Final published version, 319 KB, PDF document
Final published version
Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSN › Chapter
Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSN › Chapter
}
TY - CHAP
T1 - Stealthy Verification Mechanism to Defend SDN Against Topology Poisoning
AU - Zamin Khan, Bakht
AU - Ghani, Anwar
AU - Khan, Imran
AU - Ali Khan, Muazzam
AU - Bilal, Muhammad
PY - 2022/1/15
Y1 - 2022/1/15
N2 - Software-defined network (SDN) is an emerging networking paradigm that segregates functionalities of control and data plane to reduce their complexity and provides more control, scalability, and centralized management. OpenFlow (OF) is a widely used protocol that builds a global and shared view of the network. Therefore, for SDN applications, the correctness of the topology view has a critical impact on the flow-based communication and provision of services. However, recently identified vulnerabilities in Open Flow Discovery Protocol (OFDP) reveal that malicious hosts or data plane switches can poison the global view of the network, and an intruder can launch man-in-the-middle or denial of service attacks. Existing passive approach-based solutions work well for known attacks. Some solutions use an active approach to identify the fake links or malicious hosts by sending Stealthy Probing Verification (SPV) packets. However, due to the use of probing mechanism, it faces scalability and bandwidth consumption issues in the case of large data centers networks and resource limited networks. The proposed technique is based on the SPV mechanism, however, to counter the scalability and bandwidth issues, the probing packets are only initiated when triggered updates of a new link or network node are received by the SDN controller. The probing traffic has been reduced by 40%. Hence consume less bandwidth and identifies a malicious host in less than 90 ms. The results indicate that the Enhance Stealthy Probing Verification (ESPV) is a more scalable and suitable solution to detect and identify fake links or malicious hosts in large data center networks and resource limited networks such as Wireless Sensor Networks (WSNs).
AB - Software-defined network (SDN) is an emerging networking paradigm that segregates functionalities of control and data plane to reduce their complexity and provides more control, scalability, and centralized management. OpenFlow (OF) is a widely used protocol that builds a global and shared view of the network. Therefore, for SDN applications, the correctness of the topology view has a critical impact on the flow-based communication and provision of services. However, recently identified vulnerabilities in Open Flow Discovery Protocol (OFDP) reveal that malicious hosts or data plane switches can poison the global view of the network, and an intruder can launch man-in-the-middle or denial of service attacks. Existing passive approach-based solutions work well for known attacks. Some solutions use an active approach to identify the fake links or malicious hosts by sending Stealthy Probing Verification (SPV) packets. However, due to the use of probing mechanism, it faces scalability and bandwidth consumption issues in the case of large data centers networks and resource limited networks. The proposed technique is based on the SPV mechanism, however, to counter the scalability and bandwidth issues, the probing packets are only initiated when triggered updates of a new link or network node are received by the SDN controller. The probing traffic has been reduced by 40%. Hence consume less bandwidth and identifies a malicious host in less than 90 ms. The results indicate that the Enhance Stealthy Probing Verification (ESPV) is a more scalable and suitable solution to detect and identify fake links or malicious hosts in large data center networks and resource limited networks such as Wireless Sensor Networks (WSNs).
KW - Active probing
KW - Link fabrication
KW - Open flow discovery protocol
KW - OpenFlow
KW - Resource constraint networks
KW - Security
KW - Software-defined network
KW - Stealthy probing verification
KW - Topology discovery
KW - Wireless sensor networks
U2 - 10.1007/978-3-030-89328-6_13
DO - 10.1007/978-3-030-89328-6_13
M3 - Chapter
AN - SCOPUS:85123636445
SN - 9783030893279
T3 - Internet of Things
SP - 235
EP - 246
BT - Internet of Things
PB - Springer Science and Business Media Deutschland GmbH
ER -