Detecting collaborative attacks caused by compromised switches in SDN

Vijayvergiya, Nishant Y (2017) Detecting collaborative attacks caused by compromised switches in SDN. Masters thesis, Indian Institute of Technology Hyderabad.

Text
CS15MTECH11020.pdf - Submitted Version
Restricted to Registered users only until 20 July 2020.
Download (5MB) | Request a copy

Abstract

Software De fi ned Networking (SDN) is a new approach to networking which provides an abstraction layer for the physical network. It is considered a future technology, which has the potential to reduce complexity and costs, especially in large data centers. SDN is an emerging architecture that allows network administrators to manage network behavior via a centralized console. A key concept of SDN is to provide APIs for third-party applications. This makes the network more manageable and fl exible. However, it also increases the risk of malware which can compromise the network since remote access to controllers and switches are possible. The SDN architecture relies on the assumption that all the switches in the network obey the commands of the controller. However, if someone breaks into an SDN switch, it can bring down the entire network or cause unwanted activities in the network.Therefore, it is important to detect compromised switches. One of them is the problem of collaboration among compromised SDN switches. In this research, we de fi ne what are compromised switches and their behavior. We also describe the collaboration between switches and its a ⇤ ect on the network. The research focuses on attack models like packet dropping, packet forwarding, port mirroring, etc. The system works using the algorithm that creates a zone of collaborating switches and based on the zones identi fi es the problem causing switches. The research proposes a solution towards this problem and see its e ⇤ ectiveness in various network topologies.

[error in script]

IITH Creators: