{"id":"https://openalex.org/W3115410949","doi":"https://doi.org/10.1109/tnsm.2020.3045998","title":"<i>MLSNet:</i> A Policy Complying Multilevel Security Framework for Software Defined Networking","display_name":"<i>MLSNet:</i> A Policy Complying Multilevel Security Framework for Software Defined Networking","publication_year":2020,"publication_date":"2020-12-21","ids":{"openalex":"https://openalex.org/W3115410949","doi":"https://doi.org/10.1109/tnsm.2020.3045998","mag":"3115410949"},"language":"en","primary_location":{"id":"doi:10.1109/tnsm.2020.3045998","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tnsm.2020.3045998","pdf_url":null,"source":{"id":"https://openalex.org/S173527311","display_name":"IEEE Transactions on Network and Service Management","issn_l":"1932-4537","issn":["1932-4537","2373-7379"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Network and Service Management","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5102934619","display_name":"Stefan Achleitner","orcid":"https://orcid.org/0000-0002-5499-6101"},"institutions":[{"id":"https://openalex.org/I130769515","display_name":"Pennsylvania State University","ror":"https://ror.org/04p491231","country_code":"US","type":"education","lineage":["https://openalex.org/I130769515"]},{"id":"https://openalex.org/I4210108451","display_name":"Palo Alto Networks (United States)","ror":"https://ror.org/01rn6rn86","country_code":"US","type":"company","lineage":["https://openalex.org/I4210108451"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Stefan Achleitner","raw_affiliation_strings":["Palo Alto Networks, Inc., Santa Clara, CA, USA","Pennsylvania State University, University Park, PA, USA"],"affiliations":[{"raw_affiliation_string":"Palo Alto Networks, Inc., Santa Clara, CA, USA","institution_ids":["https://openalex.org/I4210108451"]},{"raw_affiliation_string":"Pennsylvania State University, University Park, PA, USA","institution_ids":["https://openalex.org/I130769515"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5031987483","display_name":"Quinn Burke","orcid":"https://orcid.org/0000-0003-1719-3112"},"institutions":[{"id":"https://openalex.org/I130769515","display_name":"Pennsylvania State University","ror":"https://ror.org/04p491231","country_code":"US","type":"education","lineage":["https://openalex.org/I130769515"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Quinn Burke","raw_affiliation_strings":["Pennsylvania State University, University Park, PA, USA"],"affiliations":[{"raw_affiliation_string":"Pennsylvania State University, University Park, PA, USA","institution_ids":["https://openalex.org/I130769515"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5055368149","display_name":"Patrick McDaniel","orcid":"https://orcid.org/0000-0003-2091-7484"},"institutions":[{"id":"https://openalex.org/I130769515","display_name":"Pennsylvania State University","ror":"https://ror.org/04p491231","country_code":"US","type":"education","lineage":["https://openalex.org/I130769515"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Patrick McDaniel","raw_affiliation_strings":["Pennsylvania State University, University Park, PA, USA"],"affiliations":[{"raw_affiliation_string":"Pennsylvania State University, University Park, PA, USA","institution_ids":["https://openalex.org/I130769515"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5055045569","display_name":"Trent Jaeger","orcid":"https://orcid.org/0000-0002-4964-1170"},"institutions":[{"id":"https://openalex.org/I130769515","display_name":"Pennsylvania State University","ror":"https://ror.org/04p491231","country_code":"US","type":"education","lineage":["https://openalex.org/I130769515"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Trent Jaeger","raw_affiliation_strings":["Pennsylvania State University, University Park, PA, USA"],"affiliations":[{"raw_affiliation_string":"Pennsylvania State University, University Park, PA, USA","institution_ids":["https://openalex.org/I130769515"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5073465096","display_name":"Thomas La Porta","orcid":"https://orcid.org/0000-0003-1295-4461"},"institutions":[{"id":"https://openalex.org/I130769515","display_name":"Pennsylvania State University","ror":"https://ror.org/04p491231","country_code":"US","type":"education","lineage":["https://openalex.org/I130769515"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Thomas La Porta","raw_affiliation_strings":["Pennsylvania State University, University Park, PA, USA"],"affiliations":[{"raw_affiliation_string":"Pennsylvania State University, University Park, PA, USA","institution_ids":["https://openalex.org/I130769515"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5086268637","display_name":"Srikanth V. Krishnamurthy","orcid":"https://orcid.org/0000-0002-6533-4381"},"institutions":[{"id":"https://openalex.org/I103635307","display_name":"University of California, Riverside","ror":"https://ror.org/03nawhv43","country_code":"US","type":"education","lineage":["https://openalex.org/I103635307"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Srikanth Krishnamurthy","raw_affiliation_strings":["University of California Riverside, Riverside, CA, USA"],"affiliations":[{"raw_affiliation_string":"University of California Riverside, Riverside, CA, USA","institution_ids":["https://openalex.org/I103635307"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5102934619"],"corresponding_institution_ids":["https://openalex.org/I130769515","https://openalex.org/I4210108451"],"apc_list":null,"apc_paid":null,"fwci":1.3876,"has_fulltext":false,"cited_by_count":11,"citation_normalized_percentile":{"value":0.83322703,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":98},"biblio":{"volume":"18","issue":"1","first_page":"729","last_page":"744"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10714","display_name":"Software-Defined Networks and 5G","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10714","display_name":"Software-Defined Networks and 5G","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9952999949455261,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10400","display_name":"Network Security and Intrusion Detection","score":0.994700014591217,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8393037915229797},{"id":"https://openalex.org/keywords/computer-network","display_name":"Computer network","score":0.6237236261367798},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5823595523834229},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.5545934438705444},{"id":"https://openalex.org/keywords/software-defined-networking","display_name":"Software-defined networking","score":0.5288984179496765},{"id":"https://openalex.org/keywords/distributed-computing","display_name":"Distributed computing","score":0.4933277666568756},{"id":"https://openalex.org/keywords/security-policy","display_name":"Security policy","score":0.4844420254230499},{"id":"https://openalex.org/keywords/network-security","display_name":"Network security","score":0.45508626103401184},{"id":"https://openalex.org/keywords/adversary","display_name":"Adversary","score":0.4464084506034851},{"id":"https://openalex.org/keywords/leverage","display_name":"Leverage (statistics)","score":0.4443422555923462},{"id":"https://openalex.org/keywords/node","display_name":"Node (physics)","score":0.44160526990890503},{"id":"https://openalex.org/keywords/flow-network","display_name":"Flow network","score":0.43719571828842163},{"id":"https://openalex.org/keywords/network-security-policy","display_name":"Network security policy","score":0.4285503029823303},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.3169737160205841},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.30455508828163147}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8393037915229797},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.6237236261367798},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5823595523834229},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.5545934438705444},{"id":"https://openalex.org/C77270119","wikidata":"https://www.wikidata.org/wiki/Q1655198","display_name":"Software-defined networking","level":2,"score":0.5288984179496765},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.4933277666568756},{"id":"https://openalex.org/C154908896","wikidata":"https://www.wikidata.org/wiki/Q2167404","display_name":"Security policy","level":2,"score":0.4844420254230499},{"id":"https://openalex.org/C182590292","wikidata":"https://www.wikidata.org/wiki/Q989632","display_name":"Network security","level":2,"score":0.45508626103401184},{"id":"https://openalex.org/C41065033","wikidata":"https://www.wikidata.org/wiki/Q2825412","display_name":"Adversary","level":2,"score":0.4464084506034851},{"id":"https://openalex.org/C153083717","wikidata":"https://www.wikidata.org/wiki/Q6535263","display_name":"Leverage (statistics)","level":2,"score":0.4443422555923462},{"id":"https://openalex.org/C62611344","wikidata":"https://www.wikidata.org/wiki/Q1062658","display_name":"Node (physics)","level":2,"score":0.44160526990890503},{"id":"https://openalex.org/C114809511","wikidata":"https://www.wikidata.org/wiki/Q1412924","display_name":"Flow network","level":2,"score":0.43719571828842163},{"id":"https://openalex.org/C117110713","wikidata":"https://www.wikidata.org/wiki/Q3394676","display_name":"Network security policy","level":4,"score":0.4285503029823303},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.3169737160205841},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.30455508828163147},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.0},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.0},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.0},{"id":"https://openalex.org/C126255220","wikidata":"https://www.wikidata.org/wiki/Q141495","display_name":"Mathematical optimization","level":1,"score":0.0},{"id":"https://openalex.org/C66938386","wikidata":"https://www.wikidata.org/wiki/Q633538","display_name":"Structural engineering","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/tnsm.2020.3045998","is_oa":false,"landing_page_url":"https://doi.org/10.1109/tnsm.2020.3045998","pdf_url":null,"source":{"id":"https://openalex.org/S173527311","display_name":"IEEE Transactions on Network and Service Management","issn_l":"1932-4537","issn":["1932-4537","2373-7379"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Transactions on Network and Service Management","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.800000011920929,"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions"}],"awards":[{"id":"https://openalex.org/G7423680502","display_name":null,"funder_award_id":"CNS-1946022","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"},{"id":"https://openalex.org/F4320337807","display_name":"U.S. Army Combat Capabilities Development Command","ror":null}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":57,"referenced_works":["https://openalex.org/W85890223","https://openalex.org/W106863888","https://openalex.org/W158224344","https://openalex.org/W1518533182","https://openalex.org/W1540221906","https://openalex.org/W1699577049","https://openalex.org/W1867219652","https://openalex.org/W1882012874","https://openalex.org/W1966741850","https://openalex.org/W1966819490","https://openalex.org/W1984451560","https://openalex.org/W1991895580","https://openalex.org/W1994926493","https://openalex.org/W2010243036","https://openalex.org/W2011316745","https://openalex.org/W2020729428","https://openalex.org/W2027177092","https://openalex.org/W2039858940","https://openalex.org/W2042448840","https://openalex.org/W2084915558","https://openalex.org/W2085952809","https://openalex.org/W2094873755","https://openalex.org/W2101173463","https://openalex.org/W2105686707","https://openalex.org/W2120255160","https://openalex.org/W2128633476","https://openalex.org/W2130531694","https://openalex.org/W2137845741","https://openalex.org/W2156349841","https://openalex.org/W2157571304","https://openalex.org/W2160706360","https://openalex.org/W2161449469","https://openalex.org/W2168595508","https://openalex.org/W2177058407","https://openalex.org/W2299450638","https://openalex.org/W2320204756","https://openalex.org/W2401610261","https://openalex.org/W2607157588","https://openalex.org/W2734634399","https://openalex.org/W2758509082","https://openalex.org/W2769168058","https://openalex.org/W2963655955","https://openalex.org/W3011530370","https://openalex.org/W3013859777","https://openalex.org/W3020515420","https://openalex.org/W3047172212","https://openalex.org/W3111318396","https://openalex.org/W3149604617","https://openalex.org/W4211079902","https://openalex.org/W4248605401","https://openalex.org/W4300930169","https://openalex.org/W6606536520","https://openalex.org/W6632119560","https://openalex.org/W6639592347","https://openalex.org/W6675957391","https://openalex.org/W6678385351","https://openalex.org/W6786678333"],"related_works":["https://openalex.org/W1519114293","https://openalex.org/W2153264224","https://openalex.org/W2375663084","https://openalex.org/W2095363643","https://openalex.org/W2173238669","https://openalex.org/W2130339907","https://openalex.org/W2391963552","https://openalex.org/W2114705216","https://openalex.org/W1993185027","https://openalex.org/W2157654546"],"abstract_inverted_index":{"Ensuring":[0],"that":[1,205,213],"information":[2,32,85],"flowing":[3],"through":[4],"a":[5,28,38,74,82,157,224],"network":[6,21,57,90,124,148,160,172],"is":[7,16],"secure":[8,83],"from":[9],"manipulation":[10],"and":[11,52,60,91,141,189,209,218,238],"eavesdropping":[12],"by":[13,134],"unauthorized":[14],"parties":[15],"an":[17,42,45,100],"important":[18],"task":[19,137],"for":[20,244],"administrators.":[22],"Many":[23],"cyber":[24],"attacks":[25],"rely":[26],"on":[27,111,119,167],"lack":[29],"of":[30,130,156,164,178,183,195,231,240],"network-level":[31],"flow":[33,86,165],"controls":[34],"to":[35,64,80,99,108,138,146,200],"successfully":[36],"compromise":[37],"victim":[39],"network.":[40],"Once":[41],"adversary":[43,101],"exploits":[44],"initial":[46],"entry":[47],"point,":[48],"they":[49],"can":[50,207],"eavesdrop":[51],"move":[53],"laterally":[54],"within":[55,88],"the":[56,89,95,121,128,136,139,154,168,176,181,192,215,220,234,241,245],"(e.g.,":[58,228],"scan":[59],"penetrate":[61],"internal":[62],"nodes)":[63],"further":[65],"their":[66],"malicious":[67],"goals.":[68],"In":[69,106],"this":[70,143],"article,":[71],"we":[72,126],"propose":[73],"novel":[75],"multilevel":[76,112],"security":[77,113,187,193,216,226],"(MLS)":[78],"framework":[79],"enforce":[81],"inter-node":[84],"policy":[87,122,158],"therein":[92],"vastly":[93],"reduce":[94],"attack":[96],"surface":[97],"available":[98],"who":[102],"has":[103],"penetrated":[104],"it.":[105],"contrast":[107],"prior":[109],"work":[110],"in":[114],"computer":[115],"networks":[116,132],"which":[117],"relied":[118],"enforcing":[120],"at":[123],"endpoints,":[125],"leverage":[127],"centralization":[129],"software-defined":[131],"(SDNs)":[133],"moving":[135],"controller":[140],"providing":[142],"service":[144],"transparently":[145],"all":[147,186],"nodes.":[149],"Our":[150],"framework,":[151],"MLSNet,":[152],"formalizes":[153],"generation":[155],"compliant":[159],"configuration":[161],"(i.e.,":[162],"set":[163],"rules":[166],"SDN":[169],"switches)":[170],"as":[171],"optimization":[173,246],"problems,":[174],"with":[175,223],"objectives":[177],"(1)":[179],"maximizing":[180],"number":[182],"flows":[184,199,212,222],"satisfying":[185],"constraints":[188,217],"(2)":[190],"minimizing":[191],"cost":[194,227],"routing":[196],"any":[197],"remaining":[198,221],"guarantee":[201],"availability.":[202],"We":[203],"demonstrate":[204],"MLSNet":[206],"securely":[208],"efficiently":[210],"route":[211,219,229],"satisfy":[214],"minimal":[225],">85%":[230],"flows,":[232],"where":[233],"heuristic":[235],"achieves":[236],"89%":[237],"87%":[239],"optimal":[242],"solutions":[243],"problems).":[247]},"counts_by_year":[{"year":2024,"cited_by_count":2},{"year":2023,"cited_by_count":6},{"year":2022,"cited_by_count":1},{"year":2021,"cited_by_count":2}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2021-01-05T00:00:00"}