Hauth:A Novel Approach for Network Visibility Protection
- DOI
- 10.2991/cnct-16.2017.18How to use a DOI?
- Keywords
- SDN, Host Usurp Attack, Host Authentication
- Abstract
Software-Defined Networking (SDN) is a new paradigm that offers services and applications great power to manage network. Based on the consideration that the entire network visibility is the foundation of SDN, many attacks emerge in poisoning the network visibility, leading to severe host hijacking. Meanwhile, many defence approaches are proposed to patch the controller. We notice that existing patches missed considering the situation that original IP address of the host server would be hijacked when the host server goes offline temporarily, such as regular maintenance or host migration. In this paper we present Host Usurp Attack, which exploits the vulnerability above to pretend the victim server. Furthermore, we propose a security extension HAuth, which can automatically confirm the legitimate hosts through the authentication server and provides hosts authentication log to network providers. Our evaluation shows that HAuth effectively guarantees the trustworthiness of the network visibility. In particular, HAuth introduces a minor overhead on SDN controllers..
- Copyright
- © 2017, the Authors. Published by Atlantis Press.
- Open Access
- This is an open access article distributed under the CC BY-NC license (http://creativecommons.org/licenses/by-nc/4.0/).
Cite this article
TY - CONF AU - Xin WANG AU - Neng GAO AU - Ling-chen ZHANG PY - 2016/12 DA - 2016/12 TI - Hauth:A Novel Approach for Network Visibility Protection BT - Proceedings of the International Conference on Computer Networks and Communication Technology (CNCT 2016) PB - Atlantis Press SP - 128 EP - 136 SN - 2352-538X UR - https://doi.org/10.2991/cnct-16.2017.18 DO - 10.2991/cnct-16.2017.18 ID - WANG2016/12 ER -