Behavior Anomaly Detection in SDN Control Plane: A Case Study of Topology Discovery Attacks

Li Der Chou, Chien Chang Liu, Meng Sheng Lai, Kai Cheng Chiu, Hsuan Hao Tu, Sen Su, Chun Lin Lai, Chia Kuan Yen, Wei Hsiang Tsai

研究成果: 書貢獻/報告類型會議論文篇章同行評審

7 引文 斯高帕斯(Scopus)

摘要

The SDN controller uses the OpenFlow Discovery Protocol (OFDP) to collect network topology status. OFDP detects the link between OpenFlow switches by generating Link Layer Discovery Protocol (LLDP) packets. However, OFDP is not a completely secure protocol and can be used by attackers to perform topology discovery injection attacks, topology discovery man-in-the-middle attacks, and topology discovery flood attacks, thereby confusing the network topology. This paper proposes a Correlation-based Topology Anomaly Detection (CTAD) mechanism to run in a software-defined network controller. Spearman's rank correlation is used to analyze the correlation between network traffic between links and measure the time difference between the round trip time of each LLDP frame to determine whether the topology man-in-the-middle attack exists in the network. This paper also adds a dynamic authentication key and counting mechanism in the LLDP frame to prevent attackers from using the topology discovery injection attack to generate fake links and topology discovery flooding attacks, causing network routing or switching abnormalities.

原文???core.languages.en_GB???
主出版物標題ICTC 2019 - 10th International Conference on ICT Convergence
主出版物子標題ICT Convergence Leading the Autonomous Future
發行者Institute of Electrical and Electronics Engineers Inc.
頁面357-362
頁數6
ISBN(電子)9781728108926
DOIs
出版狀態已出版 - 10月 2019
事件10th International Conference on Information and Communication Technology Convergence, ICTC 2019 - Jeju Island, Korea, Republic of
持續時間: 16 10月 201918 10月 2019

出版系列

名字ICTC 2019 - 10th International Conference on ICT Convergence: ICT Convergence Leading the Autonomous Future

???event.eventtypes.event.conference???

???event.eventtypes.event.conference???10th International Conference on Information and Communication Technology Convergence, ICTC 2019
國家/地區Korea, Republic of
城市Jeju Island
期間16/10/1918/10/19

指紋

深入研究「Behavior Anomaly Detection in SDN Control Plane: A Case Study of Topology Discovery Attacks」主題。共同形成了獨特的指紋。

引用此