Abstract
Research in Software Defined Networks (SDN) has gained momentum in recent years. SDNs are getting mature, however, there are still many research challenges that need to be considered before SDN become ubiquitous. The adaptation of the technology brings immediate focus to its security aspects. The centralized nature of the SDN makes it prone to many denial of service attacks, especially if the policy parameters of SDN are known to adversaries. In this work, we present techniques to perform fingerprinting of SDN including policy parameters such as hard and idle/soft timeouts, OpenFlow match-fields used by the SDN controller, controller reaction at table full event and information about the topology of the targeted network. An adversary can launch a carefully planned attack, especially on the SDN data plane, if these policy parameters are easily discoverable for a SDN domain. Assuming access to the SDN domain’s host and customized packet generation from the compromised host, we propose efficient techniques to discover these aforementioned policy parameters. The results of the proposed fingerprinting techniques are verified by using Mininet.
Highlights
Software Defined Networks (SDNs) are getting significant research attention in the networking domain due to the programmability of the networks
We focus on a specific data plane attack referred to as Flow Table Entry Attack (FTEA)
: 1) We present a detailed analysis of fingerprinting techniques used to discover the configurable policy parameters in an SDN based environment
Summary
Software Defined Networks (SDNs) are getting significant research attention in the networking domain due to the programmability of the networks. There are three main configurable SDN policy parameters, namely flow timeout value, match field and flow replacement policy that affect how quickly the capacity of the FET can be exhausted. The attack using the knowledge of the current flow replacement policy is of particular importance [12] as it results in a drastic degradation of the network’s performance Beside these configurable parameters, SDN topology discovery reveals important information about round trip times between end hosts which enables the attacker to choose its preferred hosts for maximum attack efficiency. We study the impact of FTEA on the data plane and explore the SDN policy parameters that affect the intensity of such attacks. This research work presents concerns for network administrators to properly configure the SDN such that adversary/attacker find it hard to predict these policy parameters.
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
