An Approach for Detection of Black Hole Attack in Software Defined Networks

Abstract

Software Defined Network (SDN) is a novel networking architecture based on separation of data and control plane. SDN enables the controller to have a logically centralized view of the complete network [1]. It allows routing applications that run on top of the control plane to discover the best routes and to manage and design traffic flow efficiently. To do so, the controller must first know the whole SDN infrastructure’s net- working topology in order to attain centralized control and visibility. However, topology information of the network can be manipulated by an attacker to carry out black hole attack [2] by dropping or steering all the traffic passing through it towards itself and use the information in the packets to serve as a launching pad to carry out further lethal attacks. Therefore, it is critical to detect the attack at an earlier stage and isolate the malicious/compromised black hole node. Hence, we propose a dynamic routing framework that finds routing paths based on the behavior of hosts and then chooses the best path considering past behavior of hosts. It helps in reducing probability of attacks and multi-hop communication between hosts to confuse attackers and expand exploration space for carrying out targeted attack. Furthermore, our framework detects black hole attack from malicious node by continuously analyzing the traffic statistics on nodes so that the attack can be detected and prevented nearest to the malicious host (from where it originates) and dynamically reconfigures route after isolating the malicious node. Our simulations were performed using mininet emulator and RYU controller. Throughput, packet delivery ratio and end to end delay are recorded periodically and when ever they fall out of threshold boundaries an alert is generated and malicious node is removed from the routing path. Results show that the values of network parameters resume to normal shortly after our detection and mitigation of attack.