Technical Reports


Recent Submissions

Now showing 1 - 4 of 4
  • Item
    Security Analysis of Onos Software-Defined Network Platform
    (2016-10-12) Adenuga-Taiwo, Oluwadamilola; Shah Heydari, Shahram
    Software Defined Networking (SDN) enables organizations strengthen their network architectures, reduce running costs and enable sophisticated network functions. The adoption of software defined networks by top industry players like CISCO, IBM and Ericsson implies its increased application in mainstream networks and real world applications. Security challenges in SDN networks are quite similar to the traditional networks where many attacks occur at the control layer. This issue is further escalated by the fact that information is synchronized between the data layer, which houses the network devices; and the control layer, in which the SDN controller operates. The control layer contains policies for operating the data layer, providing a single point of failure on the network as a whole. This technical report examines a number of security challenges within the control layer of ONOS SDN platform – an open source initiative under the Linux foundation for carrier-grade software-defined networking, which is quickly gaining popularity within the industry. In particular, we examine ONOS vulnerability Northbound and Southbound DOS and MITM attacks in a test environment and provide observation, analysis and some defensive measures.
  • Item
    Privacy Implications of GSM Network Services
    (2013-07-15) Kosa, Tracy Ann; el-Khatib, Khalil; Marsh, Steve
    Current research on GSM does not deal with privacy requirements, or confuses privacy (legislated) with security (standards based). This paper seeks to examine how the applicable privacy legislation in Canada (PIPEDA) would apply to GSM services. Part I provides an overview of the evolution of network communications and how privacy legislation applies, ending with a discussion of GSM functionality and players. An description of the kind of personal information in GSM service delivery is presented in Part 2, while the privacy analysis is conducted in Part 3. Part 4 is a brief inter-disciplinary literature review demonstrating how GSM research is focused respectively on public policy and functionality, while security work focuses on authentication techniques. Various approaches to privacy are described in Part 5, and a short conclusion of the implications is presented in Part 6.
© Copyright owned by the authors