Analysis of topology poisoning attacks in software-defined networking

Tutkimustuotos: Artikkeli kirjassa/konferenssijulkaisussavertaisarvioitu

Tutkijat

Organisaatiot

Kuvaus

In software-defined networking (SDN), routing decisions are made by a trusted network controller, which communicates with each forwarding device over a secure control channel. While this architecture avoids many security issues of distributed routing protocols, SDN remains vulnerable to topology poisoning attacks during topology discovery. Faked link information can cause wrong routing decisions by the controller and, thus, enable the attacker to reroute some traffic flows to compromised nodes. This paper provides both qualitative and quantitative analysis of topology poisoning attacks in SDN. We classify the attacks including new variants and analyze how their impact depends on the network topology, routing policy, and attacker location. While most of the literature emphasizes the security of the SDN controller and control channels, we assume them to be secure and aim to understand the ability of a small number of compromised switches to divert traffic flows. This is important because the low-cost, heterogeneous network equipment available for SDN may not be entirely trusted and because targeted attacks often start from the compromise of a single device.

Yksityiskohdat

AlkuperäiskieliEnglanti
OtsikkoSecure IT Systems - 24th Nordic Conference, NordSec 2019, Proceedings
ToimittajatAslan Askarov, René Rydhof Hansen, Willard Rafnsson
TilaJulkaistu - 13 marraskuuta 2019
OKM-julkaisutyyppiA4 Artikkeli konferenssijulkaisuussa
TapahtumaNordic Conference on Secure IT Systems - Aalborg, Tanska
Kesto: 18 marraskuuta 201920 marraskuuta 2019
Konferenssinumero: 24
https://nordsec2019.cs.aau.dk/

Julkaisusarja

NimiLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Vuosikerta11875 LNCS
ISSN (painettu)0302-9743
ISSN (elektroninen)1611-3349

Conference

ConferenceNordic Conference on Secure IT Systems
LyhennettäNordSec
MaaTanska
KaupunkiAalborg
Ajanjakso18/11/201920/11/2019
www-osoite

ID: 40402785