Detection of gray hole attack in software defined networks

Yi Ting Hsieh, Cheng-Yuan Ku*

*Corresponding author for this work

Research output: Contribution to journalConference articlepeer-review

1 Scopus citations


Gray Hole Attack is an advanced transformation of black hole attack. Both of them are a common type of attack in Wireless Sensor Network (WSN). Malicious nodes may constantly or randomly drop packets and therefore reduce the efficiency of the networking system. Furthermore Software Define Network (SDN) has been highly developed in recent years. In this type of networks switch/router functionality is separated into the control plane and data plane. Network managers can select control policies and build operating rules according to their own preferences. In addition, network protocols and packet fields are also programmable. Because the switch/router only implements the data transmission and executes the switching/routing decisions based on commends coming from control plane. Compromised switches/routers themselves or malicious control instructions both can result in selectively dropped packets. This makes a gray hole attack possible in the infrastructure of SDN. Therefore, this paper would like to discuss time-base and random-base gray hole attack in SDN, and then propose a useful detection method based on weighted K-Nearest Neighbor (KNN) and Genetic Algorithm (GA). The simulation data collected from switches/routers indicate that our method does demonstrate pretty good performance.

Original languageEnglish
Pages (from-to)231-239
Number of pages9
JournalProceedings of the International Conference on Electronic Business (ICEB)
StatePublished - Dec 2018
Event18th International Conference on Electronic Business, ICEB 2018 - Guangxi, China
Duration: 2 Dec 20186 Dec 2018


  • Detection method
  • GA
  • Gray hole attack
  • SDN
  • Weighted KNN


Dive into the research topics of 'Detection of gray hole attack in software defined networks'. Together they form a unique fingerprint.

Cite this