Detecting network visibility poisoning in software-defined networks on physical layer

Hu, Xiangbin

Permalink

https://hdl.handle.net/2142/97875 Copy

Description

Title

Detecting network visibility poisoning in software-defined networks on physical layer

Author(s)

Hu, Xiangbin

Issue Date

2017-05

Keyword(s)

• Software-Defined Networking
• Topography Poisoning

Abstract

Software-Defined Networking (SDN), unlike traditional networking, provides universal visibility and centralized controllability over a network. By doing so, SDN gives flexible solutions for applications to leverage the network based on the rich information that comes with such a centralized design. However, with the benefit also come new threats. Poisoning network visibility is an attack that falsifies the topology information, and by doing so misleads the SDN applications which depend on such information. The attack can be followed by more serious attacks such as man-in-the-middle attacks and denial of service attacks. Such an attack becomes applicable by exploiting unique vulnerabilities on current SDN controllers. Poisoning network visibility was discussed in existing research, but the original authors only focused on mitigation methods on higher OSI-layers. Although the methods were proven to be successful, they failed to address some edge cases that could happen during an attack. In this research, we propose a network visibility poisoning detection method on the physical layer as an improvement to the original method. The approach utilizes the time stamp applied on the Link Layer Discovery Protocol packets and analyze the properties of the newly updated link to determine whether the link is fabricated by the attacker. Then we evaluate the proposed method and present the data and the results.

Type of Resource

text

Language

en

Permalink

http://hdl.handle.net/2142/97875

Owning Collections