Record Details

An Authentication Mechanism to Prevent Various Security Threats in Software Defined Networking by using AVISPA

NOPR - NISCAIR Online Periodicals Repository

View Archive Info
 
 
Field Value
 
Title An Authentication Mechanism to Prevent Various Security Threats in Software Defined Networking by using AVISPA
 
Creator Ram, Anil
Dutta, Manash Pratim
Chakraborty, Swarnendu Kumar
 
Subject Computational logic for automated security
Encryption
Kerberos authentication protocol
Otway-Rees formal model of communication
Traffic flow
 
Description 977-988
Scalability in Software Defined Networking (SDN) empowers extensive interconnectivity among devices, making it particularly advantageous. As the number of hosts in SDN networks grows in response to increasing demand, network administrators must ensure the legitimacy of these hosts. To address this, our method requires SDN hosts to be authenticated before connecting to the SDN controller using the Kerberos authentication protocol. Kerberos employs a centralized server to validate host credentials, making it easier for hosts to access network rules and communicate securely with the controller. For enhanced security, we use Automated Validation of Internet Security Protocols and Applications (AVISPA), which automates the verification of security protocols, identifying vulnerabilities early and improving secure application development. AVISPA employs protocols like OFMC (Otway-Rees Formal Model of Communication) and CL-Atse (Computational Logic for Automated Security) for security checks, which are effective for our analysis. In the OFMC evaluation of our technique, 564 nodes were visited with a search time of 0.23 seconds and a depth of 10 plies, indicating favourable results for network security, data integrity, transparency, reliability, and confidentiality. The CL-Atse analysis examined 545 states, with 506 nodes reachable in 0.12 seconds, demonstrating security against Man-in-the-Middle (MIM) and Replay attacks. The computational cost was 0.0982 milliseconds, proving that our technique is secure against various threats while maintaining low computational overhead.
 
Date 2024-09-18T09:20:59Z
2024-09-18T09:20:59Z
2024-09
 
Type Article
 
Identifier 0022-4456 (Print); 0975-1084 (Online)
http://nopr.niscpr.res.in/handle/123456789/64556
https://doi.org/10.56042/jsir.v83i9.6313
 
Language en
 
Publisher NIScPR-CSIR,India
 
Source JSIR Vol.83(09) [September 2024]