Spook in Your Network: Attacking an SDN with a Compromised OpenFlow Switch

Software defined networking (SDN) and OpenFlow as one of its key technologies have received a lot of attention from the networking community. While SDN enables complex network applications and easier network management, the paradigm change comes along with new security threats. In this paper, we ana...

Full description

Saved in:

Bibliographic Details
Published in	Secure IT Systems pp. 229 - 244
Main Authors	Antikainen, Markku, Aura, Tuomas, Särelä, Mikko
Format	Book Chapter
Language	English
Published	Cham Springer International Publishing 2014
Series	Lecture Notes in Computer Science
Subjects	Control Channel Internet Protocol Address Mutual Authentication Target Network Virtual Link
Online Access	Get full text

Cover

Loading…

Abstract	Software defined networking (SDN) and OpenFlow as one of its key technologies have received a lot of attention from the networking community. While SDN enables complex network applications and easier network management, the paradigm change comes along with new security threats. In this paper, we analyze attacks against a software-defined network in a scenario where the attacker has been able to compromise one or more OpenFlow-capable switches. We find out that such attacker can in suitable environments perform a wide range of attacks, including man-in-the-middle attacks against control-plane traffic, by using only the standard OpenFlow functionality of the switch. Furthermore, we show that in certain scenarios it is nearly impossible to detect that some switch has been compromised. We conclude that while the existing security mechanisms, such as TLS, give protection against many of the presented attacks, the threats should not be overlooked when moving to SDN and OpenFlow.
AbstractList	Software defined networking (SDN) and OpenFlow as one of its key technologies have received a lot of attention from the networking community. While SDN enables complex network applications and easier network management, the paradigm change comes along with new security threats. In this paper, we analyze attacks against a software-defined network in a scenario where the attacker has been able to compromise one or more OpenFlow-capable switches. We find out that such attacker can in suitable environments perform a wide range of attacks, including man-in-the-middle attacks against control-plane traffic, by using only the standard OpenFlow functionality of the switch. Furthermore, we show that in certain scenarios it is nearly impossible to detect that some switch has been compromised. We conclude that while the existing security mechanisms, such as TLS, give protection against many of the presented attacks, the threats should not be overlooked when moving to SDN and OpenFlow.
Author	Särelä, Mikko Aura, Tuomas Antikainen, Markku
Author_xml	– sequence: 1 givenname: Markku surname: Antikainen fullname: Antikainen, Markku email: markku.antikainen@aalto.fi – sequence: 2 givenname: Tuomas surname: Aura fullname: Aura, Tuomas – sequence: 3 givenname: Mikko surname: Särelä fullname: Särelä, Mikko
BookMark	eNpFkM9OAjEYxKtiIiBv4KEvUO23X7ttvREU_4TAAS6emu5uKyuw3eyu4fVd0MTTJDPJZOY3IoMqVp6QO-D3wLl6MEozZAiGAUhjGFoQF2SEvXM25CUZQgrAEIW5-g-0GpAhR54wowTekEnbfnHOAVWilB6S93Ud446WFf2I3w1d-u4Ym90jnXady3dl9UldRddPS3osuy11dBYPdRMPZesLuqp9Nd_HI133Yb69JdfB7Vs_-dMx2cyfN7NXtli9vM2mC5ZDKgRz3gede62M9lKjkzwrAIoil8HJIDIwIs1SdGA4SBGCTgoRfAhFUJjoHMck-a1t66bf5xub9Q9aC9yeSNmelEXb37dnMPZECn8Ab7FZKQ
CitedBy_id	crossref_primary_10_1007_s12083_017_0604_2 crossref_primary_10_1109_TNET_2020_2977006 crossref_primary_10_1016_j_comnet_2021_107981 crossref_primary_10_1109_TNSM_2019_2955790 crossref_primary_10_1109_LCOMM_2019_2896928 crossref_primary_10_1007_s11277_020_07387_y crossref_primary_10_1109_TNSM_2020_3045998 crossref_primary_10_4236_wsn_2021_131001 crossref_primary_10_1109_TIFS_2023_3315128 crossref_primary_10_1109_TNET_2018_2885532 crossref_primary_10_1109_ACCESS_2022_3229899 crossref_primary_10_1016_j_future_2017_12_069 crossref_primary_10_1109_OJCOMS_2024_3406489 crossref_primary_10_1109_COMST_2016_2597193 crossref_primary_10_1109_TNSM_2018_2822668 crossref_primary_10_1109_TPDS_2021_3068135 crossref_primary_10_1016_j_comnet_2020_107119 crossref_primary_10_1631_FITEE_1800436 crossref_primary_10_1109_TETC_2018_2806977 crossref_primary_10_1109_ACCESS_2021_3107203 crossref_primary_10_1109_TNET_2022_3225211 crossref_primary_10_1109_ACCESS_2019_2895092 crossref_primary_10_1007_s13198_021_01162_3 crossref_primary_10_1109_COMST_2018_2839348 crossref_primary_10_1109_TNET_2020_3033588
ContentType	Book Chapter
Copyright	Springer International Publishing Switzerland 2014
Copyright_xml	– notice: Springer International Publishing Switzerland 2014
DOI	10.1007/978-3-319-11599-3_14
DatabaseTitleList
DeliveryMethod	fulltext_linktorsrc
Discipline	Computer Science
EISBN	3319115995 9783319115993
EISSN	1611-3349
Editor	Bernsmed, Karin Fischer-Hübner, Simone
Editor_xml	– sequence: 1 givenname: Karin surname: Bernsmed fullname: Bernsmed, Karin email: karin.bernsmed@sintef.no – sequence: 2 givenname: Simone surname: Fischer-Hübner fullname: Fischer-Hübner, Simone email: simone.fischer-huebner@kau.se
EndPage	244
GroupedDBID	-DT -GH -~X 1SB 29L 2HA 2HV 5QI 875 AASHB ABMNI ACGFS ADCXD AEFIE ALMA_UNASSIGNED_HOLDINGS EJD F5P FEDTE HVGLF LAS LDH P2P RIG RNI RSU SVGTG VI1 ~02
ID	FETCH-LOGICAL-c1644-aeef8ce8798e583a50bd11ddc5fa5f4b1946b63a190154ff82d4feffdf7328c3
ISBN	3319115987 9783319115986
ISSN	0302-9743
IngestDate	Wed Nov 06 06:43:58 EST 2024
IsPeerReviewed	true
IsScholarly	true
Language	English
LinkModel	OpenURL
MergedId	FETCHMERGED-LOGICAL-c1644-aeef8ce8798e583a50bd11ddc5fa5f4b1946b63a190154ff82d4feffdf7328c3
PageCount	16
ParticipantIDs	springer_books_10_1007_978_3_319_11599_3_14
PublicationCentury	2000
PublicationDate	2014
PublicationDateYYYYMMDD	2014-01-01
PublicationDate_xml	– year: 2014 text: 2014
PublicationDecade	2010
PublicationPlace	Cham
PublicationPlace_xml	– name: Cham
PublicationSeriesSubtitle	Security and Cryptology
PublicationSeriesTitle	Lecture Notes in Computer Science
PublicationSeriesTitleAlternate	Lect.Notes Computer
PublicationSubtitle	19th Nordic Conference, NordSec 2014, Tromsø, Norway, October 15-17, 2014, Proceedings
PublicationTitle	Secure IT Systems
PublicationYear	2014
Publisher	Springer International Publishing
Publisher_xml	– name: Springer International Publishing
RelatedPersons	Kleinberg, Jon M. Mattern, Friedemann Nierstrasz, Oscar Steffen, Bernhard Kittler, Josef Weikum, Gerhard Naor, Moni Mitchell, John C. Terzopoulos, Demetri Kobsa, Alfred Pandu Rangan, C. Kanade, Takeo Hutchison, David Tygar, Doug
RelatedPersons_xml	– sequence: 1 givenname: David surname: Hutchison fullname: Hutchison, David – sequence: 2 givenname: Takeo surname: Kanade fullname: Kanade, Takeo – sequence: 3 givenname: Josef surname: Kittler fullname: Kittler, Josef – sequence: 4 givenname: Jon M. surname: Kleinberg fullname: Kleinberg, Jon M. – sequence: 5 givenname: Alfred surname: Kobsa fullname: Kobsa, Alfred – sequence: 6 givenname: Friedemann surname: Mattern fullname: Mattern, Friedemann – sequence: 7 givenname: John C. surname: Mitchell fullname: Mitchell, John C. – sequence: 8 givenname: Moni surname: Naor fullname: Naor, Moni – sequence: 9 givenname: Oscar surname: Nierstrasz fullname: Nierstrasz, Oscar – sequence: 10 givenname: C. surname: Pandu Rangan fullname: Pandu Rangan, C. – sequence: 11 givenname: Bernhard surname: Steffen fullname: Steffen, Bernhard – sequence: 12 givenname: Demetri surname: Terzopoulos fullname: Terzopoulos, Demetri – sequence: 13 givenname: Doug surname: Tygar fullname: Tygar, Doug – sequence: 14 givenname: Gerhard surname: Weikum fullname: Weikum, Gerhard
SSID	ssj0001372778 ssj0002792
Score	2.1295657
Snippet	Software defined networking (SDN) and OpenFlow as one of its key technologies have received a lot of attention from the networking community. While SDN enables...
SourceID	springer
SourceType	Publisher
StartPage	229
SubjectTerms	Control Channel Internet Protocol Address Mutual Authentication Target Network Virtual Link
Title	Spook in Your Network: Attacking an SDN with a Compromised OpenFlow Switch
URI	http://link.springer.com/10.1007/978-3-319-11599-3_14
hasFullText	1
inHoldings	1
isFullTextHit
isPrint
link	http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwnV3LitswFBXpdFO66Ju-0aI74xKP5Fehi9LOMA3TbOKW2RlJliB4sIeMQ6H043uvHrGTmc10Y4wdYvse-frqSOeIkA9SlTn6wsUqFTLmnOWxgCQYC824SaTOhbVd_LHMzn7yxUV6MZv9napLBvlR_blVV_I_qMIxwBVVsndAdvencAD2AV_YAsKwPSh-92lWp-FAplxH36s913Hbox_WLXT4XUJBMU673Z3b2nWFomq7mxeE9IodLucbfel23Hz6tu2nDWp1hbKIdRdBgrBCYZzSZXnFYRCqdWLHaPVt6fVyNtVsemhHUNPivJXTy_53tIKTnjzDEOnrz-d-FGPZD3ZyWBQWmgh5Z0pMJPyAmAjE5AG1ObJrez1ZBqkAitPS-2J7RRdka-jvuASoXYLO0HaROZvTkHQ9Z-K-38fOT_LGp2E6GwSVW3i1MmY1roJ-Ly8hO97_crI4_zUydAxqu3z0nkerRTcm5e4KlULhrnPn5TQ-xUSledslb4y723KmekweosSFovYEgvaEzHT3lDwKcac-7s_IwmJO1x1FzKnH_BPdIU5FRwFxiohTQSeI04A4dYg_J9XpSfX1LPaLb8QKetAcXlZtCqWLvCx0WjCRzmWTJE2jUiNSw2VS8kxmTNiCkhtTHDfcaGMag_ZPir0gR13f6ZeEzjNjJK4qkDDJ-ZwVUmYiS1SBg-Ayk69IFGJR49t0XQcrbYhczWqIXG0jV2PkXt_p12_Ig7FpviVHw2ar30EVOcj3Hu5_O8Fmcw
link.rule.ids	782,783,787,796,27937
linkProvider	Library Specific Holdings
openUrl	ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=bookitem&rft.title=Secure+IT+Systems&rft.au=Antikainen%2C+Markku&rft.au=Aura%2C+Tuomas&rft.au=S%C3%A4rel%C3%A4%2C+Mikko&rft.atitle=Spook+in+Your+Network%3A+Attacking+an+SDN+with+a+Compromised+OpenFlow+Switch&rft.series=Lecture+Notes+in+Computer+Science&rft.date=2014-01-01&rft.pub=Springer+International+Publishing&rft.isbn=9783319115986&rft.issn=0302-9743&rft.eissn=1611-3349&rft.spage=229&rft.epage=244&rft_id=info:doi/10.1007%2F978-3-319-11599-3_14
thumbnail_l	http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=0302-9743&client=summon
thumbnail_m	http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=0302-9743&client=summon
thumbnail_s	http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=0302-9743&client=summon