@inproceedings{0f6c1708e66c48c9a3fd138fb7bfbec2,
title = "Adaptive Detection Method for Packet-In Message Injection Attack in SDN",
abstract = "Packet-In message injection attack is severe in Software Defined Network (SDN), which will cause a single point of failure of the centralized controller and the crash of the entire network. Nowadays, there are many detection methods for it, including entropy detection and so on. We propose an adaptive detection method to proactively defend against this attack. We establish a Poisson probability distribution detection model to find the attack and use the flow table filter to mitigate it. We also use the EWMA method to update the expectation value of the model to adapt the actual network conditions. Our method has no need to send additional packets to request the switch information. The experiment results show that there is 92\% true positive rate in case of attack with random destination IP packets injected, and true positive rate is 98.2\% under the attack with random source IP packets injected.",
keywords = "Adaptive detection, Controller security, Packet-In message injection attack, Software-Defined Network",
author = "Xinyu Zhan and Mingsong Chen and Shui Yu and Yue Zhang",
note = "Publisher Copyright: {\textcopyright} 2020, Springer Nature Switzerland AG.; 19th International Conference on Algorithms and Architectures for Parallel Processing, ICA3PP 2019 ; Conference date: 09-12-2019 Through 11-12-2019",
year = "2020",
doi = "10.1007/978-3-030-38961-1\_42",
language = "英语",
isbn = "9783030389604",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
publisher = "Springer",
pages = "482--495",
editor = "Sheng Wen and Albert Zomaya and Yang, \{Laurence T.\}",
booktitle = "Algorithms and Architectures for Parallel Processing - 19th International Conference, ICA3PP 2019, Proceedings",
address = "德国",
}