Challenge-based collaborative intrusion detection in software-defined networking: an evaluation

Software-Defined Networking (SDN) is an emerging architecture that enables a computer network to be intelligently and centrally controlled via software applications. It can help manage the whole network environment in a consistent and holistic way, without the need of understanding the underlying network structure. At present, SDN may face many challenges like insider attacks, i.e., the centralized control plane would be attacked by malicious underlying devices and switches. To protect the security of SDN, effective detection approaches are indispensable. In the literature, challenge-based Collaborative Intrusion Detection Networks (CIDNs) are an effective detection framework in identifying malicious nodes. It calculates the nodes' reputation and detects a malicious node by sending out a special message called a challenge. In this work, we devise a challenge-based CIDN in SDN and measure its performance against malicious internal nodes. Our results demonstrate that such a mechanism can be effective in SDN environments.