Vadsec - a lightweight protection scheme for secure topology discovery in sdn

Over the past decade, Software-Defined Networking (SDN) has been a highly researched and popular field. One crucial aspect of any network, including SDNs, is the network discovery phase, also known as topology discovery. The security of the network is based on secure topology discovery, which includes protecting the hosts, switches, and associated links. This paper introduces a model called VADSec - Virtual Local Area Network (VLAN) and Active Directory (AD) based topology discovery, which aims to secure hosts and prevent host hijacking attacks. Our proposed technique utilizes VLANs to isolate traffic and identify any malicious or impersonating hosts. Furthermore, we use LDAP protocol to query Active Directory and verify the legitimacy of a specific MAC ID pertaining to a host. The results demonstrate that our approach can prevent impersonation/host-hijacking attacks and induce a secure topology discovery.