標題: | HiAuth: Hidden Authentication for Protecting Software Defined Networks |
作者: | Abdullaziz, Osamah Ibrahiem Wang, Li-Chun Chen, Yu-Jia 電機工程學系 Department of Electrical and Computer Engineering |
關鍵字: | Software defined networking (SDN);OpenFlow;denial of service (DoS) attacks;information hiding |
公開日期: | 1-Jun-2019 |
摘要: | Software defined networking (SDN) enables network function programmability for ease of configuration and maintenance, and also allows network administrators to change traffic rules on the fly. However, denial of service (DoS) attacks pose security challenges on the centralized control plane of SDN. Although the transport layer security (TLS) can help secure the control plane, it is computationally intensive, complex to configure, and not mandatory in OpenFlow protocol. In this paper, we present a lightweight authentication solution, called hidden authentication (HiAuth), to protect the SDN controller by hiding the identities of the forwarding devices into the control packets via efficient bitwise operations. HiAuth is the first to incorporate information hiding techniques into OpenFlow to provide security against DoS attacks. HiAuth exploits the IP identification field of IPv4 and the transaction identification field of OpenFlow in two authentication schemes. The experimental results show that HiAuth can effectively mitigate intruder DoS attacks and provide high undetectability to attackers. |
URI: | http://dx.doi.org/10.1109/TNSM.2019.2909116 http://hdl.handle.net/11536/152305 |
ISSN: | 1932-4537 |
DOI: | 10.1109/TNSM.2019.2909116 |
期刊: | IEEE TRANSACTIONS ON NETWORK AND SERVICE MANAGEMENT |
Volume: | 16 |
Issue: | 2 |
起始頁: | 618 |
結束頁: | 631 |
Appears in Collections: | Articles |