A Forensic Methodology for Software-Defined Network Switches - Advances in Digital Forensics XIII
Conference Papers Year : 2017

A Forensic Methodology for Software-Defined Network Switches

Abstract

This chapter presents a forensic methodology for computing systems in a software-defined networking environment that consists of an application plane, control plane and data plane. The methodology involves a forensic examination of the software-defined networking infrastructure from the perspective of a switch. Memory images of a live switch and southbound communications are leveraged to enable forensic investigators to identify and locate potential evidence for triage in real time. The methodology is evaluated using a real-world testbed exposed to network attacks. The experimental results demonstrate the effectiveness of the methodology for forensic investigations of software-defined networking infrastructures.
Fichier principal
Vignette du fichier
456364_1_En_6_Chapter.pdf (287.79 Ko) Télécharger le fichier
Origin Files produced by the author(s)
Loading...

Dates and versions

hal-01716399 , version 1 (23-02-2018)

Licence

Identifiers

Cite

Tommy Chin, Kaiqi Xiong. A Forensic Methodology for Software-Defined Network Switches. 13th IFIP International Conference on Digital Forensics (DigitalForensics), Jan 2017, Orlando, FL, United States. pp.97-110, ⟨10.1007/978-3-319-67208-3_6⟩. ⟨hal-01716399⟩
112 View
283 Download

Altmetric

Share

More