Software-Defined Networking (SDN) introduces programmability and centralized control, enhancing network efficiency and flexibility. However, SDN controllers especially their Host Tracking Services (HTS) are vulnerable to attacks like Host Impersonation and Man-in-the-Middle (MITM), which exploit host location mappings. The objective of this work is to design a real-time detection and mitigation framework for host tracking attacks in SDN, using the OpenDaylight controller. The proposed system integrates ARP monitoring, switch-port tracking, latency analysis, and automated flow rule enforcement through OpenFlow. Unlike traditional detection methods, our framework offers dynamic, automated mitigation without human intervention. It leverages REST APIs to continuously assess topology consistency and blocks attacker ports upon anomaly detection. It ensures minimal network disruption while effectively mitigating threats. Experiments in a Mininet-based testbed demonstrate improved threat detection accuracy, reduced attack impact and restore communication paths, validating the effectiveness of the proposed system.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Detection and Mitigation of Attacks on Host Tracking Service in SDN with ODL Controller

  • Bhagyashree Lomesh Patil,
  • Shriya Raju Kale,
  • Vaishnavi Ravindra Badgujar,
  • Jibi Abraham

摘要

Software-Defined Networking (SDN) introduces programmability and centralized control, enhancing network efficiency and flexibility. However, SDN controllers especially their Host Tracking Services (HTS) are vulnerable to attacks like Host Impersonation and Man-in-the-Middle (MITM), which exploit host location mappings. The objective of this work is to design a real-time detection and mitigation framework for host tracking attacks in SDN, using the OpenDaylight controller. The proposed system integrates ARP monitoring, switch-port tracking, latency analysis, and automated flow rule enforcement through OpenFlow. Unlike traditional detection methods, our framework offers dynamic, automated mitigation without human intervention. It leverages REST APIs to continuously assess topology consistency and blocks attacker ports upon anomaly detection. It ensures minimal network disruption while effectively mitigating threats. Experiments in a Mininet-based testbed demonstrate improved threat detection accuracy, reduced attack impact and restore communication paths, validating the effectiveness of the proposed system.