{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,10]],"date-time":"2026-01-10T03:43:30Z","timestamp":1768016610306,"version":"3.49.0"},"publisher-location":"Cham","reference-count":53,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030372279","type":"print"},{"value":"9783030372286","type":"electronic"}],"license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-3-030-37228-6_21","type":"book-chapter","created":{"date-parts":[[2019,12,16]],"date-time":"2019-12-16T05:00:05Z","timestamp":1576472405000},"page":"429-449","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":3,"title":["Covert Channels in SDN: Leaking Out Information from Controllers to End Hosts"],"prefix":"10.1007","author":[{"given":"Jiahao","family":"Cao","sequence":"first","affiliation":[]},{"given":"Kun","family":"Sun","sequence":"additional","affiliation":[]},{"given":"Qi","family":"Li","sequence":"additional","affiliation":[]},{"given":"Mingwei","family":"Xu","sequence":"additional","affiliation":[]},{"given":"Zijie","family":"Yang","sequence":"additional","affiliation":[]},{"given":"Kyung Joon","family":"Kwak","sequence":"additional","affiliation":[]},{"given":"Jason","family":"Li","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2019,12,13]]},"reference":[{"key":"21_CR1","unstructured":"Access Control in ONOS Controller. \nhttps:\/\/wiki.onosproject.org\/display\/ONOS\/Access+Control+Based+on+DHCP"},{"key":"21_CR2","unstructured":"Firewall Application in Floodlight Controller. \nhttps:\/\/floodlight.atlassian.net\/wiki\/spaces\/floodlightcontroller\/pages\/1343616\/Firewall"},{"key":"21_CR3","unstructured":"Floodlight DHCP Proxy Service. \nhttps:\/\/github.com\/floodlight\/floodlight\/tree\/master\/src\/main\/java\/net\/floodlightcontroller\/dhcpserver"},{"key":"21_CR4","unstructured":"Floodlight ProxyARP. \nhttps:\/\/github.com\/mbredel\/floodlight-proxyarp"},{"key":"21_CR5","unstructured":"Manchester Code. \nhttps:\/\/en.wikipedia.org\/wiki\/Manchester_code"},{"key":"21_CR6","unstructured":"Microsoft Azure and Software Defined Networking. \nhttps:\/\/docs.microsoft.com\/en-us\/windows-server\/networking\/sdn\/azure_and_sdn\/"},{"key":"21_CR7","unstructured":"ONOS Neighbour Resolution Service for ARP and NDP Proxy. \nhttps:\/\/wiki.onosproject.org\/display\/ONOS\/Neighbour+Resolution+Service"},{"key":"21_CR8","unstructured":"ONOS ProxyARP. \nhttps:\/\/github.com\/opennetworkinglab\/onos\/blob\/master\/apps\/proxyarp\/src\/main\/java\/org\/onosproject\/proxyarp\/DefaultProxyArp.java"},{"key":"21_CR9","unstructured":"OpenDayLight ARP Proxy Service. \nhttps:\/\/github.com\/opendaylight\/honeycomb-vbd\/blob\/master\/api\/src\/main\/yang\/proxy-arp"},{"key":"21_CR10","unstructured":"OpenDayLight Neutron DHCP Proxy Service. \nhttps:\/\/docs.opendaylight.org\/en\/stable-nitrogen\/submodules\/netvirt\/docs\/specs\/neutron-port-for-dhcp-service.html"},{"key":"21_CR11","unstructured":"OpenFlow Specification v1.5.1. \nhttps:\/\/www.opennetworking.org\/wp-content\/uploads\/2014\/10\/openflow-switch-v1.5.1.pdf"},{"key":"21_CR12","unstructured":"OpenvSwitch: Products and Vulnerabilities. \nhttps:\/\/www.cvedetails.com\/vendor\/12098\/Openvswitch.html"},{"key":"21_CR13","unstructured":"Routing Application on Floodlight. \nhttps:\/\/github.com\/floodlight\/floodlight\/tree\/master\/src\/main\/java\/net\/floodlightcontroller\/routing\/"},{"issue":"8","key":"21_CR14","doi-asserted-by":"publisher","first-page":"106","DOI":"10.1109\/MCOM.2018.1701016","volume":"56","author":"AA Abdelltif","year":"2018","unstructured":"Abdelltif, A.A., et al.: SDN-based load balancing service for cloud servers. IEEE Commun. Mag. 56(8), 106\u2013111 (2018)","journal-title":"IEEE Commun. Mag."},{"key":"21_CR15","doi-asserted-by":"crossref","unstructured":"Achleitner, S., et al.: Adversarial network forensics in software defined networking. In: ACM SOSR, pp. 8\u201320 (2017)","DOI":"10.1145\/3050220.3050223"},{"issue":"2","key":"21_CR16","doi-asserted-by":"publisher","first-page":"302","DOI":"10.3390\/fi6020302","volume":"6","author":"W Braun","year":"2014","unstructured":"Braun, W., Menth, M.: Software-defined networking using openflow: protocols, applications and architectural design choices. Futur. Internet 6(2), 302\u2013336 (2014)","journal-title":"Futur. Internet"},{"key":"21_CR17","unstructured":"CAIDA Passive Monitor: Chicago B: \nhttp:\/\/www.caida.org\/data\/passive\/trace_stats\/chicago-B\/2015\/?monitor=20150219-130000.UTC"},{"key":"21_CR18","series-title":"Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","doi-asserted-by":"publisher","first-page":"356","DOI":"10.1007\/978-3-319-78813-5_18","volume-title":"Security and Privacy in Communication Networks","author":"J Cao","year":"2018","unstructured":"Cao, J., Xu, M., Li, Q., Sun, K., Yang, Y., Zheng, J.: Disrupting SDN via the data plane: a\u00a0low-rate flow table overflow attack. In: Lin, X., Ghorbani, A., Ren, K., Zhu, S., Zhang, A. (eds.) SecureComm 2017. LNICST, vol. 238, pp. 356\u2013376. Springer, Cham (2018). \nhttps:\/\/doi.org\/10.1007\/978-3-319-78813-5_18"},{"key":"21_CR19","doi-asserted-by":"crossref","unstructured":"Chiang, S.-H., et al.: Online multicast traffic engineering for software-defined networks. In: IEEE INFOCOM, pp. 414\u2013422 (2018)","DOI":"10.1109\/INFOCOM.2018.8486290"},{"issue":"10","key":"21_CR20","first-page":"2160","volume":"11","author":"H Cui","year":"2016","unstructured":"Cui, H., et al.: On the fingerprinting of software-defined networks. IEEE TIFS 11(10), 2160\u20132173 (2016)","journal-title":"IEEE TIFS"},{"key":"21_CR21","doi-asserted-by":"crossref","unstructured":"Dhawan, M., et al.: Sphinx: detecting security attacks in software-defined networks. In: NDSS, vol. 15, pp. 8\u201311 (2015)","DOI":"10.14722\/ndss.2015.23064"},{"key":"21_CR22","unstructured":"Gras, B., et al.: Translation leak-aside buffer: defeating cache side-channel protections with TLB attacks. In: USENIX Security, pp. 955\u2013972 (2018)"},{"key":"21_CR23","unstructured":"Hizver, J.: Taxonomic modeling of security threats in software defined networking. In: BlackHat Conference, pp. 1\u201316 (2015)"},{"issue":"2","key":"21_CR24","first-page":"147","volume":"2","author":"A Hocquenghem","year":"1959","unstructured":"Hocquenghem, A.: Codes correcteurs d\u2019erreurs. Chiffres 2(2), 147\u2013156 (1959)","journal-title":"Chiffres"},{"key":"21_CR25","doi-asserted-by":"crossref","unstructured":"Jafarian, J.H., et al.: OpenFlow random host mutation: transparent moving target defense using software defined networking. In: ACM HotSDN, pp. 127\u2013132 (2012)","DOI":"10.1145\/2342441.2342467"},{"key":"21_CR26","unstructured":"Kang, M.S., et al.: The crossfire attack. In: IEEE Symposium on Security and Privacy, pp. 127\u2013141 (2013)"},{"key":"21_CR27","doi-asserted-by":"crossref","unstructured":"Katta, N., et al.: Infinite cacheflow in software-defined networks. In: ACM HotSDN, pp. 175\u2013180 (2014)","DOI":"10.1145\/2620728.2620734"},{"key":"21_CR28","doi-asserted-by":"crossref","unstructured":"Kl\u00f6ti, R., et al.: OpenFlow: a security analysis. In: IEEE ICNP, pp. 1\u20136 (2013)","DOI":"10.1109\/ICNP.2013.6733671"},{"issue":"1","key":"21_CR29","doi-asserted-by":"publisher","first-page":"14","DOI":"10.1109\/JPROC.2014.2371999","volume":"103","author":"D Kreutz","year":"2015","unstructured":"Kreutz, D., et al.: Software-defined networking: a comprehensive survey. Proc. IEEE 103(1), 14\u201376 (2015)","journal-title":"Proc. IEEE"},{"key":"21_CR30","doi-asserted-by":"crossref","unstructured":"Kr\u00f6sche, R., et al.: I DPID it my way! A covert timing channel in software-defined networks. In: IFIP Networking (2018)","DOI":"10.23919\/IFIPNetworking.2018.8696597"},{"key":"21_CR31","unstructured":"Lam, P., et al.: The soot framework for java program analysis: a retrospective. In: CETUS 2011, vol. 15, p. 35 (2011)"},{"key":"21_CR32","doi-asserted-by":"crossref","unstructured":"Lee, S., et al.: The smaller, the shrewder: a simple malicious application can kill an entire SDN environment. In: ACM SDN-NFV Security, pp. 23\u201328 (2016)","DOI":"10.1145\/2876019.2876024"},{"key":"21_CR33","doi-asserted-by":"crossref","unstructured":"Li, H., et al.: vNIDS: towards elastic security with safe and efficient virtualization of network intrusion detection systems. In: ACM CCS, pp. 17\u201334 (2018)","DOI":"10.1145\/3243734.3243862"},{"issue":"3","key":"21_CR34","doi-asserted-by":"publisher","first-page":"2949","DOI":"10.1109\/JSYST.2017.2720758","volume":"12","author":"Y-D Lin","year":"2018","unstructured":"Lin, Y.-D., et al.: OFBench: performance test suite on OpenFlow switches. IEEE Syst. J. 12(3), 2949\u20132959 (2018)","journal-title":"IEEE Syst. J."},{"key":"21_CR35","unstructured":"Lipp, M., et al.: Meltdown: reading kernel memory from user space. In: USENIX Security, pp. 973\u2013990 (2018)"},{"key":"21_CR36","doi-asserted-by":"crossref","unstructured":"Liu, S., et al.: Flow reconnaissance via timing attacks on SDN switches. In: IEEE ICDCS, pp. 196\u2013206 (2017)","DOI":"10.1109\/ICDCS.2017.281"},{"key":"21_CR37","doi-asserted-by":"crossref","unstructured":"Maurice, C., et al.: Hello from the other side: SSH over robust cache covert channels in the cloud. In: NDSS (2017)","DOI":"10.14722\/ndss.2017.23294"},{"key":"21_CR38","doi-asserted-by":"crossref","unstructured":"Moon, S.-J., et al.: Nomad: mitigating arbitrary cloud side channels via provider-assisted migration. In: ACM CCS, pp. 1595\u20131606 (2015)","DOI":"10.1145\/2810103.2813706"},{"key":"21_CR39","doi-asserted-by":"crossref","unstructured":"Narten, T.: Neighbor Discovery for IP version 6. RFC 2461 (1998)","DOI":"10.17487\/rfc2461"},{"key":"21_CR40","doi-asserted-by":"crossref","unstructured":"Ou, X., et al.: A scalable approach to attack graph generation. In: ACM CCS, pp. 336\u2013345 (2006)","DOI":"10.1145\/1180405.1180446"},{"key":"21_CR41","doi-asserted-by":"crossref","unstructured":"Porras, P.A., et al.: Securing the software defined network control layer. In: NDSS (2015)","DOI":"10.14722\/ndss.2015.23222"},{"key":"21_CR42","doi-asserted-by":"crossref","unstructured":"Rossow, C.: Amplification hell: revisiting network protocols for DDOS abuse. In: NDSS (2014)","DOI":"10.14722\/ndss.2014.23233"},{"key":"21_CR43","doi-asserted-by":"crossref","unstructured":"Shin, S., Gu, G.: Attacking software-defined networks: a first feasibility study. In: ACM HotSDN, pp. 165\u2013166 (2013)","DOI":"10.1145\/2491185.2491220"},{"key":"21_CR44","doi-asserted-by":"crossref","unstructured":"Shin, S., et al.: Rosemary: a robust, secure, and high-performance network operating system. In: ACM CCS, pp. 78\u201389 (2014)","DOI":"10.1145\/2660267.2660353"},{"key":"21_CR45","doi-asserted-by":"crossref","unstructured":"Sonchack, J., et al.: Timing-based reconnaissance and defense in software-defined networks. In: IEEE ACSAC, pp. 89\u2013100 (2016)","DOI":"10.1145\/2991079.2991081"},{"key":"21_CR46","doi-asserted-by":"crossref","unstructured":"Thimmaraju, K., et al.: Outsmarting network security with SDN teleportation. In: IEEE EuroS&P, pp. 563\u2013578 (2017)","DOI":"10.1109\/EuroSP.2017.21"},{"key":"21_CR47","doi-asserted-by":"crossref","unstructured":"Ujcich, B.E., et al.: Cross-app poisoning in software-defined networking. In: ACM CCS (2018)","DOI":"10.1145\/3243734.3243759"},{"key":"21_CR48","doi-asserted-by":"crossref","unstructured":"Wang, H., et al.: Towards fine-grained network security forensics and diagnosis in the SDN era. In: ACM CCS, pp. 3\u201316 (2018)","DOI":"10.1145\/3243734.3243749"},{"key":"21_CR49","doi-asserted-by":"crossref","unstructured":"Wen, X., et al.: SDNshield: reconciliating configurable application permissions for SDN app markets. In: IEEE\/IFIP DSN, pp. 121\u2013132 (2016)","DOI":"10.1109\/DSN.2016.20"},{"key":"21_CR50","unstructured":"Xu, L., et al.: Attacking the brain: races in the SDN control plane. In: USENIX Security, pp. 451\u2013468 (2017)"},{"key":"21_CR51","unstructured":"Yoon, C., Lee, S.: Attacking SDN infrastructure: are we ready for the next-gen networking? In: BlackHat-USA (2016)"},{"key":"21_CR52","doi-asserted-by":"crossref","unstructured":"Yoon, C., et al.: A security-mode for carrier-grade SDN controllers. In: ACM ACSAC. pp. 461\u2013473 (2017)","DOI":"10.1145\/3134600.3134603"},{"issue":"7","key":"21_CR53","first-page":"1838","volume":"13","author":"J Zheng","year":"2018","unstructured":"Zheng, J., et al.: Realtime DDoS defense using COTS SDN switches via adaptive correlation analysis. IEEE TIFS 13(7), 1838\u20131853 (2018)","journal-title":"IEEE TIFS"}],"container-title":["Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","Security and Privacy in Communication Networks"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-37228-6_21","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,12,16]],"date-time":"2019-12-16T05:02:40Z","timestamp":1576472560000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-37228-6_21"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019]]},"ISBN":["9783030372279","9783030372286"],"references-count":53,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-37228-6_21","relation":{},"ISSN":["1867-8211","1867-822X"],"issn-type":[{"value":"1867-8211","type":"print"},{"value":"1867-822X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2019]]},"assertion":[{"value":"13 December 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"SecureComm","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Security and Privacy in Communication Systems","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Orlando, VA","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"USA","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2019","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"23 October 2019","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"25 October 2019","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"15","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"securecomm2019","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/securecomm.org","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"easychair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"149","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"38","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"18","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"26% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3,5","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"2","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"No","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}