臺灣博碩士論文加值系統

灰洞攻擊是黑洞攻擊的一種進階型態，兩種攻擊在無線網路中是一種常見的攻擊方式，容易發生在特定的網路協定下。惡意節點可以任意地或選擇性地丟棄網路封包，降低無線網路的傳輸效率。軟體定義網路是近幾年發展迅速的網路環境，此網路分離了控制層與資料層。使用者可以透過控制器去控制網路中的交換器、路由器，透過可程式化的特性，使用者可以依照自己的喜好、需求去建設合適的網路協定、封包格式……等。因為交換器分離了控制層只執行資料傳輸層，當軟體定義網路中的交換器接受到惡意的指令，交換器將依照指令選擇性的丟棄網路封包，因此灰洞攻擊也可能發生在軟體定義網路之中，降低整體網路的傳輸效率。
本研究將討論軟體定義網路中可能的灰洞攻擊方式，並設計一套基於最近離居法與基因演算法來偵測網路中的灰洞。透過控制器不斷的監視網路數據，將可疑的交換器進行近一步的測試是否為灰洞攻擊。

Gray hole attack is an advanced type of black hole attack. Both of them are a common attack in Wireless network. It easily happens in specific protocol like AODV, DSR. Malicious nodes can selectively or randomly drop packets. It reduce the efficiency of the network. Software Define Network has been highly developed in recent years. It’s a new type of network that separate the control plane and data plane. User can build his own network according to his preferences. Network protocol and packet filed are also programmable. Because the switch separates the control plane and only execute the data transmission. When the switch receives a malicious instruction like selectively drop specified packets. This makes a gray hole happen in the Software define network.
This paper discusses time-base and random-base gray hole in Software Define Network, and proposes a detection base on k-nearest neighbor algorithm and genetic algorithm. By monitoring the switch’s data in the network, the controller can get the suspicious switch.

摘要 i
ABSTRACT ii
誌謝 iii
目錄 iv
Table List v
Figure List vi
Chapter 1 Introduction 1
1.1 Research background 1
1.2 Motivation 2
1.3 Problem and objective 3
1.4 Organization 4
Chapter 2 Literature Review 5
2.1 Software Define Network 5
2.2 Hole attack 9
2.3 Gray hole attack in SDN 12
2.4 Detection method base on machine learning in SDN 13
Chapter 3 Proposed approach 18
3.1 Overview of the process of proposed scheme 18
3.2 Module in controller 19
3.3 The process of proposed scheme 21
Chapter 4 Experiment and result 29
4.1 Experiment tools 29
4.2 Experiment setup 31
4.3 Time-base gray hole attack 35
4.4 Random-base gray hole attack 39
4.5 Discussion 43
Chapter 5 Conclusion and Future work 44
5.1 Conclusion 44
Reference 46

[1] V. Shanmuganathan and T. Anand, "A survey on gray hole attack in manet," International Journal of Computer Networks and Wireless Communications, vol. 2, pp. 647-650, 2012.
[2] L. Cui, F. R. Yu, and Q. Yan, "When big data meets software-defined networking: SDN for big data and big data for SDN," IEEE Network, vol. 30, pp. 58-65, 2016.
[3] M. Dhawan, R. Poddar, K. Mahajan, and V. Mann, "SPHINX: Detecting Security Attacks in Software-Defined Networks," 2015.
[4] N. McKeown, T. Anderson, H. Balakrishnan, G. Parulkar, L. Peterson, J. Rexford, et al., "OpenFlow: enabling innovation in campus networks," SIGCOMM Comput. Commun. Rev., vol. 38, pp. 69-74, 2008.
[5] D. Kreutz, F. M. V. Ramos, and P. Verissimo, "Towards secure and dependable software-defined networks," presented at the Proceedings of the second ACM SIGCOMM workshop on Hot topics in software defined networking, Hong Kong, China, 2013.
[6] P. Zhang, H. Wang, C. Hu, and C. Lin, "On Denial of Service Attacks in Software Defined Networks," IEEE Network, vol. 30, pp. 28-33, 2016.
[7] M. Al-Shurman, S.-M. Yoo, and S. Park, "Black hole attack in mobile Ad Hoc networks," presented at the Proceedings of the 42nd annual Southeast regional conference, Huntsville, Alabama, 2004.
[8] R. H. Jhaveri, S. J. Patel, and D. C. Jinwala, "DoS Attacks in Mobile Ad Hoc Networks: A Survey," in 2012 Second International Conference on Advanced Computing & Communication Technologies, 2012, pp. 535-541.
[9] R. H. Jhaveri, A. D. Patel, J. D. Parmar, and B. I. Shah, "MANET routing protocols and wormhole attack against AODV," International Journal of Computer Science and Network Security, vol. 10, pp. 12-18, 2010.
[10] L. K. Bysani and A. K. Turuk, "A Survey on Selective Forwarding Attack in Wireless Sensor Networks," in 2011 International Conference on Devices and Communications (ICDeCom), 2011, pp. 1-5.
[11] M. Wazid, R. K. Singh, and R. Goudar, "A survey of attacks happened at different layers of mobile ad-hoc network & some available detection techniques," in International Journal of Computer Applications®(IJCA) International Conference on Computer Communication and Networks CSI-COMNET-2011, 2011.
[12] D. Hongmei, L. Wei, and D. P. Agrawal, "Routing security in wireless ad hoc networks," IEEE Communications Magazine, vol. 40, pp. 70-75, 2002.
[13] G. Xiaopeng and C. Wei, "A novel gray hole attack detection scheme for mobile ad-hoc networks," in Network and Parallel Computing Workshops, 2007. NPC Workshops. IFIP International Conference on, 2007, pp. 209-214.
[14] N. S. Altman, "An Introduction to Kernel and Nearest-Neighbor Nonparametric Regression," The American Statistician, vol. 46, pp. 175-185, 1992/08/01 1992.
[15] J. H. Holland, Adaptation in natural and artificial systems: MIT Press, 1992.
[16] J. Sen, M. G. Chandra, S. G. Harihara, H. Reddy, and P. Balamuralidhar, "A mechanism for detection of gray hole attack in mobile Ad Hoc networks," in 2007 6th International Conference on Information, Communications & Signal Processing, 2007, pp. 1-5.
[17] PureSDN. Available: https://github.com/Huangmachi/PureSDN
[18] D. E. Goldberg and J. H. Holland, "Genetic Algorithms and Machine Learning," Machine Learning, vol. 3, pp. 95-99, 1988/10/01 1988.
[19] S. A. Dudani, "The Distance-Weighted k-Nearest-Neighbor Rule," IEEE Transactions on Systems, Man, and Cybernetics, vol. SMC-6, pp. 325-327, 1976.
[20] F.-H. Tseng, L.-D. Chou, and H.-C. Chao, "A survey of black hole attacks in wireless mobile ad hoc networks," Human-centric Computing and Information Sciences, vol. 1, p. 4, November 22 2011.
[21] T. Liu, A. W. Moore, and A. Gray, "New Algorithms for Efficient High-Dimensional Nonparametric Classification," J. Mach. Learn. Res., vol. 7, pp. 1135-1158, 2006.
[22] R. L. S. d. Oliveira, C. M. Schweitzer, A. A. Shinoda, and P. Ligia Rodrigues, "Using Mininet for emulation and prototyping Software-Defined Networks," in 2014 IEEE Colombian Conference on Communications and Computing (COLCOM), 2014, pp. 1-6.
[23] Mininet - An Instane Virtual Network on your Laptop (or other PC ). Available: http://mininet.org/
[24] Ryu controller. Available: https://osrg.github.io/ryu/
[25] sciket-learn, Machine Learning in Python. Available: http://scikit-learn.org/stable/index.html
[26] A. Botta, A. Dainotti, and A. Pescapé, "A tool for the generation of realistic network workload for emerging networking scenarios," Computer Networks, vol. 56, pp. 3531-3547, 2012/10/15/ 2012.
[27] D-ITG, DISTRIBUTED INTERNET TRAFFIC GENERATOR. Available: http://www.grid.unina.it/software/ITG/