Gray Hole Attack is an advanced transformation of black hole attack. Both of them are a common type of attack in Wireless Sensor Network (WSN). Malicious nodes may constantly or randomly drop packets and therefore reduce the efficiency of the networking system. Furthermore Software Define Network (SDN) has been highly developed in recent years. In this type of networks switch/router functionality is separated into the control plane and data plane. Network managers can select control policies and build operating rules according to their own preferences. In addition, network protocols and packet fields are also programmable. Because the switch/router only implements the data transmission and executes the switching/routing decisions based on commends coming from control plane. Compromised switches/routers themselves or malicious control instructions both can result in selectively dropped packets. This makes a gray hole attack possible in the infrastructure of SDN. Therefore, this paper would like to discuss time-base and random-base gray hole attack in SDN, and then propose a useful detection method based on weighted K-Nearest Neighbor (KNN) and Genetic Algorithm (GA). The simulation data collected from switches/routers indicate that our method does demonstrate pretty good performance.
Hsieh, Yi-Ting and Ku, Cheng-Yuan, "Detection of Gray Hole Attack in Software Defined Networks" (2018). ICEB 2018 Proceedings (Guilin, China). 79.