Detection of gray hole attack in software defined networks

Yi Ting Hsieh, Cheng-Yuan Ku*

*Corresponding author for this work

    Research output: Contribution to journalConference articlepeer-review


    Gray Hole Attack is an advanced transformation of black hole attack. Both of them are a common type of attack in Wireless Sensor Network (WSN). Malicious nodes may constantly or randomly drop packets and therefore reduce the efficiency of the networking system. Furthermore Software Define Network (SDN) has been highly developed in recent years. In this type of networks switch/router functionality is separated into the control plane and data plane. Network managers can select control policies and build operating rules according to their own preferences. In addition, network protocols and packet fields are also programmable. Because the switch/router only implements the data transmission and executes the switching/routing decisions based on commends coming from control plane. Compromised switches/routers themselves or malicious control instructions both can result in selectively dropped packets. This makes a gray hole attack possible in the infrastructure of SDN. Therefore, this paper would like to discuss time-base and random-base gray hole attack in SDN, and then propose a useful detection method based on weighted K-Nearest Neighbor (KNN) and Genetic Algorithm (GA). The simulation data collected from switches/routers indicate that our method does demonstrate pretty good performance.

    Original languageEnglish
    Pages (from-to)231-239
    Number of pages9
    JournalProceedings of the International Conference on Electronic Business (ICEB)
    StatePublished - 1 Jan 2018
    Event18th International Conference on Electronic Business, ICEB 2018 - Guangxi, China
    Duration: 2 Dec 20186 Dec 2018


    • Detection method
    • GA
    • Gray hole attack
    • SDN
    • Weighted KNN


    Dive into the research topics of 'Detection of gray hole attack in software defined networks'. Together they form a unique fingerprint.

    Cite this