| As a new network technology,SDN is gradually becoming a powerful impetus for network evolution.The centralized control and open interface features of SDN have brought many new opportunities for network,but at the same time there are many problems and challenges.Among them,security issues,as one of the core issues of SDN,will be the first concern to be faced in the development of SDN technology.This paper mainly studies the problem of MITM(man in the middle)attack and network loopback in SDN.These two kinds of security problems are not only common in traditional networks,but also urgently needed to solve in SDN networks.The attack types and ways of MITM are various,and have strong vitality in SDN.Once the attacker attacks successfully,they can steal user privacy and cause serious harm.Besides,once network loop problem occurs in SDN,the communication of network users will be affacted,and the network may even be paralysed.,However,these two kinds of problems have not been well solved in the SDN network at present.For example,the research on MITM in the SDN network is mostly limited to a certain kind of attack type,and can't prevent all kinds of MITM attacks.Also,most of the security solutions of the MITM protection and response mechanisms adopt those in the traditional network,but not ultilize the characteristics and advantages of SDN.In addition,there are little research on network loopback in SDN network.Based on this,this paper studies the settlement to the MITM attack and network loopback in SDN network network security,by using the characteristics of SDN.First of all,this paper studies the detection and protection mechanisms of MITM attack and network loopback and analyzes the existing problems and limitations of them.Then,we put forward the design requirements and steps of MITM attack and network loopback detection and protection mechanisms in SDN.Secondly,by utilizing the characteristics of SDN network and its global view capability,we design a detection mechanism of MITM attack and network loopback based on the topology and connection characteristics of network flow.Experiments are designed respectively,and the correctness and efficiency of the detection mechanism are verified under the actual attack scenes.Thirdly,by utilizing the characteristics of SDN's programmability and open interfaces,this paper designs and implements the protection mechanism of MITM attack and network loopback under the SDN network,and develops and integrates it into the laboratory system.Through the design and construction of the MITM attack and network loopback scenes in SDN network,the actual detection and protection are carried out,and the correctness of the protection mechanism is verified. |
PDF Full Text Request