Preventing collusion between SDN defenders anc attackers using a game theoretical approach

In this paper, a game-theoretical solution concept is utilized to tackle the collusion attack in a SDN-based framework. In our proposed setting, the defenders (i.e., switches) are incentivized not to collude with the attackers in a repeated-game setting that utilizes a reputation system. We first illustrate our model and its components. We then use a socio-rational approach to provide a new anti-collusion solution that shows cooperation with the SDN controller is always Nash Equilibrium due to the existence of a long-term utility function in our model.

[1]  Chase Qishi Wu,et al.  A Survey of Game Theory as Applied to Network Security , 2010, 2010 43rd Hawaii International Conference on System Sciences.

[2]  Douglas R. Stinson,et al.  Socio-Rational Secret Sharing as a New Direction in Rational Cryptography , 2012, GameSec.

[3]  Virgil D. Gligor,et al.  The Crossfire Attack , 2013, 2013 IEEE Symposium on Security and Privacy.

[4]  Li Wang,et al.  Moving Target Defense Against Network Reconnaissance with Software Defined Networking , 2016, ISC.

[5]  Sakir Sezer,et al.  Sdn Security: A Survey , 2013, 2013 IEEE SDN for Future Networks and Services (SDN4FNS).

[6]  Fernando M. V. Ramos,et al.  Towards secure and dependable software-defined networks , 2013, HotSDN '13.

[7]  Yang Xiao,et al.  Game Theory for Network Security , 2013, IEEE Communications Surveys & Tutorials.

[8]  Ehab Al-Shaer,et al.  Formal Approach for Route Agility against Persistent Attackers , 2013, ESORICS.

[9]  Zhiming Wang,et al.  A game-theoretic approach to elastic control in software-defined networking , 2016, China Communications.

[10]  Sean Peisert,et al.  Techniques for the dynamic randomization of network attributes , 2015, 2015 International Carnahan Conference on Security Technology (ICCST).

[11]  Timothy Lethbridge,et al.  A New Approach for the Trust Calculation in Social Networks , 2006, ICE-B.

[12]  Ehab Al-Shaer,et al.  Openflow random host mutation: transparent moving target defense using software defined networking , 2012, HotSDN '12.

[13]  Raj Jain,et al.  Network virtualization and software defined networking for cloud computing: a survey , 2013, IEEE Communications Magazine.

[14]  Harry G. Perros,et al.  SDN-based solutions for Moving Target Defense network protection , 2014, Proceeding of IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks 2014.

[15]  Mehrdad Nojoumian,et al.  Novel Secret Sharing and Commitment Schemes for Cryptographic Applications , 2012 .

[16]  Tarik Taleb,et al.  On using bargaining game for Optimal Placement of SDN controllers , 2016, 2016 IEEE International Conference on Communications (ICC).

[17]  Kemal Akkaya,et al.  Mitigating Crossfire Attacks Using SDN-Based Moving Target Defense , 2016, 2016 IEEE 41st Conference on Local Computer Networks (LCN).

[18]  Mehrdad Nojoumian Generalization of socio-rational secret sharing with a new utility function , 2014, 2014 Twelfth Annual International Conference on Privacy, Security and Trust.

[19]  Craig A. Shue,et al.  The SDN Shuffle: Creating a Moving-Target Defense using Host-based Software-Defined Networking , 2015, MTD@CCS.

[20]  Hong Xu,et al.  Dynamic SDN controller assignment in data center networks: Stable matching with transfers , 2016, IEEE INFOCOM 2016 - The 35th Annual IEEE International Conference on Computer Communications.