چكيده به لاتين
Data networks are among the most important and crucial communication infrastructures in the fields of military and commerce, to the extent that a simple malfunction or disruption in these networks is likely to cause irreparable damage to the political, economic and social domains of a country. For example, a hostile element in a network can shut down vital businesses, expose secrets of key organizations and reduce public confidence in electronic services and infrastructures – all by simply causing a disruption in the data layer. Attacks that target the data layer in a network are very dangerous, in that they allow the hostile element to eavesdrop, disrupt services or terminate them altogether without the network owners suspecting anything for years. Therefore, given the importance of data security in information technology and the sheer number of network intrusion reports, designing trusted solutions that are also practical proves to be a necessity.
Mirroring is a common eavesdropping attack that targets the data layer of software-defined networks. Several methods can be used to detect this kind of attack, with trajectory sampling being among the most effective. In this research, using the various capabilities of software-defined networks and the OpenFlow protocol, a method for detecting mirroring attacks is presented.
In trajectory sampling with aggregated samples, hashed packets are first aggregated to reduce the overhead and are then sent to the controller, with the data packets being sampled between the source and the destination as well as when their content is being hashed. Since the controller earns enough information to detect a packet’s redirection or content modification by tracking it along the transmission path, this method is able to detect mirroring attacks while cutting control overhead by 45 percent compared to common trajectory sampling methods.
