DID YOU KNOW? DTIC has over 3.5 million final reports on DoD funded research, development, test, and evaluation activities available to our registered users. Click
HERE to register or log in.
Accession Number:
AD1046828
Title:
Analysis of Traffic Signals on a Software-Defined Network for Detection and Classification of a Man-in-the-Middle Attack
Corporate Author:
Naval Postgraduate School Monterey United States
Report Date:
2017-09-01
Abstract:
Software-defined networking SDN has the potential to revolutionize the management capabilities of a highly distributed military communications environment. Yet, military adoption of SDN is contingent on a thorough analysis of security implications. In this thesis, we investigate a man-in-the-middle MITM attack that exploits the centralized topological view critical to SDN operations. In particular, we present a new scheme for detection and classification of the attack at the network layer. We apply wavelet analysis to detect anomalous conditions introduced by the MITM attack at traffic signals collected at network switch ports. Furthermore, we identify unique characteristics of reported anomalies in the collected traffic signals to build a classification framework. Other cyber events, such as a distributed denial-of-service attack and network congestion, are presented to the detection scheme to validate its general applicability. Overall, we successfully demonstrate the capability to detect and classify the MITM attack in addition to other cyber events at the network layer, thereby contributing to the security of SDN.
Descriptive Note:
Technical Report
Pages:
0105
Distribution Statement:
Approved For Public Release;
File Size:
2.18MB
