A novel link fabrication attack detection method for low-latency SDN networks

The application of Software-defined Networking (SDN) in low-latency scenarios, such as 6G, has received immense attention. Notably, our research reveals that SDN remains susceptible to link fabrication attacks (LFA) in low-latency environments, where existing detection methods fail to effectively detect LFA. To address this issue, we propose a novel detection method called Correlated Link Verification (CLV). CLV is composed of three phases. Firstly, we introduce a data processing method to mitigate measurement error and enhance robustness. Secondly, we present a multipath transmission simulation method to convert the measured performance disparity between correlated links into statistical features. Thirdly, we propose a dynamic threshold calculation method, which utilizes the statistical features to determine thresholds based on extreme value theory and probability distribution fitting. Finally, CLV identifies the fabricated link within correlated links based on the thresholds and current statistical features. Extensive experiments have been conducted to validate the feasibility, effectiveness, scalability and robustness of CLV. The experimental results demonstrate that CLV can effectively detect LFA in low-latency SDN networks.