A Security Enforcement Framework for SDN Controller using Game Theoretic Approach
Software-defined networking (SDN) has gained significant attention as the future deployment platform for the Internet and enterprise networks. The major advantages of SDN include effective traffic management, dynamic configuration of policy and flow rules, and better scalability with heterogeneous traffic requirements. However, the centralized network control and the use of OpenFlow protocols introduce various security challenges for the underlying network. The attacks on the SDN controller is critical as it hosts all network control functions. Motivated by a systematic analysis of different attack scenarios in SDN using the STRIDE attack model, this paper presents an effective security enforcement framework for proactive prevention of potential attacks on SDN controller. First, based on a signaling game approach, we design a trust-based controller attack detection (TCAD) model that calculates the trust value of each incoming packet to take necessary action. Next, we propose a risk-based attack prevention (RAP) model that detects and filters malicious traffic flows in the network. Finally, we evaluate our proposed security enforcement framework on different scenarios with varying traffic requirements and by injecting attacks based on STRIDE model. Experimental results show 95% accuracy in the potential attack detection and prevention.
M. Priyadarsini et al., "A Security Enforcement Framework for SDN Controller using Game Theoretic Approach," IEEE Transactions on Dependable and Secure Computing, Institute of Electrical and Electronics Engineers (IEEE), Mar 2022.
The definitive version is available at https://doi.org/10.1109/TDSC.2022.3158690
Keywords and Phrases
Analytical Models; Attack Model; Control Systems; Games; Network Topology; Risk Verification; SDN; Security; Security; Switches; Topology; Trust Model; Vulnerability Analysis
International Standard Serial Number (ISSN)
Article - Journal
© 2022 Institute of Electrical and Electronics Engineers (IEEE), All rights reserved.
11 Mar 2022