Securing SDN controller and switches from attacks Online publication date: Tue, 21-May-2019
by Udaya Tupakula; Vijay Varadharajan; Preeti Mishra
International Journal of High Performance Computing and Networking (IJHPCN), Vol. 14, No. 1, 2019
Abstract: In this paper, we propose techniques for securing the SDN controller and the switches from malicious end-host attacks. Our model makes use of trusted computing and introspection-based intrusion detection to deal with attacks in SDN. We have developed a security application for the SDN controller to validate the state of the switches in the data plane and enforce the security policies to monitor the virtual machines at system call level and detect attacks. We have developed a feature extraction method named vector of n-grams which represents the traces in an efficient way without losing the ordering of system calls. The flows from the malicious hosts are dropped before they are processed by the switches or forwarded to the SDN controller. Hence, our model protects the switches and the SDN controller from the attacks.
Existing subscribers:
Go to Inderscience Online Journals to access the Full Text of this article.
If you are not a subscriber and you just want to read the full contents of this article, buy online access here.Complimentary Subscribers, Editors or Members of the Editorial Board of the International Journal of High Performance Computing and Networking (IJHPCN):
Login with your Inderscience username and password:
Want to subscribe?
A subscription gives you complete access to all articles in the current issue, as well as to all articles in the previous three years (where applicable). See our Orders page to subscribe.
If you still need assistance, please email subs@inderscience.com