Trusted Improvemnet For Trusted Switch STP Based On Open Vswitch

With the rapid development of computer network and the continuously expandingof network scale, thousands of internet security issues appear, more and moreattentions are drawn to these security problems. Trusted network become a hot topicin the field of network security in recent years. Combined with the traditional network,trusted network certainly will provide a better protection for network security. As itcontinuously developed, trusted network is expected to replace the traditional networkin the future.Ethernet is the most popular LAN technology. With the continuouslydevelopment of Ethernet business，people pay more attention to the security ofEthernet, the requirement of network self-healing capabilities are highly increasing.Spanning Tree Protocol (STP) is one of the most important protocols running inEthernet switch, which aims to solve the problem of physical redundancy in switchedtopologies. When the network loop occurs, STP will build a spanning treedynamically, so that the redundant link is blocked and broadcast storms and otherissues are avoided. And when the network fails, the redundant link will be active fromblocked immediately, in order to instead the failed link to work.Switches exchange messages by exchanging Bridge Protocol Data Units (BPDU)each other in order to compute a spanning tree. Each switch has a unique identitymark: Bridge ID (BID), and the one who has the minimum BID will be selected as theroot of the tree. Due to these features, an attacker can disguised itself as the root bysending BPDU with BID less than the current root’s BID, and then take advantages ofthe root role for further attacks, which is called root take-over attack. The spanningtree algorithm recalculates all the switches’ metric as the topology changes, whichwould be easy for an attacker to launch some other attacks to the network, such as IDchanging attack and silent attacks. Foreign scholars have showed the pitfalls of STP inthree aspects:(1) lack of authentication in BPDU message;(2) STP’s slowconvergence; and (3) not fully monitored of root role. Attacks executed on STP alsoexpose the weakness of link layer protocols and put the higher layers in jeopardy.Although the problems have been discussed for years and various solutions have beenput forward, many security issues remain.In order to enhance the security and credibility of layer-2network, we propose atrust-based spanning tree protocol aiming at achieving a higher credibility of LANswitch with a simple and lightweight authentication mechanism. If correctlyimplemented in each trusted switch, the authentication of trust-based STP canguarantee the credibility of topology information that is announced to other switch in the LAN. To verify the enforcement of the trusted protocol, we present a new credibleevaluation method of the STP using a specification-based state model. We test thefunction of our improved STP by implementing a prototype on the Open vSwitchsystem. Experiments show that the trusted protocol can achieve security goals andeffectively avoid STP attacks with a lower computation overhead and goodconvergence performance.