{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T04:08:33Z","timestamp":1750306113328,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":31,"publisher":"ACM","license":[{"start":{"date-parts":[[2017,4,3]],"date-time":"2017-04-03T00:00:00Z","timestamp":1491177600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"U.S. Army Research Laboratory Cyber Security Collaborative Research Alliance","award":["W911NF-13-2-0045"],"award-info":[{"award-number":["W911NF-13-2-0045"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2017,4,3]]},"DOI":"10.1145\/3050220.3050223","type":"proceedings-article","created":{"date-parts":[[2017,4,10]],"date-time":"2017-04-10T12:27:28Z","timestamp":1491827248000},"page":"8-20","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":20,"title":["Adversarial Network Forensics in Software Defined Networking"],"prefix":"10.1145","author":[{"given":"Stefan","family":"Achleitner","sequence":"first","affiliation":[{"name":"Computer Science and Engineering, Pennsylvania State University, University Park, PA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Thomas","family":"La Porta","sequence":"additional","affiliation":[{"name":"Computer Science and Engineering, Pennsylvania State University, University Park, PA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Trent","family":"Jaeger","sequence":"additional","affiliation":[{"name":"Computer Science and Engineering, Pennsylvania State University, University Park, PA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Patrick","family":"McDaniel","sequence":"additional","affiliation":[{"name":"Computer Science and Engineering, Pennsylvania State University, University Park, PA"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2017,4,3]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Brocade icx 6610. http:\/\/bit.ly\/2d3TSBH. Accessed: 2016-04-20.  Brocade icx 6610. http:\/\/bit.ly\/2d3TSBH. Accessed: 2016-04-20."},{"key":"e_1_3_2_1_2_1","unstructured":"Brocade openflow developer guide. http:\/\/bit.ly\/2cXwnfh. Accessed: 2016-04-21.  Brocade openflow developer guide. http:\/\/bit.ly\/2cXwnfh. Accessed: 2016-04-21."},{"key":"e_1_3_2_1_3_1","unstructured":"Cisco configuring port security. http:\/\/bit.ly\/ZfVjpD.  Cisco configuring port security. http:\/\/bit.ly\/ZfVjpD."},{"key":"e_1_3_2_1_4_1","unstructured":"Firewalk firewall scanner. https:\/\/packetstormsecurity.com\/UNIX\/audit\/firewalk\/.  Firewalk firewall scanner. https:\/\/packetstormsecurity.com\/UNIX\/audit\/firewalk\/."},{"key":"e_1_3_2_1_5_1","unstructured":"Floodlight lbaas. http:\/\/bit.ly\/2d6gKUY. Accessed: 2016-06-12.  Floodlight lbaas. http:\/\/bit.ly\/2d6gKUY. Accessed: 2016-06-12."},{"key":"e_1_3_2_1_6_1","unstructured":"Floodlight sdn controller. http:\/\/www.projectfloodlight.org\/floodlight\/. Accessed: 2016-04-20.  Floodlight sdn controller. http:\/\/www.projectfloodlight.org\/floodlight\/. Accessed: 2016-04-20."},{"key":"e_1_3_2_1_7_1","unstructured":"Is an sdn switch a new form of a firewall? http:\/\/bit.ly\/1xDhVAo.  Is an sdn switch a new form of a firewall? http:\/\/bit.ly\/1xDhVAo."},{"key":"e_1_3_2_1_8_1","unstructured":"Opendaylight sdn controller. https:\/\/www.opendaylight.org\/. Accessed: 2016-04-20.  Opendaylight sdn controller. https:\/\/www.opendaylight.org\/. Accessed: 2016-04-20."},{"key":"e_1_3_2_1_9_1","unstructured":"Openflow. https:\/\/www.opennetworking.org\/sdn-resources\/openflow.  Openflow. https:\/\/www.opennetworking.org\/sdn-resources\/openflow."},{"key":"e_1_3_2_1_10_1","unstructured":"Openvswitch. http:\/\/openvswitch.org\/.  Openvswitch. http:\/\/openvswitch.org\/."},{"key":"e_1_3_2_1_11_1","unstructured":"Pox sdn controller. http:\/\/stanford.io\/2ctlCEf. Accessed: 2016-04-20.  Pox sdn controller. http:\/\/stanford.io\/2ctlCEf. Accessed: 2016-04-20."},{"key":"e_1_3_2_1_12_1","unstructured":"Rfc1122 requirements for internet hosts. tools.ietf.org\/html\/rfc1122.  Rfc1122 requirements for internet hosts. tools.ietf.org\/html\/rfc1122."},{"key":"e_1_3_2_1_13_1","unstructured":"Rfc5227 ipv4 address conflict detection. tools.ietf.org\/html\/rfc5227.  Rfc5227 ipv4 address conflict detection. tools.ietf.org\/html\/rfc5227."},{"key":"e_1_3_2_1_14_1","unstructured":"Rfc792 internet control message protocol. tools.ietf.org\/html\/rfc792.  Rfc792 internet control message protocol. tools.ietf.org\/html\/rfc792."},{"key":"e_1_3_2_1_15_1","unstructured":"Rfc793 transmission control protocol. tools.ietf.org\/html\/rfc793.  Rfc793 transmission control protocol. tools.ietf.org\/html\/rfc793."},{"key":"e_1_3_2_1_16_1","unstructured":"Rfc826 an ethernet address resolution protocol. tools.ietf.org\/html\/rfc826.  Rfc826 an ethernet address resolution protocol. tools.ietf.org\/html\/rfc826."},{"key":"e_1_3_2_1_17_1","unstructured":"Sdnmap repository. https:\/\/github.com\/SDNMap\/sdnmap.  Sdnmap repository. https:\/\/github.com\/SDNMap\/sdnmap."},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2013.2296874"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICNP.2015.26"},{"key":"e_1_3_2_1_20_1","volume-title":"NDSS","author":"Dhawan M.","year":"2015","unstructured":"Dhawan , M. , Poddar , R. , Mahajan , K. , and Mann , V . Sphinx: Detecting security attacks in software-defined networks . In NDSS ( 2015 ). Dhawan, M., Poddar, R., Mahajan, K., and Mann, V. Sphinx: Detecting security attacks in software-defined networks. In NDSS (2015)."},{"key":"e_1_3_2_1_21_1","volume-title":"NDSS","author":"Hong S.","year":"2015","unstructured":"Hong , S. , Xu , L. , Wang , H. , and Gu , G . Poisoning network visibility in software-defined networks: New attacks and countermeasures . In NDSS ( 2015 ). Hong, S., Xu, L., Wang, H., and Gu, G. Poisoning network visibility in software-defined networks: New attacks and countermeasures. In NDSS (2015)."},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/2620728.2620749"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1109\/INFOCOM.2015.7218443"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/2342441.2342467"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1109\/INFCOM.2012.6195544"},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICIMP.2010.20"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICNP.2007.4375860"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/2491185.2491220"},{"volume-title":"Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security.","author":"Shin S.","key":"e_1_3_2_1_29_1","unstructured":"Shin , S. , Yegneswaran , V. , Porras , P. , and Gu , G . Avant-guard: Scalable and vigilant switch flow management in software-defined networks . In Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security. Shin, S., Yegneswaran, V., Porras, P., and Gu, G. Avant-guard: Scalable and vigilant switch flow management in software-defined networks. In Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security."},{"key":"e_1_3_2_1_30_1","volume-title":"USENIX Security Symposium","author":"Wool A.","year":"2001","unstructured":"Wool , A. Architecting the lumeta firewall analyzer . In USENIX Security Symposium ( 2001 ). Wool, A. Architecting the lumeta firewall analyzer. In USENIX Security Symposium (2001)."},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1109\/NOMS.2014.6838409"}],"event":{"name":"SOSR '17: Symposium on SDN Research","sponsor":["SIGCOMM ACM Special Interest Group on Data Communication","ONS Open Networking Summit"],"location":"Santa Clara CA USA","acronym":"SOSR '17"},"container-title":["Proceedings of the Symposium on SDN Research"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3050220.3050223","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3050220.3050223","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T03:36:27Z","timestamp":1750217787000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3050220.3050223"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017,4,3]]},"references-count":31,"alternative-id":["10.1145\/3050220.3050223","10.1145\/3050220"],"URL":"https:\/\/doi.org\/10.1145\/3050220.3050223","relation":{},"subject":[],"published":{"date-parts":[[2017,4,3]]},"assertion":[{"value":"2017-04-03","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}