Hop-by-Hop Verification Mechanism of Packet Forwarding Path Oriented to Programmable Data Plane
Communications in Computer and Information ScienceEmerging Networking Architecture and Technologies(2023)
Abstract
Attacks against the forwarding path could deviate data packets from the predefined route to achieve ulterior purposes, which has posed a serious threat to the software-defined network. Previous studies attempted to solve this security issue through complex authentication or traffic statistics methods. However, existing schemes have the disadvantages of high bandwidth overhead and high process delay. Hence, this article proposed a lightweight forwarding path verification mechanism based on P4 implementation. First, we deployed inband network telemetry to obtain path information, and then performed the path verification inside each hop in the programmable data plane to ensure that various attacks against forwarding paths could be intercepted. Finally, complete path verification information would convey to the control plane for backup. Corresponding experimental results demonstrate that our mechanism can effectively improve the security of the packet forwarding path with acceptable throughput and delay.
MoreTranslated text
Key words
Path verification,SDN,P4,INT
AI Read Science
Must-Reading Tree
Example
Generate MRT to find the research sequence of this paper
Chat Paper
Summary is being generated by the instructions you defined