Abstract
Software-Defined Networking (SDN) is an emerging architecture that enables a computer network to be intelligently and centrally controlled via software applications. It can help manage the whole network environment in a consistent and holistic way, without the need of understanding the underlying network structure. At present, SDN may face many challenges like insider attacks, i.e., the centralized control plane would be attacked by malicious underlying devices and switches. To protect the security of SDN, effective detection approaches are indispensable. In the literature, challenge-based Collaborative Intrusion Detection Networks (CIDNs) are an effective detection framework in identifying malicious nodes. It calculates the nodes’ reputation and detects a malicious node by sending out a special message called a challenge. In this work, we devise a challenge-based CIDN in SDN and measure its performance against malicious internal nodes. Our results demonstrate that such a mechanism can be effective in SDN environments. Copyright © 2020 Chongqing University of Posts and Telecommunications. Publishing Services by Elsevier B.V. on behalf of KeAi Communications Co. Ltd.
Original language | English |
---|---|
Pages (from-to) | 257-263 |
Journal | Digital Communications and Networks |
Volume | 7 |
Issue number | 2 |
Early online date | Sept 2020 |
DOIs | |
Publication status | Published - May 2021 |
Citation
Li, W., Wang, Y., Jin, Z., Yu, K., Li, J., & Xiang, Y. (2021). Challenge-based collaborative intrusion detection in software-defined networking: An evaluation. Digital Communications and Networks, 7(2), 257-263. https://doi.org/10.1016/j.dcan.2020.09.003Keywords
- Software-defined networking
- Trust management
- Collaborative intrusion detection
- Insider attack
- Challenge mechanism