-
公开(公告)号:US20230044281A1
公开(公告)日:2023-02-09
申请号:US17558980
申请日:2021-12-22
Inventor: Seungwon Shin , Jinwoo Kim , Minjae Seo
Abstract: A protocol state fuzzing method for security of a control plane of a distributed software-defined network is provided. The protocol state fuzzing method includes receiving input alphabets being abstract symbols of a protocol message in an ambusher of a distributed network operating system (NOS), converting the input alphabets into the protocol message, and sending the protocol message to a cluster, monitoring, by the cluster, intercommunication between instances in the distributed NOS, and selecting a set of sequences executable in the cluster and searching a cluster log for an output by executing the sequence to generate an attack result.
-
公开(公告)号:US11005887B2
公开(公告)日:2021-05-11
申请号:US16159297
申请日:2018-10-12
Inventor: Seungwon Shin , Jinwoo Kim
IPC: G06F21/56 , G06F21/14 , H04L29/06 , H04L12/715 , G06F21/62
Abstract: The present invention which relates to HoneyNet method, system, and computer program for mitigating link flooding attacks by exposing Honey Topology in SDN (Software Defined Networking) includes a Honey Node detecting unit configured to detect Honey Node Set of static metric and dynamic metric calculating from a SDN controller and OF (OpenFlow), a Honey Topology generating unit configured to arrange Honey Topology by applying probability model for the Honey Node Set, and an access determining unit configured to detect packet-in triggered to a Honey Node, and control transmission of packet to the Honey Topology from the Honey Node.
-
公开(公告)号:US12126632B2
公开(公告)日:2024-10-22
申请号:US17558980
申请日:2021-12-22
Inventor: Seungwon Shin , Jinwoo Kim , Minjae Seo
IPC: H04L9/40 , G06F9/448 , G06F18/214 , H04L41/02
CPC classification number: H04L63/1416 , G06F9/4498 , G06F18/214 , H04L41/024 , H04L63/1425 , H04L63/1433
Abstract: A protocol state fuzzing method for security of a control plane of a distributed software-defined network is provided. The protocol state fuzzing method includes receiving input alphabets being abstract symbols of a protocol message in an ambusher of a distributed network operating system (NOS), converting the input alphabets into the protocol message, and sending the protocol message to a cluster, monitoring, by the cluster, intercommunication between instances in the distributed NOS, and selecting a set of sequences executable in the cluster and searching a cluster log for an output by executing the sequence to generate an attack result.
-
公开(公告)号:US11032159B2
公开(公告)日:2021-06-08
申请号:US16727486
申请日:2019-12-26
Inventor: Seungwon Shin , Jaehyun Nam , JunSik Seo
Abstract: The inventive concept described herein relates to a performance analysis apparatus of VNF in a NFV platform and a method thereof that may analyze the performance of VNFs in an NFV platform and a factor that causes the performance to be degraded. A performance analysis apparatus of VNF that analyzes performance of the VNF within a NFV platform includes an NFV environment constituting unit generating a service chain composed of VNFs, using a VNF policy configuration of the VNF and configured to deploy the VNFs corresponding to the service chain in the NFV platform, a performance monitoring unit monitoring internal forms of the VNFs by measuring a performance feature of each component within the NFV platform and a performance feature for the service chain, and an analysis unit specifying a performance degradation VNF that degrades performance in the service chain to derive a cause.
-
公开(公告)号:US10609055B2
公开(公告)日:2020-03-31
申请号:US15498967
申请日:2017-04-27
Inventor: Seungwon Shin , Seunghyeon Lee , Jinwoo Kim
Abstract: A method, an apparatus, and a computer program for detecting network anomaly in a distributed software defined networking (SDN) environment. The method includes collecting a control message from a distributed SDN controller and generating network characteristic information using the control message. The network characteristic information includes statistic information or event information included in the control message, new calculation information calculated using the statistic information or the event information, and network stateful information. The method, the apparatus, and the computer program for detecting network anomaly have high utilization, scalability, availability, and distribution properties to a user by supporting a variety of functions for detecting network anomaly in the SDN environment and providing a high-level API to the user.
-
Patent Agency Ranking
6.发明授权公开(公告)号:US10333792B2
公开(公告)日:2019-06-25
申请号:US15367251
申请日:2016-12-02
Inventor: Seungwon Shin , Jaehyun Nam , Hyeonseong Jo , Yeonkeun Kim
IPC: G06F15/173 , H04L12/24 , G06F16/955 , H04L12/26
Abstract: Disclosed are a modular controller and an operating method thereof. An operating method of a modular controller having a plurality of modules in a software-defined network environment includes generating a first event including a message that is received from a network device, transmitting the first event to an event handler, transmitting the first event to the plurality of modules from the event handler, determining whether the first event is identical to a target event in event type through the plurality of modules that receive the first event, and performing a function of a first module, which corresponds to the identity between the first event and the target event, by using the first event. A network manager is able to easily form a controller with various functions such as performance enhancement and security enhancement at need, facilitating combination and separation of different modules in a controller.
-
公开(公告)号:US10200445B2
公开(公告)日:2019-02-05
申请号:US15496346
申请日:2017-04-25
Inventor: Seungwon Shin , Heedo Kang , Seungsoo Lee , Changhoon Yoon
Abstract: A method, an apparatus, and a computer program for analyzing performance of a network application program are provided. The method for analyzing performance of a network application program which operates at a controller in a software defined networking (SDN) environment may include receiving identification information of the application program, flow information, and network configuration information of a network controlled by the controller, emulating a virtual network using the network configuration information, executing the virtual network using the flow information, measuring a time, when a virtual controller processes a flow, on a function basis, extracting information corresponding to the identification information of the application program from the measured result, and analyzing a performance degradation factor of the application program using the extracted information. According to an embodiment, a network manager automatically searches for a critical path and a hotspot using a conventional profiling scheme.
-
公开(公告)号:US20180241670A1
公开(公告)日:2018-08-23
申请号:US15886076
申请日:2018-02-01
Inventor: Seungwon Shin , Taejune Park , Yeonkeun Kim
IPC: H04L12/741 , H04L29/06 , G06F17/30
CPC classification number: H04L45/74 , G06F16/353 , H04L45/38 , H04L69/22
Abstract: A software switch for providing a network function and an operation method thereof are provided. The software switch includes an extraction unit configured to, when a packet is received, extract packet header information from the received packet, a search unit configured to search for an identical flow rule among pre-determined flow rules based on the extracted packet header information, a performance unit configured to, when the identical flow rule is found, execute actions in which a network function for the found flow rule is previously defined, and a transmission unit configured to transmit a packet in which the actions are executed to a destination.
-
公开(公告)号:US20210211408A1
公开(公告)日:2021-07-08
申请号:US17125551
申请日:2020-12-17
Inventor: Phillip A. Porras , Vinod Yegneswaran , Jaehyun Nam , Seungwon Shin
Abstract: A method, apparatus and system for providing security for a container network having a plurality of containers includes establishing a network stack for each of the plurality of containers of the container network, determining network and policy information from active containers, based on a set of pre-determined inter-container dependencies for the plurality of containers learned from the determined network and policy information, configuring container access in the container network to be limited to only containers of the plurality of containers that are relevant to a respective communication, and configuring inter-container traffic in the container network to be directed only from a source container into a destination container in a point-to-point manner such that exposure of the inter-container traffic to peer containers is prevented.
-
10.发明申请公开(公告)号:US20190132360A1
公开(公告)日:2019-05-02
申请号:US16159297
申请日:2018-10-12
Inventor: Seungwon Shin , Jinwoo Kim
IPC: H04L29/06
Abstract: The present invention which relates to HoneyNet method, system, and computer program for mitigating link flooding attacks by exposing Honey Topology in SDN (Software Defined Networking) includes a Honey Node detecting unit configured to detect Honey Node Set of static metric and dynamic metric calculating from a SDN controller and OF (OpenFlow), a Honey Topology generating unit configured to arrange Honey Topology by applying probability model for the Honey Node Set, and an access determining unit configured to detect packet-in triggered to a Honey Node, and control transmission of packet to the Honey Topology from the Honey Node.
-
-
-
-
-
-
-
-
-
Search Results
11
records
(took 0.02 seconds)
