SDN Framework for Mitigating Time-Based Delay Attack.

Due to recent cyberattacks on the Cyber-Physical Systems, the traditional security schemes face difficulties in dealing with such attacks as the attackers nowadays have adopted many intelligent mechanisms involving advanced information and communication technologies to launch attacks. This recent type of attack provides a significant impact on the resiliency of the software-defined networks. In this paper, we present a real-time delay attack on fault-resilient software-defined networks. The main objective of the time delay attack is to reduce the resiliency in the SDN-RM by adding a delay in the LLDP packets in the OpenFlow Switch. This addition of delay causes degradation in the network performance resulting in a low success rate in the SDN-RM mechanisms. In this paper, we present a machine learning-based detection system for detecting the attacks. The integration of machine learning techniques with network resilience solutions can effectively address the issue of predicting and classifying the LLDP packets that are delayed at a particular switch. Another issue is the detection of the malicious switch at the controller side which results in the improvement of the resiliency in SDN-RM. We propose a machine learning solution to detect the anomalies that are present in the topology and can be detected at the controller side. We use machine learning models such as k-nearest neighbors, support vector machines (SVM), Random Forest, and decision trees to detect the poisonous switches. The delay-based time attack detection system (DTA-DS) helps the controller to take a reactive decision to improve resilience by detecting poisonous network switches. With the help of the preventive approach, we achieve high-fault resiliency in fault resilient-based software-defined networks. [ABSTRACT FROM AUTHOR]