Anglia Ruskin Research Online (ARRO)
Browse

Securing OpenFlow communication between the controller and the data plane

Download (2.54 MB)
thesis
posted on 2023-08-01, 12:39 authored by Belema Agborubere

The main focus of this research is to provide a means to secure communication between the controller and data plane in Software-Defined Networks (SDN), a new networking paradigm. One of the reasons for the emergence of SDN centres around the security of information and network infrastructure which is still an issue considering how much changes have been introduced in networking and the diverse network infrastructure available.

This research, therefore, focuses on the aspect of communication security in the new paradigm, and to tackle the issue of security, the research has narrowed down the area of concern to the OpenFlow protocol that enables communication between the Controller and the Data Plane through the review of relevant publications. However, the security of the OpenFlow protocol is guaranteed by the Transport Layer Security (TLS), a cryptographic protocol enabling the encryption and transportation of communication between different network devices. The research has shown that, TLS is susceptible to different man-in-the-middle (mitm) attacks. To protect the TLS protocol, an enhancement of the protocol was designed with the inclusion of a smart monitoring system to provide the needed security for OpenFlow communication in Software-Defined Networks.

In order to ascertain the notion of the vulnerability of the TLS protocol, a total of 20 mitm attacks were carried out against the different versions of the TLS protocol with 5 variations of attack syntax. An overall 75 percent attack success rate was achieved. With different modifications of the attack syntax, 3 had a 100 percent success rate across the protocols, while one had a 90 percent rate success across 3 versions of the protocol, and the syntax had no success.

The work of the smart monitoring system is to create a randomised status check of the client at intervals which would provide the server with the necessary information of the client as reliable before and after a connection or handshake is initiated or completed. This is an advantage that would secure OpenFlow communication in Software-Defined Networks.

History

Institution

Anglia Ruskin University

File version

  • Published version

Thesis name

  • PhD

Thesis type

  • Doctoral

Thesis submission date

2023-06-09

Legacy Faculty/School/Department

Faculty of Science and Engineering

Note

Accessibility note: If you require a more accessible version of this thesis, please contact us at arro@aru.ac.uk

Usage metrics

    ARU Theses

    Categories

    No categories selected

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC