Abstract

SDN is a concept of programmable networking. A network manager can process each network flow through software programs. There is a hypothesis that all switches are trusted and follow programmed commands to handle packets. That is, once a switch is compromised by an attacker and does not follow the order of the network manager, this will bring a huge network disaster. In this paper, we define some attack models through compromised switches and design a detection mechanism to find these compromised devices. We evaluate our mechanism and discuss some future works.