Abstract
Software-defined networking (SDN) is a technology for programming and efficiently managing networks. SDNs are prone to numerous threats, such as Distributed Denial of Service (DDoS), Man-in-the-middle, ARP Spoofing, Side-channels, and several other attacks. Separation of the data plane from the control plane makes SDN vulnerable to timing side-channel attacks. By comparing the response time of probe queries, an adversary can infer a pattern of request, which can invoke the controller and eventually discover information about the network. An adversary can apply these attacks to extract flow tables, routes, controller type, ports, etc. In this paper, we propose a novel security solution ‘Netkasi’ (kaŝi means ‘hide’ in Esperanto), to counter timing side-channel attacks in SDN. This solution hides the original response time information from the attacker and provides random response timing. As this security solution is designed to integrate with SDN, its architecture ensures minimal impact on the network traffic and consumption of network resources. The current solutions are a massive overhead on the network, whereas ‘Netkasi’ is implemented as a peripheral solution having its resources without causing significant overhead on the traffic. Analysis of the overall design shows that our solution is effective for the prevention of timing side-channel attacks in SDN.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
