A Brief Note On Fake Or Forged Traffic

1440 Words6 Pages
Fake or Forged Traffic: Any presence of networking components such as switches or routers means that there is a very high chance of fake or forged traffic to be induced in order to bring the network down. Denial of Service (DoS) attack is one of the most famous of all attacks that exist in today’s networking world. Openflow is a standard convention which actualizes the above stated principle of SDN. It is utilized for the association between a switch, composing the data plane, and a controller, that makes up the control plane. The switch performs packet forwarding by making use of one or more flow tables. These tables contain sets of guidelines matching flows that cross the switch (i.e., matching to packet header examples), comparing…show more content…
In such a scenario, the controller becomes out of reach for new legitimate incoming packets. One very basic solution to this problem would be to have a backup controller to quickly take the place of a compromised controller. However this is not the most feasible option since the backup is also prone to the same type of vulnerabilities. Hence, one of the most fruitful defense mechanisms would be to catch the attack at its early stage. This would mean that a lot of damage can be avoided and the controller could be saved from being completely swamped. Identifying this at an early stage could mean detecting an abnormality in the flow patterns within the first few hundred packets. This could however vary depending upon the network and the tolerance of the device on which the controller is being run. A very powerful computer hosting the controller would mean that a more sophisticated detection system could be installed to predict such anomalies. However this method should also be lightweight in order to ensure acceptable processing power usage. Collecting statistics that would let you have enough data to predict a pattern in the network behavior would prove to be most useful when we need to recognize an incongruity. After a lot of research on this topic, we would like to conclude that the following would be the most ideal path to conquering the problem of fake or forged attacks on an SDN Controller: i) Understand of how a DoS

More about A Brief Note On Fake Or Forged Traffic

Open Document