Authors: Udaya Tupakula; Vijay Varadharajan; Preeti Mishra
Addresses: Advanced Cyber Security Engineering Research Centre, Faculty of Engineering and Built Environment, University of Newcastle, Callaghan, NSW 2308, Australia ' Advanced Cyber Security Engineering Research Centre, Faculty of Engineering and Built Environment, University of Newcastle, Callaghan, NSW 2308, Australia ' Department of Computer Science and Engineering, Graphic Era Deemed to be University, Dehradun, India
Abstract: In this paper, we propose techniques for securing the SDN controller and the switches from malicious end-host attacks. Our model makes use of trusted computing and introspection-based intrusion detection to deal with attacks in SDN. We have developed a security application for the SDN controller to validate the state of the switches in the data plane and enforce the security policies to monitor the virtual machines at system call level and detect attacks. We have developed a feature extraction method named vector of n-grams which represents the traces in an efficient way without losing the ordering of system calls. The flows from the malicious hosts are dropped before they are processed by the switches or forwarded to the SDN controller. Hence, our model protects the switches and the SDN controller from the attacks.
Keywords: DN security; trusted computing; virtual machine introspection; VMI; machine learning; security attack.
International Journal of High Performance Computing and Networking, 2019 Vol.14 No.1, pp.77 - 91
Received: 04 Jul 2016
Accepted: 08 Jan 2017
Published online: 21 May 2019 *