A Link Fabrication Attack Mitigation Approach (LiFAMA) for Software Defined Networks
View/ Open
Date
2022-05Author
Katongole, Joseph
Odongo, Steven Eyobu
Kasyoka, Philemon
Oyana, Tonny J.
Metadata
Show full item recordAbstract
n software defined networks (SDNs), the controller is a critical resource, yet it is a potential
target for attacks as well. The conventional OpenFlow Discovery Protocol (OFPD) used in building
the topological view for the controller has vulnerabilities that easily allow attackers to poison the
network topology by creating fabricated links with malicious effects. OFDP makes use of the link
layer discovery protocol (LLDP) to discover existing links. However, the LLDP is not efficient at
fabricated link detection. Existing approaches to mitigating this problem have mostly been passive
approaches that depend on observing unexpected behaviour. Examples of such behaviour include
link latency and packet patterns to trigger attack alerts. The problem with the existing solutions is that
their implementations cause longer link discovery time. This implies that a dense SDN would suffer
from huge delays in the link discovery process. In this study, we propose a link fabrication attack
(LFA) mitigation approach (LiFAMA), which is an active mitigation approach and one that minimises
the link discovery time. The approach uses LLDP packet authentication together with keyed-hashbased
message authentication code (HMAC) and a link verification database (PostgreSQL) that
stores records of all known and verified links in the network. This approach was implemented in
an emulated SDN environment using Mininet and a Python-based open-source OpenFlow (POX)
controller. The results show that the approach detects fabricated links in an SDN in real time and
helps mitigate them. Additionally, the link discovery time of LiFAMA out-competes that of an
existing LFA mitigation approach.