Protecting Software-Defined Enterprise Networks from Packet Injection Attacks

被引:1
|
作者
ul Huque, Tanvir [1 ]
den Hartog, Frank [2 ]
机构
[1] Queensland Univ Technol, Sch Comp Sci, Brisbane, Qld, Australia
[2] Univ New South Wales, Sch Engn & Informat Technol, Canberra, ACT, Australia
来源
PROCEEDINGS OF THE IEEE 46TH CONFERENCE ON LOCAL COMPUTER NETWORKS (LCN 2021) | 2021年
关键词
D O I
10.1109/LCN52139.2021.9524961
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
Packet injection attacks are a primary threat to software-defined enterprise networks, for which continuous connectivity and real-time network functioning are two essential requirements. They are a form of denial-of-service attacks, and their main effect is network performance degradation up to total breakdown. In this paper, we show how such an attack can effectively be detected and mitigated at the entrance gateway switch of the software-defined enterprise network without sacrificing the basic functionality and performance of the networks control mechanisms. We describe an effective protection of the network's core controller as well as a significant reduction of rule-space overhead compared to a state-of-the-art technique.
引用
收藏
页码:287 / 292
页数:6
相关论文
共 50 条
  • [1] Packet Injection Exploiting Attack and Mitigation in Software-Defined Networks
    Li, Jishuai
    Qin, Sujuan
    Tu, Tengfei
    Zhang, Hua
    Li, Yongsheng
    [J]. APPLIED SCIENCES-BASEL, 2022, 12 (03):
  • [2] Packet Injection Attack and Its Defense in Software-Defined Networks
    Deng, Shuhua
    Gao, Xing
    Lu, Zebin
    Gao, Xieping
    [J]. IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, 2018, 13 (03) : 695 - 705
  • [3] Detecting Saturation Attacks in Software-Defined Networks
    Li, Zhiyuan
    Xing, Weijia
    Xu, Dianxiang
    [J]. 2018 IEEE INTERNATIONAL CONFERENCE ON INTELLIGENCE AND SECURITY INFORMATICS (ISI), 2018, : 163 - 168
  • [4] Detecting Link Fabrication Attacks in Software-Defined Networks
    Smyth, Dylan
    McSweeney, Sean
    O'Shea, Donna
    Cionca, Victor
    [J]. 2017 26TH INTERNATIONAL CONFERENCE ON COMPUTER COMMUNICATION AND NETWORKS (ICCCN 2017), 2017,
  • [5] Identifier Binding Attacks and Defenses in Software-Defined Networks
    Jero, Samuel
    Koch, William
    Skowyra, Richard
    Okhravi, Hamed
    Nita-Rotaru, Cristina
    Bigelow, David
    [J]. PROCEEDINGS OF THE 26TH USENIX SECURITY SYMPOSIUM (USENIX SECURITY '17), 2017, : 415 - 432
  • [6] SPHINX: Detecting Security Attacks in Software-Defined Networks
    Dhawan, Mohan
    Poddar, Rishabh
    Mahajan, Kshiteej
    Mann, Vijay
    [J]. 22ND ANNUAL NETWORK AND DISTRIBUTED SYSTEM SECURITY SYMPOSIUM (NDSS 2015), 2015,
  • [7] Protecting Glossy-based Wireless Networks from Packet Injection Attacks
    Hewage, Kasun
    Raza, Shahid
    Voigt, Thiemo
    [J]. 2017 IEEE 14TH INTERNATIONAL CONFERENCE ON MOBILE AD HOC AND SENSOR SYSTEMS (MASS), 2017, : 37 - 45
  • [8] Traffic scheduling for deep packet inspection in software-defined networks
    Huang, Huawei
    Li, Peng
    Guo, Song
    [J]. CONCURRENCY AND COMPUTATION-PRACTICE & EXPERIENCE, 2017, 29 (16):
  • [9] OpenFlowSIA: An Optimized Protection Scheme for Software-Defined Networks from Flooding Attacks
    Phan, Trung V.
    Truong Van Toan
    Dang Van Tuyen
    Truong Thu Huong
    Nguyen Huu Thanh
    [J]. 2016 IEEE SIXTH INTERNATIONAL CONFERENCE ON COMMUNICATIONS AND ELECTRONICS (ICCE), 2016, : 13 - 18
  • [10] Programmable Networks-From Software-Defined Radio to Software-Defined Networking
    Macedo, Daniel F.
    Guedes, Dorgival
    Vieira, Luiz F. M.
    Vieira, Marcos A. M.
    Nogueira, Michele
    [J]. IEEE COMMUNICATIONS SURVEYS AND TUTORIALS, 2015, 17 (02): : 1102 - 1125
12345