SDN边缘交换机发起的数据窃取攻击及检测方法研究OA
Data Theft Attack and Detection Method Initiated by SDN Edge Switch
软件定义网络(Soft Defined Network,SDN)交换机作为数据转发与策略执行的设备,恶意攻击者通过侵蚀SDN交换机对网络进行隐秘而致命的攻击,严重影响用户的端到端通信质量.首先提出了一种边缘交换机被攻击者劫持后的数据窃取攻击过程,可以逃避网络范围内的异常检测,并证明了这种攻击的隐蔽性.为了抵御此种攻击,提出了一种流信息一致性检测方法,将主机信息纳入一致性检测中,并基于Ryu控制器在mininet平台上进行实验.实验结果表明,防御方法在抵御边缘交换机攻击的同时不会带来过多的负载增加.
As devices for data forwarding and policy execution,Soft Defined Network(SDN)switches could be attacked by malicious attackers secretly and fatally,causing serious damage on users´ end-to-end communication quality.This paper first proposes a data theft attack process after an edge switch is hijacked by an attacker,which can evade network-wide anomaly detection,and proves the stealth of this attack.To resist this kind of attack,a flow information consistency detection method is proposed,which incorporates the host information into the consistency detection,and experiments are carried out on the mininet platform based on the ryu controller.The experimental results show that the defense method is effective in resisting the attack of edge switches,without causing too much load increase.
赵扬;伊鹏;张震;胡涛;刘少勋
信息工程大学,河南 郑州 450001信息工程大学,河南 郑州 450001||网络通信与安全紫金山实验室,江苏 南京 210000网络通信与安全紫金山实验室,江苏 南京 210000
计算机与自动化
软件定义网络数据平面安全受损交换机检测
software defined networkdata plane securitydamaged switch detection
《信息工程大学学报》 2024 (003)
307-314 / 8
国家自然科学基金(61872382,62101598,61521003);河南省重大科技专项(221100240100);国家重点研发计划青年科学家项目(2022YFB3102800)
评论