2021
DOI: 10.1155/2021/6688489
|View full text |Cite
|
Sign up to set email alerts
|

A Lightweight SDN Fingerprint Attack Defense Mechanism Based on Probabilistic Scrambling and Controller Dynamic Scheduling Strategies

Abstract: Software-defined networking (SDN) decouples the control plane from the data plane, which increases network flexibility and programmability. However, the “three-layer two-interface” architecture of SDN introduces new security issues. Attackers can collect fingerprint information (such as network types, controller types, and critical flow rules) by analyzing round-trip time (RTT) distribution of test packets. In order to defend against the fingerprint attack with limited attack time, we first design a probabilis… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

0
4
0

Year Published

2022
2022
2022
2022

Publication Types

Select...
2
1

Relationship

0
3

Authors

Journals

citations
Cited by 3 publications
(4 citation statements)
references
References 23 publications
0
4
0
Order By: Relevance
“…e data packet delay forwarding defense [9,10,[17][18][19][20]. e authors of [13][14][15][16] are mainly aimed at the fingerprint attack of the flow table matching rule.…”
Section: Other Methods Khorsandroo and Tosunmentioning
confidence: 99%
See 3 more Smart Citations
“…e data packet delay forwarding defense [9,10,[17][18][19][20]. e authors of [13][14][15][16] are mainly aimed at the fingerprint attack of the flow table matching rule.…”
Section: Other Methods Khorsandroo and Tosunmentioning
confidence: 99%
“…When the detection packet involves the installation of a new flow rule, the attacker can observe the difference between the round-trip delay and the existing matching rule, and the delay network device is not described in detail and its availability is unknown. Wang and Chen [10] proposed to impose perturbation on the probability of the initial data packet. By defining a new action bucket selection logic for the group table, different data packets can be implemented with different delay operations, and the scrambling strategy can be converted into a data plane executable instruction.…”
Section: Packet Delay Forwardingmentioning
confidence: 99%
See 2 more Smart Citations