Improved Security of SDN based on Hybrid Quantum Key Distribution Protocol

Mahdi, Suadad S.; Abdullah, Alharith A.

doi:10.1109/csase51777.2022.9759635

Cited by 7 publications

(5 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The hybrid protocol was proposed to be complementary to the TLS protocol and thus aims to achieve full security for OpenFlow messages. In the hybrid protocol [24], [25], the classic Diffie-Hellman protocol was integrated with the QKD-BB84 protocol to achieve two levels of authentication. The first is through the physical properties of quantum bits and the second level is achieved by the classical authentication channel.…”

Section: Hybrid Quantum-classical Protocolmentioning

confidence: 99%

Detecting man-in-the-middle attacks via hybrid quantumclassical protocol in software-defined network

Jawad¹,

Mahmood²,

Hameed³

2023

IJEECS

View full text Add to dashboard Cite

Man-in-the-middle (MitM) attacks became one of the most risk attacks on OpenFlow communication channel in software-defined networking, its detection is a very hard task due there is no authentication in OpenFlow protocol. This channel is the most important in the network and is responsible for sending the control commands from the controller to the switches, so once the OpenFlow channel is hacked, the entire network is controlled by the attacker. Therefore, we propose a complementary solution to transport layer security protocol to detect man-in-the-middle attacks based on hybrid quantum-classical protocol. Based on the hybrid protocol, an easy-toimplement authentication between controller and switches depends on quantum and classical security layers. Also, detect eavesdropping on channel depending on quantum parameters. In this paper, we implement a simulation of hybrid protocol using a software-defined networking emulator for monitoring the OpenFlow channel to detect attacks, and the results showed the ease of detecting the eavesdrop and verifying the authentication of the other party with a hybrid method to get a high level of authentication.

show abstract

Section: Hybrid Quantum-classical Protocolmentioning

confidence: 99%

Detecting man-in-the-middle attacks via hybrid quantumclassical protocol in software-defined network

Jawad¹,

Mahmood²,

Hameed³

2023

IJEECS

View full text Add to dashboard Cite

show abstract

“…It is possible to define a flow as a group of packets that are all in the same time period and have the same properties. An optional encryption technology known as transport layer security (TLS) can be used to encrypt data between data plane and control plane [24]. The controller is in charge of maintaining the flow tables on the switch.…”

Section: Sdn Componentsmentioning

confidence: 99%

Performance evaluation of RYU controller under distributed denial of service attacks

Kareem,

Jasim,

Hussein

et al. 2023

IJEECS

View full text Add to dashboard Cite

<span>Distributed denial of service (DDoS) attacks have been identified as one of the greatest threats to software-defined networking (SDN) because they are highly effective, hard to detect, and easy to use, and they take advantage of vulnerabilities in which the new architecture still exists. This paper describes one technique for denying the RYU controller's services, which can cause the controller's resources to be depleted if a significant number of packets from various zombie hosts are sent to the controller using spoofed source internet protocol (IP) addresses. In order to demonstrate the impact of the attack, we measure various metrics related to RYU controllers such as its central processing unit (CPU) usage and network throughput. In this work, Mininet was used to simulate the data plane and measure metrics such as random access memory (RAM) usage, CPU load, and link latency.</span>

show abstract

“…While the researchers in [15] presented a mechanism for implementing a quantum hybrid protocol with the classic protocol to achieve security for the openflow channel by encrypting messages between the controller and network devices in the software-defined networks.…”

Section: B Proxy Mobile Ipv6mentioning

confidence: 99%

“…This work explained how to use hybrid key [14] for key exchange and thus secure openflow channel via quantum TLS (QTLS) in SDN and NS. This paper is an extension of the work in [15] but in this paper the methodology is proposed on the NS environment. In particular, the hybrid key is considered the best solution to achieve authentication between the two parties based on quantum properties in addition to providing a strong key to supply double security based on mathematical complexity of classical method and physical properties of quantum protocol.…”

Section: Introductionmentioning

confidence: 99%

Enhanced Security of Software-defined Network and Network Slice Through Hybrid Quantum Key Distribution Protocol

Mahdi¹,

Abdullah²

2022

Infocommunications journal

View full text Add to dashboard Cite

Software-defined networking (SDN) has revolutionized the world of technology as networks have become more flexible, dynamic and programmable. The ability to conduct network slicing in 5G networks is one of the most crucial features of SDN implementation. Although network programming provides new security solutions of traditional networks, SDN and network slicing also have security issues, an important one being the weaknesses related to openflow channel between the data plane and controller as the network can be attacked via the openflow channel and exploit communications with the control plane. Our work proposes a solution to provide adequate security for openflow messages through using a hybrid key consisting of classical and quantum key distribution protocols to provide double security depending on the computational complexity and physical properties of quantum. To achieve this goal, the hybrid key used with transport layer security protocol to provide confidentiality, integrity and quantum authentication to secure openflow channel. We experimentally based on the SDN-testbed and network slicing to show the workflow of exchanging quantum and classical keys between the control plane and data plane and our results showed the effectiveness of the hybrid key to enhance the security of the transport layer security protocol. Thereby achieving adequate security for openflow channel against classical and quantum computer attacks.

show abstract

Improved Security of SDN based on Hybrid Quantum Key Distribution Protocol

Cited by 7 publications

References 14 publications

Detecting man-in-the-middle attacks via hybrid quantumclassical protocol in software-defined network

Detecting man-in-the-middle attacks via hybrid quantumclassical protocol in software-defined network

Performance evaluation of RYU controller under distributed denial of service attacks

Enhanced Security of Software-defined Network and Network Slice Through Hybrid Quantum Key Distribution Protocol

Contact Info

Product

Resources

About