1.
Javier R Franco, Ahmet Aris, Leonardo Babun, Selcuk Uluagac
S-Pot: A Smart Honeypot Framework with Dynamic Rule Configuration for SDN Conference Paper
In the Proceedings of the 37th IEEE Global Communications Conference (GLOBECOM), Rio de Janeiro, Brazil, 2022.
Abstract | Links | BibTeX | Tags: Honeypot/Honeynet, SDN Security
@conference{franco2022s-pot,
title = {S-Pot: A Smart Honeypot Framework with Dynamic Rule Configuration for SDN},
author = {Javier R Franco and Ahmet Aris and Leonardo Babun and Selcuk Uluagac},
url = {https://ieeexplore.ieee.org/abstract/document/10000682/},
year = {2022},
date = {2022-12-01},
urldate = {2022-12-01},
booktitle = {In the Proceedings of the 37th IEEE Global Communications Conference (GLOBECOM)},
address = {Rio de Janeiro, Brazil},
abstract = {Enterprise networks are becoming increasingly heterogeneous where enterprise devices and IoT devices coexist, requiring tools for effective management and security. Software Defined Networking (SDN) has emerged in response to such needs of modern networks. SDN lacks adequate security features and Intrusion Detection and Protection Systems (IDPS) have been used to protect SDN from attacks. However, they have limited knowledge of zero day attacks. Machine Learning (ML) has become a valuable tool against these limitations and improve (SDN) network security. However, the solutions that solely rely on ML can struggle to discriminate benign traffic from malicious, and suffer from false negatives. To solve these problems and improve security of SDN-based enterprise networks, we propose S-Pot, an open-source smart honeypot framework. S-Pot uses enterprise and IoT honeypots to attract attackers},
keywords = {Honeypot/Honeynet, SDN Security},
pubstate = {published},
tppubtype = {conference}
}
Enterprise networks are becoming increasingly heterogeneous where enterprise devices and IoT devices coexist, requiring tools for effective management and security. Software Defined Networking (SDN) has emerged in response to such needs of modern networks. SDN lacks adequate security features and Intrusion Detection and Protection Systems (IDPS) have been used to protect SDN from attacks. However, they have limited knowledge of zero day attacks. Machine Learning (ML) has become a valuable tool against these limitations and improve (SDN) network security. However, the solutions that solely rely on ML can struggle to discriminate benign traffic from malicious, and suffer from false negatives. To solve these problems and improve security of SDN-based enterprise networks, we propose S-Pot, an open-source smart honeypot framework. S-Pot uses enterprise and IoT honeypots to attract attackers
2.
Abdullah Aydeger, Nico Saputro, Kemal Akkaya, Selcuk Uluagac
SDN-enabled recovery for Smart Grid teleprotection applications in post-disaster scenarios Journal Article
Journal of Network and Computer Applications, 2019.
Abstract | BibTeX | Tags: SDN Security
@article{aydeger2019sdn,
title = {SDN-enabled recovery for Smart Grid teleprotection applications in post-disaster scenarios},
author = {Abdullah Aydeger and Nico Saputro and Kemal Akkaya and Selcuk Uluagac},
year = {2019},
date = {2019-01-01},
urldate = {2019-01-01},
journal = {Journal of Network and Computer Applications},
publisher = {Elsevier},
abstract = {Maintaining Smart Grid communications is crucial for providing power services. This requires a resilient communication architecture that can instantly self-repair any failures in the communication links or routes. Emerging Software Defined Networking (SDN) technology provides excellent flexibilities that can be applied to critical power grid applications. In this paper, we consider the problem of link failures in inter-substation communications and provide self-recovery by relying on wireless links that can be the only viable means for communication after disasters. Specifically, we propose an autonomous framework, which can not only detect link failures, but also establish either a WiFi or LTE-based link among substations through SDN capabilities. To be able to effectively evaluate the performance of this proposed SDN-enabled framework, we developed it in Mininet emulator. },
keywords = {SDN Security},
pubstate = {published},
tppubtype = {article}
}
Maintaining Smart Grid communications is crucial for providing power services. This requires a resilient communication architecture that can instantly self-repair any failures in the communication links or routes. Emerging Software Defined Networking (SDN) technology provides excellent flexibilities that can be applied to critical power grid applications. In this paper, we consider the problem of link failures in inter-substation communications and provide self-recovery by relying on wireless links that can be the only viable means for communication after disasters. Specifically, we propose an autonomous framework, which can not only detect link failures, but also establish either a WiFi or LTE-based link among substations through SDN capabilities. To be able to effectively evaluate the performance of this proposed SDN-enabled framework, we developed it in Mininet emulator.
3.
Abdullah Aydeger, Nico Saputro, Kemal Akkaya, Selcuk Uluagac
Assessing the overhead of authentication during SDN-enabled restoration of smart grid inter-substation communications Conference Paper
In the Proceedings of the 15th IEEE Annual Consumer Communications & Networking Conference (CCNC), 2018.
Abstract | Links | BibTeX | Tags: Authentication, SDN Security
@conference{Aydeger2018AuthOverheadb,
title = {Assessing the overhead of authentication during SDN-enabled restoration of smart grid inter-substation communications},
author = {Abdullah Aydeger and Nico Saputro and Kemal Akkaya and Selcuk Uluagac},
url = {https://ieeexplore.ieee.org/abstract/document/8319206},
year = {2018},
date = {2018-01-01},
urldate = {2018-01-01},
publisher = {In the Proceedings of the 15th IEEE Annual Consumer Communications & Networking Conference (CCNC)},
abstract = {Since real-time and resilient recovery of link failures is crucial for power grid infrastructure to continue its services, emerging technologies such as Software Defined Networking (SDN) has started to be employed for such purposes. SDN switches can be remotely controlled to change their configurations by exploiting the wireless communication options. However, when wireless is to be used in Smart Grid communications, security and reliability become important issues due to the specific characteristics of wireless communications. This paper investigates the overhead of providing such services on wireless links when SDN is utilized. Specifically, we consider the establishment of authentication services when wireless back-up links (i.e., WiFi or LTE) are employed as a result of a reactive link failure detection mechanism. To the best of our knowledge, this work is the first to consider authentication of such an SDN-enabled Smart Grid inter-substation communication with WiFi and LTE. To be able to effectively evaluate the performance of this proposed SDN-enabled framework, we developed it in Mininet emulator. Since Mininet does not support the authentication services for WiFi or LTE, we proposed several novel extensions to Mininet by integrating it with ns-3 simulator that supports the LTE/WiFi protocol stacks. We conducted extensive experiments by considering a general application using Smart Grid Manufacturing Message Specification (MMS) standard to assess the recovery performance of the proposed secure SDN-enabled recovery system. The results show that when authentication and reliable protocols such as TCP are to be employed, the proposed framework can still meet the deadlines of 100 ms with WiFi while LTE misses only a few packets.},
keywords = {Authentication, SDN Security},
pubstate = {published},
tppubtype = {conference}
}
Since real-time and resilient recovery of link failures is crucial for power grid infrastructure to continue its services, emerging technologies such as Software Defined Networking (SDN) has started to be employed for such purposes. SDN switches can be remotely controlled to change their configurations by exploiting the wireless communication options. However, when wireless is to be used in Smart Grid communications, security and reliability become important issues due to the specific characteristics of wireless communications. This paper investigates the overhead of providing such services on wireless links when SDN is utilized. Specifically, we consider the establishment of authentication services when wireless back-up links (i.e., WiFi or LTE) are employed as a result of a reactive link failure detection mechanism. To the best of our knowledge, this work is the first to consider authentication of such an SDN-enabled Smart Grid inter-substation communication with WiFi and LTE. To be able to effectively evaluate the performance of this proposed SDN-enabled framework, we developed it in Mininet emulator. Since Mininet does not support the authentication services for WiFi or LTE, we proposed several novel extensions to Mininet by integrating it with ns-3 simulator that supports the LTE/WiFi protocol stacks. We conducted extensive experiments by considering a general application using Smart Grid Manufacturing Message Specification (MMS) standard to assess the recovery performance of the proposed secure SDN-enabled recovery system. The results show that when authentication and reliable protocols such as TCP are to be employed, the proposed framework can still meet the deadlines of 100 ms with WiFi while LTE misses only a few packets.
4.
Kemal Akkaya, A Selcuk Uluagac, Abdullah Aydeger, Apurva Mohan
Secure Software Defined Networking Architectures for The Smart Grid Journal Article
Smart Grid-Networking, Data Management, and Business Models Book, 2017.
Abstract | Links | BibTeX | Tags: CPS Security, SDN Security, Smart Home Security
@article{AkkayaSecureSmart,
title = {Secure Software Defined Networking Architectures for The Smart Grid},
author = {Kemal Akkaya and A Selcuk Uluagac and Abdullah Aydeger and Apurva Mohan},
url = {https://www.taylorfrancis.com/chapters/edit/10.1201/b19664-3/secure-software-defined-networking-architectures-smart-grid-kemal-akkaya-selcuk-uluagac-abdullah-aydeger-apurva-mohan},
year = {2017},
date = {2017-01-01},
urldate = {2017-01-01},
journal = {Smart Grid-Networking, Data Management, and Business Models Book},
abstract = {This chapter summarizes the use of software-defined networking (SDN) for various applications in the smart grid. It explains how SDN can be utilized in the applications, describes potential security threats that can arise as a result of deploying SDN in these applications, and suggests solutions to alleviate the threats. The chapter explores the ample unique research challenges within an SDN-enabled smart grid infrastructure and provides some background on SDN. It examines how several smart grid applications can exploit SDN by summarizing the existing efforts and discusses the security issues with SDN and potential security threats related to smart grid-enabled SDN. The SDN-enabled networks become more flexible and accessible networks with software interfaces making it very convenient for network management. SDN can provide more fine-grained control on traffic compared to traditional networks. SDN enables innovation on the network and each transmission control protocol/Internet protocol layer might have an independent innovation.},
keywords = {CPS Security, SDN Security, Smart Home Security},
pubstate = {published},
tppubtype = {article}
}
This chapter summarizes the use of software-defined networking (SDN) for various applications in the smart grid. It explains how SDN can be utilized in the applications, describes potential security threats that can arise as a result of deploying SDN in these applications, and suggests solutions to alleviate the threats. The chapter explores the ample unique research challenges within an SDN-enabled smart grid infrastructure and provides some background on SDN. It examines how several smart grid applications can exploit SDN by summarizing the existing efforts and discusses the security issues with SDN and potential security threats related to smart grid-enabled SDN. The SDN-enabled networks become more flexible and accessible networks with software interfaces making it very convenient for network management. SDN can provide more fine-grained control on traffic compared to traditional networks. SDN enables innovation on the network and each transmission control protocol/Internet protocol layer might have an independent innovation.
5.
Abdullah Aydeger, Kemal Akkaya, Mehmet H. Cintuglu, A. Selcuk Uluagac, Osama Mohammed
Software defined networking for resilient communications in Smart Grid active distribution networks Conference Paper
In the Proceedings of the IEEE International Conference on Communications (ICC), 2016.
Abstract | Links | BibTeX | Tags: Network Security, SDN Security
@conference{AydegerSoftwareIEEEICC,
title = {Software defined networking for resilient communications in Smart Grid active distribution networks},
author = {Abdullah Aydeger and Kemal Akkaya and Mehmet H. Cintuglu and A. Selcuk Uluagac and Osama Mohammed},
url = {https://ieeexplore.ieee.org/document/7511049},
year = {2016},
date = {2016-01-01},
urldate = {2016-01-01},
booktitle = {In the Proceedings of the IEEE International Conference on Communications (ICC)},
abstract = {Emerging Software Defined Networking (SDN) technology provides excellent flexibility to large-scale networks in terms of control, management, security, and maintenance. In this paper, we propose an SDN-based communication infrastructure for Smart Grid distribution networks among substations. A Smart Grid communication infrastructure consists of a large number of heterogenous devices that exchange real-time information for monitoring the status of the grid. We then investigate how SDN-enabled Smart Grid infrastructure can provide resilience to active distribution substations with self-recovery. Specifically, by introducing redundant and wireless communication links that can be used during the emergencies, we show that SDN controllers can be effective for restoring the communication while providing a lot of flexibility. Furthermore, to be able to effectively evaluate the performance of the proposed work in terms of various fine-grained network metrics, we developed a Mininet-based testing framework and integrated it with ns-3 network simulator. Finally, we conducted experiments by using actual Smart Grid communication data to assess the recovery performance of the proposed SDN-based system. The results show that SDN is a viable technology for the Smart Grid communications with almost negligible delays in switching to backup wireless links during the times of link failures in reliable fashion.},
keywords = {Network Security, SDN Security},
pubstate = {published},
tppubtype = {conference}
}
Emerging Software Defined Networking (SDN) technology provides excellent flexibility to large-scale networks in terms of control, management, security, and maintenance. In this paper, we propose an SDN-based communication infrastructure for Smart Grid distribution networks among substations. A Smart Grid communication infrastructure consists of a large number of heterogenous devices that exchange real-time information for monitoring the status of the grid. We then investigate how SDN-enabled Smart Grid infrastructure can provide resilience to active distribution substations with self-recovery. Specifically, by introducing redundant and wireless communication links that can be used during the emergencies, we show that SDN controllers can be effective for restoring the communication while providing a lot of flexibility. Furthermore, to be able to effectively evaluate the performance of the proposed work in terms of various fine-grained network metrics, we developed a Mininet-based testing framework and integrated it with ns-3 network simulator. Finally, we conducted experiments by using actual Smart Grid communication data to assess the recovery performance of the proposed SDN-based system. The results show that SDN is a viable technology for the Smart Grid communications with almost negligible delays in switching to backup wireless links during the times of link failures in reliable fashion.
6.
Abdullah Aydeger, Kemal Akkaya, A. Selcuk Uluagac
SDN-based resilience for smart grid communications Conference Paper
In the Proceedings of the IEEE Conference on Network Function Virtualization and Software Defined Network (NFV-SDN), 2015.
Abstract | Links | BibTeX | Tags: SDN Security
@conference{AydegerSDNIEEE,
title = {SDN-based resilience for smart grid communications},
author = {Abdullah Aydeger and Kemal Akkaya and A. Selcuk Uluagac},
url = {https://ieeexplore.ieee.org/abstract/document/7387401},
year = {2015},
date = {2015-01-01},
urldate = {2015-01-01},
booktitle = {In the Proceedings of the IEEE Conference on Network Function Virtualization and Software Defined Network (NFV-SDN)},
abstract = {With the recent advances in SDN-based technologies, there is a great interest from different communities to exploit SDN for their domain needs. One of such domains is Smart Grid where the underlying network is going through a massive upgrade to enable not only faster and reliable communications but also convenient control. To this end, SDN can be a viable option to provide resilience in Smart Grid SCADA and distribution networks. In this demo, we present such an opportunity by utilizing SDN for redundant communications. Specifically, we introduce multiple connection interfaces among distribution substations. In case of any failures of the wired connection, the backup connection that uses a wireless interface will be enabled by using an Open Daylight SDN controller. To be able to show this, we integrate a network simulator, namely, ns-3 with Mininet.},
keywords = {SDN Security},
pubstate = {published},
tppubtype = {conference}
}
With the recent advances in SDN-based technologies, there is a great interest from different communities to exploit SDN for their domain needs. One of such domains is Smart Grid where the underlying network is going through a massive upgrade to enable not only faster and reliable communications but also convenient control. To this end, SDN can be a viable option to provide resilience in Smart Grid SCADA and distribution networks. In this demo, we present such an opportunity by utilizing SDN for redundant communications. Specifically, we introduce multiple connection interfaces among distribution substations. In case of any failures of the wired connection, the backup connection that uses a wireless interface will be enabled by using an Open Daylight SDN controller. To be able to show this, we integrate a network simulator, namely, ns-3 with Mininet.
7.
Kemal Akkaya, A. Selcuk Uluagac, Abdullah Aydeger
Software defined networking for wireless local networks in Smart Grid Conference Paper
In the Proceedings of the 40th IEEE Local Computer Networks Conference Workshops (LCN Workshops), 2015.
Abstract | Links | BibTeX | Tags: Network Security, SDN Security
@conference{AkkayaSofrwareIEEELCN,
title = {Software defined networking for wireless local networks in Smart Grid},
author = {Kemal Akkaya and A. Selcuk Uluagac and Abdullah Aydeger},
url = {https://ieeexplore.ieee.org/document/7365934},
year = {2015},
date = {2015-01-01},
urldate = {2015-01-01},
booktitle = {In the Proceedings of the 40th IEEE Local Computer Networks Conference Workshops (LCN Workshops)},
abstract = {Emerging Software Defined Networking (SDN) technology has provided excellent flexibility to large-scale networks in terms of control, management, security, and maintenance. With SDN, network architectures can be deployed and maintained with ease. New trends in computing (e.g., cloud computing, data centers, and virtualization) can seamlessly be integrated with the SDN architecture. On the other hand, recent years witnessed a tremendous growth in the upgrade and modernization of the critical infrastructure networks, namely the Smart-Grid, in terms of its underlying communication infrastructure. From Supervisory Control and Data Acquisition (SCADA) systems to Advanced Metering Infrastructure (AMI), an increasing number of networking devices are being deployed to connect all the local network components of the Smart Grid together. Such large local networks requires significant effort in terms of network management and security, which is costly in terms of labor and hardware upgrades. SDN would be a perfect candidate technology to alleviate the costs while providing fine-grained control of this critical network infrastructure. Hence, in this paper, we explore the potential utilization of the SDN technology over the Smart Grid communication architecture. Specifically, we introduce three novel SDN deployment scenarios in local networks of Smart Grid. Moreover, we also investigate the pertinent security aspects with each deployment scenario along with possible solutions.},
keywords = {Network Security, SDN Security},
pubstate = {published},
tppubtype = {conference}
}
Emerging Software Defined Networking (SDN) technology has provided excellent flexibility to large-scale networks in terms of control, management, security, and maintenance. With SDN, network architectures can be deployed and maintained with ease. New trends in computing (e.g., cloud computing, data centers, and virtualization) can seamlessly be integrated with the SDN architecture. On the other hand, recent years witnessed a tremendous growth in the upgrade and modernization of the critical infrastructure networks, namely the Smart-Grid, in terms of its underlying communication infrastructure. From Supervisory Control and Data Acquisition (SCADA) systems to Advanced Metering Infrastructure (AMI), an increasing number of networking devices are being deployed to connect all the local network components of the Smart Grid together. Such large local networks requires significant effort in terms of network management and security, which is costly in terms of labor and hardware upgrades. SDN would be a perfect candidate technology to alleviate the costs while providing fine-grained control of this critical network infrastructure. Hence, in this paper, we explore the potential utilization of the SDN technology over the Smart Grid communication architecture. Specifically, we introduce three novel SDN deployment scenarios in local networks of Smart Grid. Moreover, we also investigate the pertinent security aspects with each deployment scenario along with possible solutions.
Citations: 8413
h-index: 44
i10-index: 107
