{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,27]],"date-time":"2026-04-27T14:37:05Z","timestamp":1777300625958,"version":"3.51.4"},"publisher-location":"Cham","reference-count":45,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783319663319","type":"print"},{"value":"9783319663326","type":"electronic"}],"license":[{"start":{"date-parts":[[2017,1,1]],"date-time":"2017-01-01T00:00:00Z","timestamp":1483228800000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2017]]},"DOI":"10.1007\/978-3-319-66332-6_14","type":"book-chapter","created":{"date-parts":[[2017,10,11]],"date-time":"2017-10-11T07:58:05Z","timestamp":1507708685000},"page":"311-333","source":"Crossref","is-referenced-by-count":29,"title":["BEADS: Automated Attack Discovery in OpenFlow-Based SDN Systems"],"prefix":"10.1007","author":[{"given":"Samuel","family":"Jero","sequence":"first","affiliation":[]},{"given":"Xiangyu","family":"Bu","sequence":"additional","affiliation":[]},{"given":"Cristina","family":"Nita-Rotaru","sequence":"additional","affiliation":[]},{"given":"Hamed","family":"Okhravi","sequence":"additional","affiliation":[]},{"given":"Richard","family":"Skowyra","sequence":"additional","affiliation":[]},{"given":"Sonia","family":"Fahmy","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2017,10,12]]},"reference":[{"key":"14_CR1","doi-asserted-by":"crossref","unstructured":"Al-Shaer, E., Al-Haj, S.: FlowChecker: Configuration analysis and verification of federated OpenFlow infrastructures. In: Proceedings of ACM SafeConfig, pp. 37\u201344 (2010)","DOI":"10.1145\/1866898.1866905"},{"key":"14_CR2","doi-asserted-by":"crossref","unstructured":"Al-Shaer, E., Marrero, W., El-Atawy, A., Elbadawi, K.: Network configuration in a box: towards end-to-end verification of network reachability and security. In: Proceedings of ICNP, pp. 123\u2013132 (2009)","DOI":"10.1109\/ICNP.2009.5339690"},{"key":"14_CR3","doi-asserted-by":"crossref","unstructured":"Ambrosin, M., Conti, M., De Gaspari, F., Poovendran, R.: LineSwitch: efficiently managing switch flow in software-defined networking while effectively tackling DoS attacks. In: Proceedings of ASIA CCS, pp. 639\u2013644 (2015)","DOI":"10.1145\/2714576.2714612"},{"key":"14_CR4","doi-asserted-by":"crossref","unstructured":"Benton, K., Camp, L.J., Small, C.: OpenFlow vulnerability assessment. In: Proceedings of HotSDN, pp. 151\u2013152 (2013)","DOI":"10.1145\/2491185.2491222"},{"key":"14_CR5","doi-asserted-by":"crossref","unstructured":"Berde, P., Gerola, M., Hart, J., Higuchi, Y., Kobayashi, M., Koide, T., Lantz, B., O\u2019Connor, B., Radoslavov, P., Snow, W., et al.: ONOS: towards an open, distributed SDN OS. In: Proceedings of HotSDN, pp. 1\u20136 (2014)","DOI":"10.1145\/2620728.2620744"},{"key":"14_CR6","unstructured":"Canini, M., Venzano, D., Peresini, P., Kostic, D., Rexford, J.: A NICE way to test OpenFlow applications. In: Proceedings of NSDI (2012)"},{"key":"14_CR7","doi-asserted-by":"crossref","unstructured":"Dhawan, M., Poddar, R., Mahajan, K., Mann, V.: SPHINX: detecting security attacks in software-defined networks. In: Proceedings of NDSS (2015)","DOI":"10.14722\/ndss.2015.23064"},{"key":"14_CR8","unstructured":"Floodlight Project: Github - floodlight\/oftest: Openflow switch test framework (2016). https:\/\/github.com\/floodlight\/oftest"},{"key":"14_CR9","doi-asserted-by":"crossref","first-page":"279","DOI":"10.1145\/2034574.2034812","volume":"46","author":"N Foster","year":"2011","unstructured":"Foster, N., Harrison, R., Freedman, M.J., Monsanto, C., Rexford, J., Story, A., Walker, D.: Frenetic: a network programming language. ACM SIGPLAN Not. 46, 279\u2013291 (2011)","journal-title":"ACM SIGPLAN Not."},{"key":"14_CR10","doi-asserted-by":"crossref","unstructured":"Hong, S., Xu, L., Wang, H., Gu, G.: Poisoning network visibility in software-defined networks: new attacks and countermeasures. In: Proceedings of NDSS, pp. 8\u201311 (2015)","DOI":"10.14722\/ndss.2015.23283"},{"key":"14_CR11","doi-asserted-by":"crossref","unstructured":"Jafarian, J.H., Al-Shaer, E., Duan, Q.: OpenFlow random host mutation: transparent moving target defense using software defined networking. In: Proceedings of HotSDN, pp. 127\u2013132 (2012)","DOI":"10.1145\/2342441.2342467"},{"key":"14_CR12","doi-asserted-by":"crossref","unstructured":"Jero, S., Lee, H., Nita-Rotaru, C.: Leveraging state information for automated attack discovery in transport protocol implementations. In: 45th IEEE\/IFIPDSN, pp. 1\u201312. IEEE Computer Society (2015)","DOI":"10.1109\/DSN.2015.22"},{"key":"14_CR13","doi-asserted-by":"crossref","unstructured":"Kampanakis, P., Perros, H., Beyene, T.: SDN-based solutions for moving target defense network protection. In: Proceedings of WoWMoM (2014)","DOI":"10.1109\/WoWMoM.2014.6918979"},{"key":"14_CR14","doi-asserted-by":"crossref","unstructured":"Kang, M.S., Gligor, V.D., Sekar, V.: SPIFFY: inducing cost-detectability tradeoffs for persistent link-flooding attacks. In: Proceedings of NDSS (2016)","DOI":"10.14722\/ndss.2016.23147"},{"key":"14_CR15","unstructured":"Katta, N.P., Rexford, J., Walker, D.: Logic programming for software-defined networks. In: Workshop on Cross-Model Design and Validation (XLDI), vol. 412 (2012)"},{"key":"14_CR16","unstructured":"Kazemian, P., Chang, M., Zeng, H., Varghese, G., McKeown, N., Whyte, S.: Real time network policy checking using header space analysis. In: Proceedings of NSDI, pp. 99\u2013111 (2013)"},{"key":"14_CR17","unstructured":"Kazemian, P., Varghese, G., McKeown, N.: Header space analysis: static checking for networks. In: Proceedings of NSDI, pp. 113\u2013126 (2012)"},{"key":"14_CR18","doi-asserted-by":"crossref","unstructured":"Khurshid, A., Zhou, W., Caesar, M., Godfrey, P.B.: Veriflow: verifying network-wide invariants in real time. In: Proceedings of NSDI (2013)","DOI":"10.1145\/2342441.2342452"},{"key":"14_CR19","doi-asserted-by":"crossref","unstructured":"Kotani, D., Okabe, Y.: A packet-in message filtering mechanism for protection of control plane in OpenFlow networks. In: Proceedings of ANCS, pp. 29\u201340 (2014)","DOI":"10.1145\/2658260.2658276"},{"key":"14_CR20","doi-asserted-by":"crossref","unstructured":"Kuzniar, M., Canini, M., Kostic, D.: OFTEN testing OpenFlow networks. In: European Workshop on Software Defined Networking (EWSDN), pp. 54\u201360 (2012)","DOI":"10.1109\/EWSDN.2012.21"},{"key":"14_CR21","doi-asserted-by":"crossref","unstructured":"Lantz, B., Heller, B., McKeown, N.: A network in a laptop: rapid prototyping for software-defined networks. In: Proceedings of HotNets (2010)","DOI":"10.1145\/1868447.1868466"},{"issue":"12","key":"14_CR22","doi-asserted-by":"crossref","first-page":"17","DOI":"10.1109\/MC.2011.367","volume":"44","author":"N Leavitt","year":"2011","unstructured":"Leavitt, N.: Internet security under attack: the undermining of digital certificates. Computer 44(12), 17\u201320 (2011)","journal-title":"Computer"},{"key":"14_CR23","unstructured":"Lee, H., Seibert, J., Hoque, E., Killian, C., Nita-Rotaru, C.: Turret: a platform for finding attacks in unmodified implementations of intrusion tolerant systems. In: IEEE ICDCS (2014)"},{"key":"14_CR24","doi-asserted-by":"crossref","unstructured":"Lee, S., Yoon, C., Lee, C., Shin, S., Yegneswaran, V., Porras, P.: DELTA: a security assessment framework for software-defined networks. In: Network and Distributed System Security Symposium. Internet Society (2017)","DOI":"10.14722\/ndss.2017.23457"},{"key":"14_CR25","doi-asserted-by":"crossref","unstructured":"Lim, S., Ha, J.I., Kim, H., Kim, Y., Yang, S.: A SDN-oriented DDoS blocking scheme for botnet-based attacks. In: Proceedings of ICUFN, pp. 63\u201368 (2014)","DOI":"10.1109\/ICUFN.2014.6876752"},{"key":"14_CR26","unstructured":"Marlinspike, M.: New tricks for defeating SSL in practice. BlackHat DC, February 2009"},{"key":"14_CR27","unstructured":"McCauley, M.: About POX (2013). http:\/\/www.noxrepo.org\/pox\/about-pox\/"},{"key":"14_CR28","doi-asserted-by":"crossref","unstructured":"Mekky, H., Hao, F., Mukherjee, S., Zhang, Z.L., Lakshman, T.: Application-aware data plane processing in SDN. In: Proceedings of HotSDN, pp. 13\u201318 (2014)","DOI":"10.1145\/2620728.2620735"},{"key":"14_CR29","unstructured":"Natarajan, S.: Github - snrism\/florence-dev: Sdn security test framework (2016). https:\/\/github.com\/snrism\/florence-dev"},{"key":"14_CR30","unstructured":"Nelson, T., Ferguson, A.D., Scheer, M.J., Krishnamurthi, S.: Tierless programming and reasoning for software-defined networks. In: Proceedings of NSDI, pp. 519\u2013531 (2014)"},{"key":"14_CR31","unstructured":"Open Networking Foundation: OpenFlow switch specification (1.0) (2009)"},{"key":"14_CR32","unstructured":"Open Networking Foundation: Conformance test specification for OpenFlow switch specification 1.0.1 (2013). https:\/\/www.opennetworking.org\/images\/stories\/downloads\/sdn-resources\/onf-specifications\/openflow-test\/conformance-test-spec-openflow-1.0.1.pdf"},{"key":"14_CR33","unstructured":"Open Networking Foundation: OpenFlow switch specification (1.5.0) (2014)"},{"key":"14_CR34","unstructured":"Open Networking Foundation: Conformance test specification for OpenFlow switch specification 1.3.4 - basic single table conformance test profile (2015). https:\/\/www.opennetworking.org\/images\/stories\/downloads\/working-groups\/OpenFlow1.3.4TestSpecification-Basic.pdf"},{"key":"14_CR35","unstructured":"Pickett, G.: Abusing software defined networks. In: Defcon (2014)"},{"key":"14_CR36","unstructured":"Pickett, G.: Staying persistent in software defined networks. In: BlackHat (2015)"},{"key":"14_CR37","doi-asserted-by":"crossref","unstructured":"Plummer, D.: Ethernet address resolution protocol: Or converting network protocol addresses to 48.bit ethernet address for transmission on ethernet hardware. RFC 826 (1982)","DOI":"10.17487\/rfc0826"},{"key":"14_CR38","doi-asserted-by":"crossref","unstructured":"Porras, P., Cheung, S., Fong, M., Skinner, K., Yegneswaran, V.: Securing the software-defined network control layer. In: Proceedings of NDSS (2015)","DOI":"10.14722\/ndss.2015.23222"},{"key":"14_CR39","unstructured":"Project Floodlight: Floodlight OpenFlow Controller (2016)"},{"key":"14_CR40","doi-asserted-by":"crossref","unstructured":"Reitblatt, M., Foster, N., Rexford, J., Schlesinger, C., Walker, D.: Abstractions for network update. In: Proceedings of ACM SIGCOMM, pp. 323\u2013334 (2012)","DOI":"10.1145\/2342356.2342427"},{"key":"14_CR41","doi-asserted-by":"crossref","unstructured":"Scott, C., Wundsam, A., Raghavan, B., Panda, A., Or, A., Lai, J., Huang, E., Liu, Z., El-Hassany, A., Whitlock, S., Acharya, H., Zarifis, K., Shenker, S.: Troubleshooting blackbox SDN control software with minimal causal sequences. In: Proceedings of SIGCOMM, pp. 395\u2013406. ACM (2014)","DOI":"10.1145\/2619239.2626304"},{"key":"14_CR42","doi-asserted-by":"crossref","unstructured":"Shin, S., Gu, G.: Attacking software-defined networks: a first feasibility study. In: Proceedings of HotSDN, pp. 165\u2013166 (2013)","DOI":"10.1145\/2491185.2491220"},{"key":"14_CR43","unstructured":"Shin, S., Porras, P., Yegneswaran, V., Gu, G.: A framework for integrating security services into software-defined networks. In: Proceedings of Open Networking Summit (2013)"},{"key":"14_CR44","doi-asserted-by":"crossref","unstructured":"Shin, S., Yegneswaran, V., Porras, P., Gu, G.: Avant-guard: scalable and vigilant switch flow management in software-defined networks. In: Proceedings of CCS, pp. 413\u2013424 (2013)","DOI":"10.1145\/2508859.2516684"},{"key":"14_CR45","unstructured":"The Ryu Project: Ryu SDN framework using OpenFlow 1.3. Website (2014). https:\/\/osrg.github.io\/ryu\/"}],"container-title":["Lecture Notes in Computer Science","Research in Attacks, Intrusions, and Defenses"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-66332-6_14","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,10,4]],"date-time":"2019-10-04T09:18:48Z","timestamp":1570180728000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-66332-6_14"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017]]},"ISBN":["9783319663319","9783319663326"],"references-count":45,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-66332-6_14","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2017]]}}}