SecSDN: A Novel Architecture for a Secure SDN

Parjanya Vyas; R. Shyamasundar

doi:10.5220/0010575505870594

SecSDN: A Novel Architecture for a Secure SDN

Parjanya Vyas, R. Shyamasundar

2021

Abstract

Security of SDN has been an important focus of research. Attempts to uncover security vulnerabilities in SDN points to two major causes: (i) Inherent assumption of switches being severely limited in intelligence, (ii) Lack of authentication in the communication between controllers and switches. The assumption that switches have limited intelligence, and can only do the task of packet forwarding, further leads to the inference of switches never being actively corrupt or operated by malicious entities. While such an assumption is reasonable for SDN data centers operated within the bounds of a single organization, it is incorrect for larger scaled inter-networking. In this paper, we propose SecSDN, an architecture and a protocol using repetitive hashing to authenticate the communicating parties, securely verify consistency of flow tables residing inside the switches and detect their malicious behaviour within a predefined constant time frame. Using such a technique, we arrive at an infrastructure that can securely perform functions as envisaged in SDN. We establish the correctness of SecSDN and the simulations show that the overhead incurred is virtually non-existent.

Download

Paper Citation

in Harvard Style

Vyas P. and Shyamasundar R. (2021). SecSDN: A Novel Architecture for a Secure SDN. In Proceedings of the 18th International Conference on Security and Cryptography - Volume 1: SECRYPT, ISBN 978-989-758-524-1, pages 587-594. DOI: 10.5220/0010575505870594

in Bibtex Style

@conference{secrypt21,
author={Parjanya Vyas and R. Shyamasundar},
title={SecSDN: A Novel Architecture for a Secure SDN},
booktitle={Proceedings of the 18th International Conference on Security and Cryptography - Volume 1: SECRYPT,},
year={2021},
pages={587-594},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0010575505870594},
isbn={978-989-758-524-1},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 18th International Conference on Security and Cryptography - Volume 1: SECRYPT,
TI - SecSDN: A Novel Architecture for a Secure SDN
SN - 978-989-758-524-1
AU - Vyas P.
AU - Shyamasundar R.
PY - 2021
SP - 587
EP - 594
DO - 10.5220/0010575505870594