Detection and Mitigation of Attacks on Host Tracking Service in SDN with ODL Controller
摘要
Software-Defined Networking (SDN) introduces programmability and centralized control, enhancing network efficiency and flexibility. However, SDN controllers especially their Host Tracking Services (HTS) are vulnerable to attacks like Host Impersonation and Man-in-the-Middle (MITM), which exploit host location mappings. The objective of this work is to design a real-time detection and mitigation framework for host tracking attacks in SDN, using the OpenDaylight controller. The proposed system integrates ARP monitoring, switch-port tracking, latency analysis, and automated flow rule enforcement through OpenFlow. Unlike traditional detection methods, our framework offers dynamic, automated mitigation without human intervention. It leverages REST APIs to continuously assess topology consistency and blocks attacker ports upon anomaly detection. It ensures minimal network disruption while effectively mitigating threats. Experiments in a Mininet-based testbed demonstrate improved threat detection accuracy, reduced attack impact and restore communication paths, validating the effectiveness of the proposed system.