{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,1]],"date-time":"2026-02-01T01:22:02Z","timestamp":1769908922770,"version":"3.49.0"},"reference-count":41,"publisher":"Springer Science and Business Media LLC","issue":"2-3","license":[{"start":{"date-parts":[[2016,3,7]],"date-time":"2016-03-07T00:00:00Z","timestamp":1457308800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"funder":[{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["61402029"],"award-info":[{"award-number":["61402029"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["61272501"],"award-info":[{"award-number":["61272501"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"name":"National Key Basic Research Program (973 Program)","award":["2012CB315905"],"award-info":[{"award-number":["2012CB315905"]}]},{"DOI":"10.13039\/501100004826","name":"Beijing Natural Science Foundation","doi-asserted-by":"crossref","award":["4132056"],"award-info":[{"award-number":["4132056"]}],"id":[{"id":"10.13039\/501100004826","id-type":"DOI","asserted-by":"crossref"}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["J Sign Process Syst"],"published-print":{"date-parts":[[2017,3]]},"DOI":"10.1007\/s11265-016-1115-8","type":"journal-article","created":{"date-parts":[[2016,3,6]],"date-time":"2016-03-06T21:51:42Z","timestamp":1457301102000},"page":"157-173","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":17,"title":["PERM-GUARD: Authenticating the Validity of Flow Rules in Software Defined Networking"],"prefix":"10.1007","volume":"86","author":[{"given":"Mengmeng","family":"Wang","sequence":"first","affiliation":[]},{"given":"Jianwei","family":"Liu","sequence":"additional","affiliation":[]},{"given":"Jie","family":"Chen","sequence":"additional","affiliation":[]},{"given":"Xiao","family":"Liu","sequence":"additional","affiliation":[]},{"given":"Jian","family":"Mao","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2016,3,7]]},"reference":[{"key":"1115_CR1","doi-asserted-by":"crossref","unstructured":"Al-Shaer, E., & Al-Haj, S. (2010). Flowchecker: configuration analysis and verification of federated openflow infrastructures. In Proceedings of the 3rd ACM workshop on assurable and usable security configuration (pp. 37\u201344). Chicago: ACM.","DOI":"10.1145\/1866898.1866905"},{"key":"1115_CR2","doi-asserted-by":"crossref","unstructured":"Ball, T., Bj\u00f8rner, N., Gember, A., Itzhaky, S., Karbyshev, A., Sagiv, M., Schapira, M., & Valadarsky, A. (2014). VeriCon: towards verifying controller programs in software-defined networks. In Proceedings of the 35th ACM SIGPLAN conference on programming language design and implementation (pp. 282\u2013 293).","DOI":"10.1145\/2666356.2594317"},{"key":"1115_CR3","doi-asserted-by":"crossref","unstructured":"Canini, M., Kuznetsov, P., Levin, D., & Schmid, S. (2015). A distributed and robust sdn control plane for transactional network updates. In 2015 IEEE conference on computer communications (INFOCOM) (pp. 190\u2013198).","DOI":"10.1109\/INFOCOM.2015.7218382"},{"key":"1115_CR4","doi-asserted-by":"crossref","unstructured":"Casado, M., Freedman, M. J., Pettit, J., Luo, J., McKeown, N., & Shenker, S. (2007). Ethane: taking control of the enterprise. In Proceedings of the 2007 conference on applications, technologies, architectures, and protocols for computer communications (Vol. 37, pp. 1\u201312). Kyoto: ACM.","DOI":"10.1145\/1282380.1282382"},{"key":"1115_CR5","unstructured":"Casado, M., Garfinkel, T., Akella, A., Freedman, M. J., Boneh, D., McKeown, N., & Shenker, S. (2006). Sane: a protection architecture for enterprise networks. In Proceedings of the 15th conference on USENIX security symposium (Vol. 15, pp. 1\u201315). USENIX Association."},{"issue":"4","key":"1115_CR6","doi-asserted-by":"crossref","first-page":"2181","DOI":"10.1109\/COMST.2014.2326417","volume":"16","author":"H Fei","year":"2014","unstructured":"Fei, H., Qi, H., & Ke, B. (2014). A survey on software-defined network and openflow: from concept to implementation. IEEE Communications Surveys & Tutorials, 16(4), 2181\u20132206.","journal-title":"IEEE Communications Surveys & Tutorials"},{"key":"1115_CR7","doi-asserted-by":"crossref","unstructured":"Ferguson, A. D., Guha, A., Liang, C., Fonseca, R., & Krishnamurthi, S. (2013). Participatory networking: an api for application control of sdns. In Proceedings of the ACM SIGCOMM 2013 conference on SIGCOMM (Vol. 43, pp. 327\u2013338). Hong Kong: ACM.","DOI":"10.1145\/2486001.2486003"},{"key":"1115_CR8","unstructured":"Floodlight-Project: http:\/\/www.projectfloodlight.org ."},{"key":"1115_CR9","unstructured":"Foundation, O.N.O. (2013). Software-defined networking: the new norm for networks. onf white paper. http:\/\/book.itep.ru\/depository\/open_flow\/sdn-newnorm.pdf ."},{"key":"1115_CR10","doi-asserted-by":"crossref","first-page":"445","DOI":"10.1007\/11761679_27","volume":"4004","author":"C Gentry","year":"2006","unstructured":"Gentry, C. (2006). Practical identity-based encryption without random oracles. Advances in Cryptology - EUROCRYPT 2006, 4004, 445\u2013464.","journal-title":"Advances in Cryptology - EUROCRYPT 2006"},{"issue":"3","key":"1115_CR11","doi-asserted-by":"crossref","first-page":"105","DOI":"10.1145\/1384609.1384625","volume":"38","author":"N Gude","year":"2008","unstructured":"Gude, N., Koponen, T., Pettit, J., Pfaff, B., Casado, M., McKeown, N., & Shenker, S. (2008). Nox: towards an operating system for networks. SIGCOMM Computer Communication Review, 38(3), 105\u2013110.","journal-title":"SIGCOMM Computer Communication Review"},{"key":"1115_CR12","unstructured":"Hinden, R.M. (2014). Sdn and security: why take over the hosts when you can take over the network. In RSA conference 2014, TECH-r03. San Francisco."},{"key":"1115_CR13","doi-asserted-by":"crossref","unstructured":"Hong, S., Xu, L., Wang, H., & Gu, G. (2015). Poisoning network visibility in software-defined networks: new attacks and countermeasures. In Proceedings of 2015 annual network and distributed system security symposium. San Diego.","DOI":"10.14722\/ndss.2015.23283"},{"key":"1115_CR14","doi-asserted-by":"crossref","unstructured":"Klaedtke, F., Karame, G.O., Bifulco, R., & Cui, H. (2014). Access control for sdn controllers. In Proceedings of the third workshop on hot topics in software defined networking (pp. 219\u2013220). Chicago: ACM.","DOI":"10.1145\/2620728.2620773"},{"key":"1115_CR15","doi-asserted-by":"crossref","unstructured":"Kloti, R., Kotronis, V., & Smith, P. (2013). Openflow: a security analysis. In 2013 21St IEEE international conference on network protocols (pp. 1\u20136). Goettingen.","DOI":"10.1109\/ICNP.2013.6733671"},{"key":"1115_CR16","unstructured":"Koponen, T., Casado, M., Gude, N., Stribling, J., Poutievski, L., Zhu, M., ..., & Shenker, S. (2010). Onix: a distributed control platform for large-scale production networks. In Proceedings of the 9th USENIX conference on operating systems design and implementation (pp. 1\u20136). Canada: USENIX Association."},{"issue":"1","key":"1115_CR17","doi-asserted-by":"crossref","first-page":"14","DOI":"10.1109\/JPROC.2014.2371999","volume":"103","author":"D Kreutz","year":"2015","unstructured":"Kreutz, D., Ramos, F.M.V., Esteves Verissimo, P., Esteve Rothenberg, C., Azodolmolky, S., & Uhlig, S. (2015). Software-defined networking: a comprehensive survey. Proceedings of the IEEE, 103(1), 14\u201376.","journal-title":"Proceedings of the IEEE"},{"key":"1115_CR18","unstructured":"Mashtizadeh, A.J., Bittau, A., Mazieres, D., & Boneh, D. (2015). Cryptographically enforced control flow integrity. arXiv: 1408.1451v1 ."},{"issue":"2","key":"1115_CR19","doi-asserted-by":"crossref","first-page":"69","DOI":"10.1145\/1355734.1355746","volume":"38","author":"N McKeown","year":"2008","unstructured":"McKeown, N., Anderson, T., Balakrishnan, H., Parulkar, G., Peterson, L., Rexford, J., Shenker, S., & Turner, J. (2008). Openflow: enabling innovation in campus networks. SIGCOMM Computer Communication Review, 38(2), 69\u201374.","journal-title":"SIGCOMM Computer Communication Review"},{"key":"1115_CR20","unstructured":"nmap: https:\/\/nmap.org\/ ."},{"issue":"3","key":"1115_CR21","doi-asserted-by":"crossref","first-page":"1617","DOI":"10.1109\/SURV.2014.012214.00180","volume":"16","author":"BAA Nunes","year":"2014","unstructured":"Nunes, B.A.A., Mendonca, M., Nguyen, X.N., Obraczka, K., & Turletti, T. (2014). A survey of software-defined networking: past, present, and future of programmable networks. IEEE Communications Surveys & Tutorials, 16(3), 1617\u20131634.","journal-title":"IEEE Communications Surveys & Tutorials"},{"key":"1115_CR22","unstructured":"(ONF), O.N.F. (2015). Software-defined networking (sdn) definition. https:\/\/www.opennetworking.org\/sdn-resources\/sdn-definition ."},{"key":"1115_CR23","unstructured":"OpenDaylight: http:\/\/www.opendaylight.org\/ ."},{"key":"1115_CR24","doi-asserted-by":"crossref","unstructured":"Pang, R., Allman, M., Bennett, M., Lee, J., Paxson, V., & Tierney, B. (2005). A first look at modern enterprise traffic. In Proceedings of the 5th ACM SIGCOMM conference on internet measurement (pp. 15\u201328). Berkeley: USENIX Association.","DOI":"10.1145\/1330107.1330110"},{"key":"1115_CR25","doi-asserted-by":"crossref","first-page":"207","DOI":"10.1007\/11780656_18","volume":"4058","author":"K Paterson","year":"2006","unstructured":"Paterson, K., & Schuldt, J. N. (2006). Efficient identity-based signatures secure in the standard model. Information Security and Privacy, 4058, 207\u2013222.","journal-title":"Information Security and Privacy"},{"key":"1115_CR26","doi-asserted-by":"crossref","unstructured":"Porras, P., Cheung, S., Fong, M., Skinner, K., & Yegneswaran, V. (2015). Securing the software-defined network control layer. In Proceedings of 2015 annual network and distributed system security symposium. San Diego.","DOI":"10.14722\/ndss.2015.23222"},{"key":"1115_CR27","doi-asserted-by":"crossref","unstructured":"Porras, P., Shin, S., Yegneswaran, V., Fong, M., Tyson, M., & Gu, G. (2012). A security enforcement kernel for openflow networks. In Proceedings of the first workshop on hot topics in software defined networks (pp. 121\u2013126). Helsinki: ACM.","DOI":"10.1145\/2342441.2342466"},{"key":"1115_CR28","unstructured":"POX: http:\/\/www.noxrepo.org\/ ."},{"key":"1115_CR29","doi-asserted-by":"publisher","unstructured":"Ronga, L., Pucci, R., & Del Re, E. (2015). Software defined radio implementation of cloudran gsm emergency service. Journal of Signal Processing Systems 1\u20137. doi: 10.1007\/s11265-015-1040-2 .","DOI":"10.1007\/s11265-015-1040-2"},{"key":"1115_CR30","unstructured":"Sanfilippo, S. (2015). Hping home page, http:\/\/www.hping.org\/ ."},{"key":"1115_CR31","doi-asserted-by":"crossref","unstructured":"Scott-Hayward, S., Kane, C., & Sezer, S. (2014). Operationcheckpoint: Sdn application control. In Proceedings of the 22nd international conference on network protocols (pp. 618\u2013623). IEEE.","DOI":"10.1109\/ICNP.2014.98"},{"key":"1115_CR32","unstructured":"Shin, S., Porras, P., Yegneswaran, V., Fong, M., Gu, G., & Tyson, M. (2013). Fresco: modular composable security services for software-defined networks. In ISOC network and distributed system security symposium (pp. 1\u201316)."},{"key":"1115_CR33","doi-asserted-by":"crossref","unstructured":"Shin, S., Song, Y., Lee, T., Lee, S., Chung, J., Porras, P., ..., & Kang, B.B. (2014). Rosemary: a robust, secure, and high-performance network operating system. In Proceedings of the 2014 ACM SIGSAC conference on computer and communications security (pp. 78\u201389). Scottsdale: ACM.","DOI":"10.1145\/2660267.2660353"},{"issue":"10","key":"1115_CR34","first-page":"2236","volume":"10","author":"S Shin","year":"2015","unstructured":"Shin, S., Wang, H., & Gu, G. (2015). A first step toward network security virtualization: from concept to prototype. IEEE Transactions on Information Forensics and Security, 10(10), 2236\u20132249. doi: 10.1109\/TIFS.2015.2453936 .","journal-title":"IEEE Transactions on Information Forensics and Security"},{"key":"1115_CR35","doi-asserted-by":"crossref","unstructured":"Shin, S., Yegneswaran, V., Porras, P., & Gu, G. (2013). Avant-guard: scalable and vigilant switch flow management in software-defined networks. In Proceedings of the 2013 ACM SIGSAC conference on computer & communications security (pp. 413\u2013424). Berlin: ACM.","DOI":"10.1145\/2508859.2516684"},{"key":"1115_CR36","doi-asserted-by":"crossref","unstructured":"Son, S., Seungwon, S., Yegneswaran, V., Porras, P., & Guofei, G. (2013). Model checking invariant security properties in openflow. In 2013 IEEE International conference on communications (pp. 1974\u20131979). Budapest.","DOI":"10.1109\/ICC.2013.6654813"},{"key":"1115_CR37","doi-asserted-by":"crossref","unstructured":"Wang, H., Xu, L., & Gu, G. (2015). Floodguard: a dos attack prevention extension in software-defined networks. In Proceedings of the 45th annual IEEE\/IFIP international conference on dependable systems and networks. Brazil.","DOI":"10.1109\/DSN.2015.27"},{"key":"1115_CR38","doi-asserted-by":"crossref","first-page":"114","DOI":"10.1007\/11426639_7","volume":"3494","author":"B Waters","year":"2005","unstructured":"Waters, B. (2005). Efficient identity-based encryption without random oracles. Advances in Cryptology - EUROCRYPT 2005, 3494, 114\u2013127.","journal-title":"Advances in Cryptology - EUROCRYPT 2005"},{"key":"1115_CR39","doi-asserted-by":"crossref","unstructured":"Wen, X., Chen, Y., Hu, C., Shi, C., & Wang, Y. (2013). Towards a secure controller platform for openflow applications. In Proceedings of the second ACM SIGCOMM workshop on hot topics in software defined networking (pp. 171\u2013172). Hong Kong: ACM.","DOI":"10.1145\/2491185.2491212"},{"issue":"1","key":"1115_CR40","doi-asserted-by":"crossref","first-page":"27","DOI":"10.1109\/COMST.2014.2330903","volume":"17","author":"W Xia","year":"2015","unstructured":"Xia, W., Wen, Y., Foh, C.H., Niyato, D., & Xie, H. (2015). A survey on software-defined networking. IEEE Communications Surveys & Tutorials, 17(1), 27\u201351.","journal-title":"IEEE Communications Surveys & Tutorials"},{"key":"1115_CR41","unstructured":"Zhou, W., Jin, D., Croft, J., Caesar, M., & Godfrey, P.B. (2015). Enforcing customizable consistency properties in software-defined networks. In 12Th USENIX symposium on networked systems design and implementation. OaklandUSENIX Association."}],"container-title":["Journal of Signal Processing Systems"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s11265-016-1115-8.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/article\/10.1007\/s11265-016-1115-8\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s11265-016-1115-8","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/s11265-016-1115-8.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,9,5]],"date-time":"2019-09-05T04:27:50Z","timestamp":1567657670000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/s11265-016-1115-8"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016,3,7]]},"references-count":41,"journal-issue":{"issue":"2-3","published-print":{"date-parts":[[2017,3]]}},"alternative-id":["1115"],"URL":"https:\/\/doi.org\/10.1007\/s11265-016-1115-8","relation":{},"ISSN":["1939-8018","1939-8115"],"issn-type":[{"value":"1939-8018","type":"print"},{"value":"1939-8115","type":"electronic"}],"subject":[],"published":{"date-parts":[[2016,3,7]]}}}