Security Algorithm for Preventing Malicious Attacks in Software Defined Network (SDN)

Oluwasogo Adekunle Okunade, Oluwaseyi Osunade & Emmanuel GbengaDada

Abstract


This paper explores the success record of the Internet as well as its shortcoming in the area of network configuration, response to fault(s), load and change(s) that led to the concept of Software Defined Network (SDN).These are the factors that separated combined net­work’s control from forwarding planes for easier optimization, programming of network and centralization of control logic capabilities. These had also led to new different challenges, that open doors for new threats that were not existing or harder to exploit. SDN prototype embraces third-party improvementas a result of hard work, that later makes the SDN vulnerable to potential trust issue on its applications (apps).This makes it possible for an intruder toinsert malicious content/programs into the network packets and then forward into the network.Codes were written to implement the designed algorithm using white/blacklist source identification combined with Hash Bayes' Theorem (W/B+HBT) content filter as a security measure to prevent the malicious attack(s). It was shown that new transaction(s) from known attack source(s) are classified as Blacklist and dropped, while those known as whitelist are forwarded to their respective destination as a legitimate packet(s) (W/B). Those from unknown sources were treated using Hash Bayes’ Theorem (HBT) content filter. The result of the implementation is able to record 10% false positive (FP) and false negative (FN) and 90% true positive (TP) and true negative (TN) (accurate classification of packets) for the presented algorithm.


Full Text:

PDF

Refbacks

  • There are currently no refbacks.