CPACK: An Intelligent Cyber-Physical Access Control Kit for Protecting Network
Access Control Lists (ACL) are critical to protecting network and cyber-physical systems. Traditional firewalls mostly use reactive methods to enforce ACLs, so that new ACL updates cannot take effect immediately. In this paper, based on our previous work, we propose CPACK, an intelligent cyber-physi...
| Published in: | Sensors |
|---|---|
| Main Authors: | , , , |
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2022-10-01
|
| Subjects: | |
| Online Access: | https://www.mdpi.com/1424-8220/22/20/8014 |
| _version_ | 1850098118576570368 |
|---|---|
| author | Haisheng Yu Zhixian Liu Sai Zou Wenyong Wang |
| author_facet | Haisheng Yu Zhixian Liu Sai Zou Wenyong Wang |
| author_sort | Haisheng Yu |
| collection | DOAJ |
| container_title | Sensors |
| description | Access Control Lists (ACL) are critical to protecting network and cyber-physical systems. Traditional firewalls mostly use reactive methods to enforce ACLs, so that new ACL updates cannot take effect immediately. In this paper, based on our previous work, we propose CPACK, an intelligent cyber-physical access control kit, which uses a smart algorithm to upgrade the ACL list. CPACK adopts a proactive way to enforce ACL and reacts to a new ACL update and network view update in real time. We implement CPACK on both Floodlight and ONOS controller. We then conduct a large number of experiments to compare CPACK with the Floodlight firewall application. The experimental results show that CPACK has a better performance than the existing Floodlight firewall application. CPACK is also integrated into the new version of Floodlight and ONOS controller. |
| format | Article |
| id | doaj-art-c3347de8f3f240c8aecfeea209ada641 |
| institution | Directory of Open Access Journals |
| issn | 1424-8220 |
| language | English |
| publishDate | 2022-10-01 |
| publisher | MDPI AG |
| record_format | Article |
| spelling | doaj-art-c3347de8f3f240c8aecfeea209ada6412025-08-20T00:06:00ZengMDPI AGSensors1424-82202022-10-012220801410.3390/s22208014CPACK: An Intelligent Cyber-Physical Access Control Kit for Protecting NetworkHaisheng Yu0Zhixian Liu1Sai Zou2Wenyong Wang3University of Electronic Science and Technology of China, 2006 Xiyuan Avenue, Chengdu 611731, ChinaUniversity of Electronic Science and Technology of China, 2006 Xiyuan Avenue, Chengdu 611731, ChinaGuizhou University, College of Big Data and Information Engineering, Huaxi Load, Guiyang 550025, ChinaUniversity of Electronic Science and Technology of China, 2006 Xiyuan Avenue, Chengdu 611731, ChinaAccess Control Lists (ACL) are critical to protecting network and cyber-physical systems. Traditional firewalls mostly use reactive methods to enforce ACLs, so that new ACL updates cannot take effect immediately. In this paper, based on our previous work, we propose CPACK, an intelligent cyber-physical access control kit, which uses a smart algorithm to upgrade the ACL list. CPACK adopts a proactive way to enforce ACL and reacts to a new ACL update and network view update in real time. We implement CPACK on both Floodlight and ONOS controller. We then conduct a large number of experiments to compare CPACK with the Floodlight firewall application. The experimental results show that CPACK has a better performance than the existing Floodlight firewall application. CPACK is also integrated into the new version of Floodlight and ONOS controller.https://www.mdpi.com/1424-8220/22/20/8014Access Control List (ACL)Software-Defined Networking (SDN)securityfloodlightONOS |
| spellingShingle | Haisheng Yu Zhixian Liu Sai Zou Wenyong Wang CPACK: An Intelligent Cyber-Physical Access Control Kit for Protecting Network Access Control List (ACL) Software-Defined Networking (SDN) security floodlight ONOS |
| title | CPACK: An Intelligent Cyber-Physical Access Control Kit for Protecting Network |
| title_full | CPACK: An Intelligent Cyber-Physical Access Control Kit for Protecting Network |
| title_fullStr | CPACK: An Intelligent Cyber-Physical Access Control Kit for Protecting Network |
| title_full_unstemmed | CPACK: An Intelligent Cyber-Physical Access Control Kit for Protecting Network |
| title_short | CPACK: An Intelligent Cyber-Physical Access Control Kit for Protecting Network |
| title_sort | cpack an intelligent cyber physical access control kit for protecting network |
| topic | Access Control List (ACL) Software-Defined Networking (SDN) security floodlight ONOS |
| url | https://www.mdpi.com/1424-8220/22/20/8014 |
| work_keys_str_mv | AT haishengyu cpackanintelligentcyberphysicalaccesscontrolkitforprotectingnetwork AT zhixianliu cpackanintelligentcyberphysicalaccesscontrolkitforprotectingnetwork AT saizou cpackanintelligentcyberphysicalaccesscontrolkitforprotectingnetwork AT wenyongwang cpackanintelligentcyberphysicalaccesscontrolkitforprotectingnetwork |