Analysis of topology poisoning attacks in software-defined networking

Thanh Bui; Markku Antikainen; Tuomas Aura

doi:10.1007/978-3-030-35055-0_6

Analysis of topology poisoning attacks in software-defined networking

Thanh Bui^*, Markku Antikainen, Tuomas Aura

^*Tämän työn vastaava kirjoittaja

Tutkimustuotos: Artikkeli kirjassa/konferenssijulkaisussa › Conference contribution › Scientific › vertaisarvioitu

Abstrakti

In software-defined networking (SDN), routing decisions are made by a trusted network controller, which communicates with each forwarding device over a secure control channel. While this architecture avoids many security issues of distributed routing protocols, SDN remains vulnerable to topology poisoning attacks during topology discovery. Faked link information can cause wrong routing decisions by the controller and, thus, enable the attacker to reroute some traffic flows to compromised nodes. This paper provides both qualitative and quantitative analysis of topology poisoning attacks in SDN. We classify the attacks including new variants and analyze how their impact depends on the network topology, routing policy, and attacker location. While most of the literature emphasizes the security of the SDN controller and control channels, we assume them to be secure and aim to understand the ability of a small number of compromised switches to divert traffic flows. This is important because the low-cost, heterogeneous network equipment available for SDN may not be entirely trusted and because targeted attacks often start from the compromise of a single device.

Alkuperäiskieli	Englanti
Otsikko	Secure IT Systems - 24th Nordic Conference, NordSec 2019, Proceedings
Toimittajat	Aslan Askarov, René Rydhof Hansen, Willard Rafnsson
Kustantaja	SPRINGER
Sivut	87-102
Sivumäärä	16
ISBN (painettu)	9783030350543
DOI - pysyväislinkit	https://doi.org/10.1007/978-3-030-35055-0_6
Tila	Julkaistu - 13 marrask. 2019
OKM-julkaisutyyppi	A4 Artikkeli konferenssijulkaisuussa
Tapahtuma	Nordic Conference on Secure IT Systems - Aalborg, Tanska Kesto: 18 marrask. 2019 → 20 marrask. 2019 Konferenssinumero: 24 https://nordsec2019.cs.aau.dk/

Julkaisusarja

Nimi	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Vuosikerta	11875 LNCS
ISSN (painettu)	0302-9743
ISSN (elektroninen)	1611-3349

Conference

Conference	Nordic Conference on Secure IT Systems
Lyhennettä	NordSec
Maa/Alue	Tanska
Kaupunki	Aalborg
Ajanjakso	18/11/2019 → 20/11/2019
www-osoite	https://nordsec2019.cs.aau.dk/

Pääsy asiakirjaan

10.1007/978-3-030-35055-0_6

OpenUrl-saatavuus

Koko teksti

Muut tiedostot ja linkit

Link to publication in Scopus

Security Failures in Modern Software
Tuomas Aura & Markku Antikainen
14/04/2021
1 kohde/ Medianäkyvyys
Lehdistö/media: Esiintyminen mediassa

Siteeraa tätä

Bui, T., Antikainen, M., & Aura, T. (2019). Analysis of topology poisoning attacks in software-defined networking. teoksessa A. Askarov, R. R. Hansen, & W. Rafnsson (Toimittajat), Secure IT Systems - 24th Nordic Conference, NordSec 2019, Proceedings (Sivut 87-102). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vuosikerta 11875 LNCS). SPRINGER. https://doi.org/10.1007/978-3-030-35055-0_6

Bui, Thanh ; Antikainen, Markku ; Aura, Tuomas. / Analysis of topology poisoning attacks in software-defined networking. Secure IT Systems - 24th Nordic Conference, NordSec 2019, Proceedings. Toimittaja / Aslan Askarov ; René Rydhof Hansen ; Willard Rafnsson. SPRINGER, 2019. Sivut 87-102 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{9040eeeee4cd442889c46139f0c4a014,

title = "Analysis of topology poisoning attacks in software-defined networking",

abstract = "In software-defined networking (SDN), routing decisions are made by a trusted network controller, which communicates with each forwarding device over a secure control channel. While this architecture avoids many security issues of distributed routing protocols, SDN remains vulnerable to topology poisoning attacks during topology discovery. Faked link information can cause wrong routing decisions by the controller and, thus, enable the attacker to reroute some traffic flows to compromised nodes. This paper provides both qualitative and quantitative analysis of topology poisoning attacks in SDN. We classify the attacks including new variants and analyze how their impact depends on the network topology, routing policy, and attacker location. While most of the literature emphasizes the security of the SDN controller and control channels, we assume them to be secure and aim to understand the ability of a small number of compromised switches to divert traffic flows. This is important because the low-cost, heterogeneous network equipment available for SDN may not be entirely trusted and because targeted attacks often start from the compromise of a single device.",

author = "Thanh Bui and Markku Antikainen and Tuomas Aura",

year = "2019",

month = nov,

day = "13",

doi = "10.1007/978-3-030-35055-0_6",

language = "English",

isbn = "9783030350543",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "SPRINGER",

pages = "87--102",

editor = "Aslan Askarov and Hansen, {Ren{\'e} Rydhof} and Willard Rafnsson",

booktitle = "Secure IT Systems - 24th Nordic Conference, NordSec 2019, Proceedings",

address = "Germany",

note = "Nordic Conference on Secure IT Systems, NordSec ; Conference date: 18-11-2019 Through 20-11-2019",

url = "https://nordsec2019.cs.aau.dk/",

}

Bui, T, Antikainen, M & Aura, T 2019, Analysis of topology poisoning attacks in software-defined networking. julkaisussa A Askarov, RR Hansen & W Rafnsson (toim), Secure IT Systems - 24th Nordic Conference, NordSec 2019, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), Vuosikerta 11875 LNCS, SPRINGER, Sivut 87-102, Nordic Conference on Secure IT Systems, Aalborg, Tanska, 18/11/2019. https://doi.org/10.1007/978-3-030-35055-0_6

Analysis of topology poisoning attacks in software-defined networking. / Bui, Thanh; Antikainen, Markku ; Aura, Tuomas.
Secure IT Systems - 24th Nordic Conference, NordSec 2019, Proceedings. toim. / Aslan Askarov; René Rydhof Hansen; Willard Rafnsson. SPRINGER, 2019. s. 87-102 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vuosikerta 11875 LNCS).

Tutkimustuotos: Artikkeli kirjassa/konferenssijulkaisussa › Conference contribution › Scientific › vertaisarvioitu

TY - GEN

T1 - Analysis of topology poisoning attacks in software-defined networking

AU - Bui, Thanh

AU - Antikainen, Markku

AU - Aura, Tuomas

N1 - Conference code: 24

PY - 2019/11/13

Y1 - 2019/11/13

N2 - In software-defined networking (SDN), routing decisions are made by a trusted network controller, which communicates with each forwarding device over a secure control channel. While this architecture avoids many security issues of distributed routing protocols, SDN remains vulnerable to topology poisoning attacks during topology discovery. Faked link information can cause wrong routing decisions by the controller and, thus, enable the attacker to reroute some traffic flows to compromised nodes. This paper provides both qualitative and quantitative analysis of topology poisoning attacks in SDN. We classify the attacks including new variants and analyze how their impact depends on the network topology, routing policy, and attacker location. While most of the literature emphasizes the security of the SDN controller and control channels, we assume them to be secure and aim to understand the ability of a small number of compromised switches to divert traffic flows. This is important because the low-cost, heterogeneous network equipment available for SDN may not be entirely trusted and because targeted attacks often start from the compromise of a single device.

AB - In software-defined networking (SDN), routing decisions are made by a trusted network controller, which communicates with each forwarding device over a secure control channel. While this architecture avoids many security issues of distributed routing protocols, SDN remains vulnerable to topology poisoning attacks during topology discovery. Faked link information can cause wrong routing decisions by the controller and, thus, enable the attacker to reroute some traffic flows to compromised nodes. This paper provides both qualitative and quantitative analysis of topology poisoning attacks in SDN. We classify the attacks including new variants and analyze how their impact depends on the network topology, routing policy, and attacker location. While most of the literature emphasizes the security of the SDN controller and control channels, we assume them to be secure and aim to understand the ability of a small number of compromised switches to divert traffic flows. This is important because the low-cost, heterogeneous network equipment available for SDN may not be entirely trusted and because targeted attacks often start from the compromise of a single device.

UR - http://www.scopus.com/inward/record.url?scp=85076324708&partnerID=8YFLogxK

U2 - 10.1007/978-3-030-35055-0_6

DO - 10.1007/978-3-030-35055-0_6

M3 - Conference contribution

AN - SCOPUS:85076324708

SN - 9783030350543

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 87

EP - 102

BT - Secure IT Systems - 24th Nordic Conference, NordSec 2019, Proceedings

A2 - Askarov, Aslan

A2 - Hansen, René Rydhof

A2 - Rafnsson, Willard

PB - SPRINGER

T2 - Nordic Conference on Secure IT Systems

Y2 - 18 November 2019 through 20 November 2019

ER -

Bui T, Antikainen M , Aura T. Analysis of topology poisoning attacks in software-defined networking. julkaisussa Askarov A, Hansen RR, Rafnsson W, toimittajat, Secure IT Systems - 24th Nordic Conference, NordSec 2019, Proceedings. SPRINGER. 2019. s. 87-102. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-030-35055-0_6

Analysis of topology poisoning attacks in software-defined networking

Abstrakti

Julkaisusarja

Conference

Pääsy asiakirjaan

OpenUrl-saatavuus

Muut tiedostot ja linkit

Sormenjälki

Lehtileikkeet

Security Failures in Modern Software

Siteeraa tätä