Skip to main content
Conference Proceedings

Adaptive Detection Method for Packet-In Message Injection Attack in SDN

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2020) 11945 LNCS 482-495
DOI: 10.1007/978-3-030-38961-1_42
5Citations
Citations of this article
5Readers
Mendeley users who have this article in their library.
Get full text

Abstract

Packet-In message injection attack is severe in Software Defined Network (SDN), which will cause a single point of failure of the centralized controller and the crash of the entire network. Nowadays, there are many detection methods for it, including entropy detection and so on. We propose an adaptive detection method to proactively defend against this attack. We establish a Poisson probability distribution detection model to find the attack and use the flow table filter to mitigate it. We also use the EWMA method to update the expectation value of the model to adapt the actual network conditions. Our method has no need to send additional packets to request the switch information. The experiment results show that there is 92% true positive rate in case of attack with random destination IP packets injected, and true positive rate is 98.2% under the attack with random source IP packets injected.

Author supplied keywords

Cite

CITATION STYLE

APA

Zhan, X., Chen, M., Yu, S., & Zhang, Y. (2020). Adaptive Detection Method for Packet-In Message Injection Attack in SDN. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 11945 LNCS, pp. 482–495). Springer. https://doi.org/10.1007/978-3-030-38961-1_42

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free