An Authentication Mechanism to Prevent Various Security Threats in Software Defined Networking by using AVISPA
AUTHENTICATION MECHANISM TO PREVENT SECURITY THREATS IN SDN USING AVISPA
DOI:
https://doi.org/10.56042/jsir.v83i9.6313Keywords:
Computational logic for automated security, Encryption, Kerberos authentication protocol, Otway-Rees formal model of communication, Traffic flowAbstract
Scalability in Software Defined Networking (SDN) empowers extensive interconnectivity among devices, making it particularly advantageous. As the number of hosts in SDN networks grows in response to increasing demand, network administrators must ensure the legitimacy of these hosts. To address this, our method requires SDN hosts to be authenticated before connecting to the SDN controller using the Kerberos authentication protocol. Kerberos employs a centralized server to validate host credentials, making it easier for hosts to access network rules and communicate securely with the controller. For enhanced security, we use Automated Validation of Internet Security Protocols and Applications (AVISPA), which automates the verification of security protocols, identifying vulnerabilities early and improving secure application development. AVISPA employs protocols like OFMC (Otway-Rees Formal Model of Communication) and CL-Atse (Computational Logic for Automated Security) for security checks, which are effective for our analysis. In the OFMC evaluation of our technique, 564 nodes were visited with a search time of 0.23 seconds and a depth of 10 plies, indicating favourable results for network security, data integrity, transparency, reliability, and confidentiality. The CL-Atse analysis examined 545 states, with 506 nodes reachable in 0.12 seconds, demonstrating security against Man-in-the-Middle (MIM) and Replay attacks. The computational cost was 0.0982 milliseconds, proving that our technique is secure against various threats while maintaining low computational overhead.
Downloads
Published
Issue
Section
How to Cite
