Title: I-SMITE: an IP traceback mechanism for inter-AS SDN networks using BGP

Authors: Pynbianglut Hadem; D.K. Saikia; Soumen Moulik

Addresses: Department of Computer Science and Engineering, National Institute of Technology Meghalaya, Meghalaya, India ' Department of Computer Science and Engineering, Tezpur University, Assam 695014, India ' Department of Computer Science and Engineering, National Institute of Technology Meghalaya, Meghalaya, India

Abstract: In this paper, we introduce I-SMITE an inter autonomous systems (inter-AS) IP traceback mechanism based on SMITE to support efficient IP traceback across inter-AS software-defined networks (SDN) networks. The objective is achieved through an integration of SDN, multiprotocol label switching (MPLS) and border gateway protocol (BGP) in OpenFlow. Our proposed work leverages the flexibility of SDN and the strength of MPLS to achieve low false-positive rate, ability to perform post-mortem traceback, reduction in storage pressure/hardware investment and most importantly the ability to perform traceback for a single attack packet. Also, the standard internet protocol BGP has been used to provide inter-AS IP traceback support, thereby enhancing the acceptability of the proposed work. Moreover, the proposed work also aims to overcome the difficulties and limitations of legacy traceback mechanisms in an SDN environment.

Keywords: network security; IP traceback; I-SMITE; software-defined network; SDN; multiprotocol label switching; MPLS; border gateway protocol; BGP; OpenFlow; cyber-attacks.

DOI: 10.1504/IJSN.2021.117864

International Journal of Security and Networks, 2021 Vol.16 No.3, pp.163 - 173

Received: 09 Sep 2020
Accepted: 04 Oct 2020
Published online: 04 Oct 2021 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article