Lightweight Authentication Mechanism for Software Defined Network using Information Hiding

Abstract

Software defined network (SDN) is an emerging network architecture which offloads the control logic of the network from the underlying forwarding devices to a centralized controller. This centralized control intelligence software defines the behavior of the network. However, the programmability and centralization of the SDN architecture introduce potential security concerns. In this paper, we first investigate the threats of denial of service (DoS) attacks on the SDN control channel. Then, we evaluate the impact of DoS by simulating a DoS attack against the network controller. Our results show that it is possible to exhaust the controller resources in the absence of an authentication mechanism. Finally, we propose a lightweight information hiding authentication mechanism to prevent DoS attacks in the SDN control channel.