Show simple item record

dc.contributor.authorKatongole, Joseph
dc.date.accessioned2023-01-09T07:21:53Z
dc.date.available2023-01-09T07:21:53Z
dc.date.issued2022-11-17
dc.identifier.citationKatongole, J. (2022) A Link Fabrication Attack Mitigation Approach (LIFAMA) for software defined networks. (Unpublished Masters Dissertation) Makerere University, Kampala Ugandaen_US
dc.identifier.urihttp://hdl.handle.net/10570/11345
dc.descriptionA Dissertation submitted to the Directorate of Research and Graduate Training for the award of the Degree of Masters in Data Communication and Software Engineering of Makerere Universityen_US
dc.description.abstractIn software defined networks (SDN), the controller is a critical resource yet it is a potential target for attacks once compromised. The conventional Open Flow Discovery Protocol (OFPD) used in building the topology view by the controller has vulnerabilities that easily allow attackers to poison the network topology by creating fabricated links that can be used for malicious intent. OFDP makes use of the link layer discovery protocol (LLDP) to discover existing links. However, LLDP is not e cient in fabricated link detection. Existing approaches to mitigate this problem have focused on using passive approaches that depend on observing unexpected behaviour. Examples of such behaviour include link latency and packet patterns to trigger attack alerts. The problem with the existing solutions is that their implementation causes longer link discovery time. This implies that a dense SDN would su↵er from huge delays in the link discovery process. In this study, we propose a Link Fabrication Attack (LFA) Mitigation Approach (LiFAMA) which is an active mitigation approach and one that minimizes the link discovery time. The approach uses Link Layer Discovery Protocol (LLDP) packet authentication toghether with Keyed-Hash Based Message Authentication Code (HMAC) and a link verification database (PostgreSQL)that stores records of all known and verified links in the network. This approach has been implemented in an emulated SDN environment using Mininet and a Python based open source openflow (POX) controller. The results show that the approach detects fabricated links in SDN in real time and helps mitigate them. Additionally, the link discovery time of LiFAMA out competes that of an existing LFA mitigation approach.en_US
dc.language.isoenen_US
dc.publisherMakerere Universityen_US
dc.subjectSoftware defined networksen_US
dc.subjectKeyed-Hash Based Message Authentication Codeen_US
dc.subjectLink layer discovery protocolen_US
dc.subjectLink Fabrication Attack Mitigation Approachen_US
dc.titleA Link Fabrication Attack Mitigation Approach (LIFAMA) for software defined networksen_US
dc.typeThesisen_US


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record