Data Theft Attack and Detection Method Initiated by SDN Edge Switch
扫码查看
点击上方二维码区域,可以放大扫码查看
原文链接
国家科技期刊平台
NETL
NSTL
万方数据
软件定义网络(Soft Defined Network,SDN)交换机作为数据转发与策略执行的设备,恶意攻击者通过侵蚀SDN交换机对网络进行隐秘而致命的攻击,严重影响用户的端到端通信质量.首先提出了一种边缘交换机被攻击者劫持后的数据窃取攻击过程,可以逃避网络范围内的异常检测,并证明了这种攻击的隐蔽性.为了抵御此种攻击,提出了一种流信息一致性检测方法,将主机信息纳入一致性检测中,并基于Ryu控制器在mininet平台上进行实验.实验结果表明,防御方法在抵御边缘交换机攻击的同时不会带来过多的负载增加.
As devices for data forwarding and policy execution,Soft Defined Network(SDN)switches could be attacked by malicious attackers secretly and fatally,causing serious damage on users´ end-to-end communication quality.This paper first proposes a data theft attack process after an edge switch is hijacked by an attacker,which can evade network-wide anomaly detection,and proves the stealth of this attack.To resist this kind of attack,a flow information consistency detection method is proposed,which incorporates the host information into the consistency detection,and experiments are carried out on the mininet platform based on the ryu controller.The experimental results show that the defense method is effective in resisting the attack of edge switches,without causing too much load increase.
software defined networkdata plane securitydamaged switch detection
国家科技期刊平台
NSTL
万方数据
