Analysis of topology poisoning attacks in software-defined networking

Thanh Bui*, Markku Antikainen, Tuomas Aura

*Tämän työn vastaava kirjoittaja

Tutkimustuotos: Artikkeli kirjassa/konferenssijulkaisussaConference article in proceedingsScientificvertaisarvioitu


In software-defined networking (SDN), routing decisions are made by a trusted network controller, which communicates with each forwarding device over a secure control channel. While this architecture avoids many security issues of distributed routing protocols, SDN remains vulnerable to topology poisoning attacks during topology discovery. Faked link information can cause wrong routing decisions by the controller and, thus, enable the attacker to reroute some traffic flows to compromised nodes. This paper provides both qualitative and quantitative analysis of topology poisoning attacks in SDN. We classify the attacks including new variants and analyze how their impact depends on the network topology, routing policy, and attacker location. While most of the literature emphasizes the security of the SDN controller and control channels, we assume them to be secure and aim to understand the ability of a small number of compromised switches to divert traffic flows. This is important because the low-cost, heterogeneous network equipment available for SDN may not be entirely trusted and because targeted attacks often start from the compromise of a single device.

OtsikkoSecure IT Systems - 24th Nordic Conference, NordSec 2019, Proceedings
ToimittajatAslan Askarov, René Rydhof Hansen, Willard Rafnsson
ISBN (painettu)9783030350543
DOI - pysyväislinkit
TilaJulkaistu - 13 marrask. 2019
OKM-julkaisutyyppiA4 Artikkeli konferenssijulkaisussa
TapahtumaNordic Conference on Secure IT Systems - Aalborg, Tanska
Kesto: 18 marrask. 201920 marrask. 2019
Konferenssinumero: 24


NimiLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Vuosikerta11875 LNCS
ISSN (painettu)0302-9743
ISSN (elektroninen)1611-3349


ConferenceNordic Conference on Secure IT Systems


Sukella tutkimusaiheisiin 'Analysis of topology poisoning attacks in software-defined networking'. Ne muodostavat yhdessä ainutlaatuisen sormenjäljen.

Siteeraa tätä