric

CORE (COnnecting REpositories)

Actions (login required)

Admin Login

Creators:	Petroulakis, N. E. Fysarakis, K. Askoxylakis, I. G. Spanoudakis, G.
Status:	Published
Refereed:	Yes
Journal or Publication Title:	Transactions on Emerging Telecommunications Technologies
Publisher:	Wiley
ISSN:	2161-3915
e-ISSN:	2161-3915
URI:	https://openaccess.city.ac.uk/id/eprint/18581
Date available in CRO:	01 Dec 2017 10:52
Date deposited:	1 December 2017
Dates:	Date Event 8 November 2017 Accepted 15 December 2017 Published Online