المؤلف
Kalkan, Kubra, Latah, Majd
تاريخ النشر
2024-05-10
مكان النشر
-
Springer Nature
الموضوع
Security protocol, Authentication, Host security, Sdn security, Blockchain (bc), Software defined networking (sdn)
النوع
دورية
اللغة
الإنجليزية
رقمي
نعم
مخطوط
لا
المكتبة
جامعة اوزيجين
معرف أصل المكتبة
1936-6442
رقم السجل
70a6b863-4756-41e7-8b04-868a0ef0b2ce
موقع المكتبة
Computer Science
التاريخ
2024-05-10
نص عينة
Software defined networking (SDN) is a novel networking paradigm that aims to achieve global management for the underlying forwarding plane based on its centralization concept. Unfortunately, the newly designed paradigm does not consider security issues related to unauthenticated and unauthorized activities across various SDN layers. Recently, blockchain (BC) technology has proven successful in providing a decentralized, immutable, and fault tolerant ledger. In this study, we take advantage of blockchain characteristics to provide mutual host-controller, PacketIn/PacketOut and host-host authentication methods. We also provide secure Address Resolution Protocol (ARP) and Identity Resolution Protocol (IRP) to protect layer 3 and layer 2 of the SDN network. In addition, both SDN hosts and controllers utilize lattice-based signatures based on Dilithium scheme and Key Encapsulation Methods (KEMs) based on Kyber scheme to provide protection against quantum adversaries. We also compare our work with AuthFlow (Mattos and Duarte in Ann Telecommun 71:607-615, 2016). The results show that HostSec is more secure than AuthFlow due to its ability to detect both host-based and switch-based PacketIn attacks and also reduces the load on the SDN controller. Overall, the experimental results suggest a trade-off between improved security and lower latency.
DOI
10.1007/s12083-024-01714-x
Cilt
17
