閱讀全文 | |
篇名 |
A Method for Acquiring Network Information from Linux Memory Image in Software-Defined Networking
|
---|---|
並列篇名 | A Method for Acquiring Network Information from Linux Memory Image in Software-Defined Networking |
作者 | Shumian Yang、Lianhai Wang、Shuhui Zhang、Dawei Zhao、Lijuan Xu |
英文摘要 | Software defined network (SDN) is a novel network architecture which separates the control plane from the data plane of a network. Owing to its openness, programmability and centralized control, SDN accelerates the development of network technology. However, it also brings new security problems, such as SDN control security, external distributed denial of service (DDoS) attacks and the northbound-southbound interface security. Aiming at the various security attack problems in SDN, the physical memory forensic analysis method is applied to this new framework of SDN, which can extract and analyze the digital evidence including running status of the computer, the behaviour characteristics of the user, network information, opened file and register. The method in this paper mainly obtains the network information from the physical memory image file in realtime, including the address resolution protocol (ARP), network configuration information, and the network connection information. It does not depend on the kernel symbol table and system version. We have extracted the network information under a wide range of operating system versions. Finally, the method is verified on the ubuntukylin 14.04 system, by obtaining various network information, and the experiment results show that the method has high accuracy and effectiveness on comparing with the Volatility tool. |
起訖頁 | 899-908 |
關鍵詞 | Software-defined networking (SDN)、Linux memory analysis、Software defined architecture security、Memory forensics |
刊名 | 網際網路技術學刊 |
期數 | 202005 (21:3期) |
出版單位 | 台灣學術網路管理委員會 |
DOI |
|
QR Code | |
該期刊 上一篇
| Channel Modeling and Characteristics for High Altitude Platform Stations Communication System |