Journal of Scientific and Industrial Research

Open Access Open Access  Restricted Access Subscription Access

An Authentication Mechanism to Prevent Various Security Threats in Software Defined Networking by using AVISPA


Affiliations
1 Department of Computer Science and Engineering, National Institute of Technology, Jote 791 113, Arunachal Pradesh, India
2 Department of Computer Science & Information Technology, Cotton University, Pan Bazaar, Guwahati, 781 001, Assam, India

Scalability in Software Defined Networking (SDN) empowers extensive interconnectivity among devices, making it particularly advantageous. As the number of hosts in SDN networks grows in response to increasing demand, network administrators must ensure the legitimacy of these hosts. To address this, our method requires SDN hosts to be authenticated before connecting to the SDN controller using the Kerberos authentication protocol. Kerberos employs a centralized server to validate host credentials, making it easier for hosts to access network rules and communicate securely with the controller. For enhanced security, we use Automated Validation of Internet Security Protocols and Applications (AVISPA), which automates the verification of security protocols, identifying vulnerabilities early and improving secure application development. AVISPA employs protocols like OFMC (Otway-Rees Formal Model of Communication) and CL-Atse (Computational Logic for Automated Security) for security checks, which are effective for our analysis. In the OFMC evaluation of our technique, 564 nodes were visited with a search time of 0.23 seconds and a depth of 10 plies, indicating favourable results for network security, data integrity, transparency, reliability, and confidentiality. The CL-Atse analysis examined 545 states, with 506 nodes reachable in 0.12 seconds, demonstrating security against Man-in-the-Middle (MIM) and Replay attacks. The computational cost was 0.0982 milliseconds, proving that our technique is secure against various threats while maintaining low computational overhead.

Keywords

Computational logic for automated security, Encryption, Kerberos authentication protocol, Otway-Rees formal model of communication, Traffic flow
User
Notifications
Font Size

Abstract Views: 310




  • An Authentication Mechanism to Prevent Various Security Threats in Software Defined Networking by using AVISPA

Abstract Views: 310  | 

Authors

Anil Ram
Department of Computer Science and Engineering, National Institute of Technology, Jote 791 113, Arunachal Pradesh, India
Manash Pratim Dutta
Department of Computer Science & Information Technology, Cotton University, Pan Bazaar, Guwahati, 781 001, Assam, India
Swarnendu Kumar Chakraborty
Department of Computer Science and Engineering, National Institute of Technology, Jote 791 113, Arunachal Pradesh, India

Abstract


Scalability in Software Defined Networking (SDN) empowers extensive interconnectivity among devices, making it particularly advantageous. As the number of hosts in SDN networks grows in response to increasing demand, network administrators must ensure the legitimacy of these hosts. To address this, our method requires SDN hosts to be authenticated before connecting to the SDN controller using the Kerberos authentication protocol. Kerberos employs a centralized server to validate host credentials, making it easier for hosts to access network rules and communicate securely with the controller. For enhanced security, we use Automated Validation of Internet Security Protocols and Applications (AVISPA), which automates the verification of security protocols, identifying vulnerabilities early and improving secure application development. AVISPA employs protocols like OFMC (Otway-Rees Formal Model of Communication) and CL-Atse (Computational Logic for Automated Security) for security checks, which are effective for our analysis. In the OFMC evaluation of our technique, 564 nodes were visited with a search time of 0.23 seconds and a depth of 10 plies, indicating favourable results for network security, data integrity, transparency, reliability, and confidentiality. The CL-Atse analysis examined 545 states, with 506 nodes reachable in 0.12 seconds, demonstrating security against Man-in-the-Middle (MIM) and Replay attacks. The computational cost was 0.0982 milliseconds, proving that our technique is secure against various threats while maintaining low computational overhead.

Keywords


Computational logic for automated security, Encryption, Kerberos authentication protocol, Otway-Rees formal model of communication, Traffic flow