Data Theft Attack Detection Method for SDN Edge Switch
Conference: CIBDA 2022 - 3rd International Conference on Computer Information and Big Data Applications
03/25/2022 - 03/27/2022 at Wuhan, China
Proceedings: CIBDA 2022
Pages: 6Language: englishTyp: PDF
Authors:
Zhao, Yang; Hu, Tao (Information Engineering University, Zhengzhou, China)
Yi, Peng; Zhang, Zhen (Information Engineering University, Zhengzhou, China & Network Communication and Security Purple Mountain Laboratory, Nanjing, China)
Liu, Shaoxun (Network Communication and Security Purple Mountain Laboratory, Nanjing, China)
Abstract:
As a device for data forwarding and policy enforcement, the permissions of SDN switches should not be stolen by unauthorized entities. Such requirement cannot be met because there are compromised switches in data plane due to malicious attacks. This paper proposes a data theft attack initiated by edge switches, which can evade network-wide anomaly detection. In this paper, we address this problem and propose a flow information consistency detection method. The host completes the information transmission with the controller through the packet_in message mechanism by constructing special packet, and the controller performs flow information consistency authentication on the flow table entry request message to detect anomalies. Finally, this paper conducts experiments on the mininet platform based on the ryu controller. The experimental results show that this method can only increase the time cost slightly (1%-2%) while resisting the attack of the edge switch.