Title :
How to detect a compromised SDN switch
Author :
Po-Wen Chi ; Chien-Ting Kuo ; Jing-Wei Guo ; Chin-Laung Lei
Author_Institution :
Dept. of Electr. Eng., Nat. Taiwan Univ., Taipei, Taiwan
Abstract :
SDN is a concept of programmable networking. A network manager can process each network flow through software programs. There is a hypothesis that all switches are trusted and follow programmed commands to handle packets. That is, once a switch is compromised by an attacker and does not follow the order of the network manager, this will bring a huge network disaster. In this paper, we define some attack models through compromised switches and design a detection mechanism to find these compromised devices. We evaluate our mechanism and discuss some future works.
Keywords :
computer network management; internetworking; software defined networking; attack models; compromised SDN switch detection; detection mechanism; network disaster; network flow; network manager; packet handling; programmable networking; programmed commands; software defined networking; software programs; Algorithm design and analysis; Detection algorithms; Ports (Computers); Security; Silicon; Switches;
Conference_Titel :
Network Softwarization (NetSoft), 2015 1st IEEE Conference on
Conference_Location :
London
DOI :
10.1109/NETSOFT.2015.7116184
