Abstract
Software-defined networking (SDN) technology is an approach to cloud computing that facilitates network management and enables programmability and efficient network configuration to improve network performance and monitoring. SDN has recently attracted a lot of interest given its cyber-attack resiliency through the use of controllers which helps network engineers and administrators to administer the network remotely. However, there is a need to investigate its resilience against attacks and hardened the technology to provide a secure network environment. In this paper, we examine the effects of security attacks by using an SDN penetration tool called SDN penetration tool to inject attacks into the SDN controller which, in our case, is the floodlight controller. We focused on three attacks: the Address Resolution Protocol Spoofing, man-in-the-middle, and distributed denial-of-service attacks. The simulations were run on Mininet, and the penetration tool enabled the observation of the effects of the attacks using throughput and the round-trip time metrics. The results show that the controller is vulnerable to the three attacks and that the attacks do affect the normal operation of the network since they degraded the throughput and increased the delivery time of packets which increases the round-trip time.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Benjamin U, Uttam T, William S (2017) ATTAIN: an attack injection framework for software-defined networking. In: International conference on dependable systems and networks (DSN), Denver, CO, USA
Bruschi D, Ornaghi A, Rosti E (2003) S-ARP: a secure address resolution protocol. In: 19th annual computer security applications conference, Las Vegas, NV, USA
Mishra A, Gupta N, Gupta BB (2021) Defense mechanisms against DDoS attack based on entropy in SDN-cloud using POX controller. Telecommun Syst 47:47–67
Gadze JD, Bamfo-Asante AA, Agyemang JO, Nunoo-Mensah H, Opare KA (2021) An investigation into the application of deep learning in the detection and mitigation of DDOS attack on SDN controllers. Technologies 9(14):1–22
Li H, Yang C, Wang L, Ansari N, Tang D, Huang X, Xu Z, Hu D (2021) A cooperative defense framework against application-level DDoS attacks on mobile edge computing services. IEEE Trans Mobile Comput:1–17
Ana SM, Pablo S-G, Enrique C-P, Zeeshan P, Jose MAC, Wang Q (2019) Autonomic protection of multi-tenant 5G mobile networks against UDP flooding DDoS attacks. J Netw Comput Appl 145:1084–8045
Sungjin Y, Ashok KD, Youngho P (2021) Comments on “ALAM: anonymous lightweight authentication mechanism for SDN enabled smart homes.” IEEE Access 9:49154–49159
Waseem I, Haider A, Pan D, Jiafu W, Bilal R, Yawar A, Imran R (2021) ALAM: anonymous lightweight authentication mechanism for SDN-enabled smart homes. IEEE Internet Things J 8(12):9622–9633
Abdelsalam A, El-Sisi A, Reddy V (2015) Mitigating ARP spoofing attacks in software-defined networks. In: ICCTA 2015, Alexandria, Egypt
Christoph M. XArp—advanced ARP spoofing detection [online]. Available http://www.securityfocus.com/tools/6908
arpwatch, Lawrence Berkeley National Laboratory, Aug 2009 [online]. Available ftp://ftp.ee.lbl.gov/arpwatch.tar.gz. Accessed 19 Oct 2018
Anti netcut version 2.0 [online]. Available http://www.tools4free.net. Accessed 19 Oct 2018
Ali A. NoCut 1.001a [online]
ColorSoft, AntiARP [online]. Available http://www.antiarp.com/English/e_index.html. Accessed 19 Oct 2018
Ryan W, Robert C (2013) An SDN approach: quality of service using big switch’s floodlight open-source controller. Asia-Pacific Adv Netw 35:14–19
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Ralekgokgo, M.T., Velempini, M., Mapunya, S.S. (2023). Malicious Packet Injection on Software-Defined Networking as a Strategy to Improve Security. In: Yang, XS., Sherratt, S., Dey, N., Joshi, A. (eds) Proceedings of Seventh International Congress on Information and Communication Technology. Lecture Notes in Networks and Systems, vol 465. Springer, Singapore. https://doi.org/10.1007/978-981-19-2397-5_1
Download citation
DOI: https://doi.org/10.1007/978-981-19-2397-5_1
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-19-2396-8
Online ISBN: 978-981-19-2397-5
eBook Packages: EngineeringEngineering (R0)