Flow Wars: Systemizing the Attack Surface and Defenses in Software-Defined Networks

Emerging software defined network (SDN) stacks have introduced an entirely new attack surface that is exploitable from a wide range of launch points. Through an analysis of the various attack strategies reported in prior work, and through our own efforts to enumerate new and variant attack strategie...

Full description

Saved in:
Bibliographic Details
Published inIEEE/ACM transactions on networking Vol. 25; no. 6; pp. 3514 - 3530
Main Authors Changhoon Yoon, Seungsoo Lee, Heedo Kang, Taejune Park, Seungwon Shin, Yegneswaran, Vinod, Porras, Phillip, Guofei Gu
Format Journal Article
LanguageEnglish
Published New York IEEE 01.12.2017
The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Subjects
network security
Network topology
Protocols
R&D
Replication
Research & development
SDN security
Security
Software
Software defined network security
Software reliability
Software-defined networking
Stacks
Switches
Taxonomy
Online AccessGet full text

Cover

More Information
Summary:Emerging software defined network (SDN) stacks have introduced an entirely new attack surface that is exploitable from a wide range of launch points. Through an analysis of the various attack strategies reported in prior work, and through our own efforts to enumerate new and variant attack strategies, we have gained two insights. First, we observe that different SDN controller implementations, developed independently by different groups, seem to manifest common sets of pitfalls and design weakness that enable the extensive set of attacks compiled in this paper. Second, through a principled exploration of the underlying design and implementation weaknesses that enables these attacks, we introduce a taxonomy to offer insight into the common pitfalls that enable SDN stacks to be broken or destabilized when fielded within hostile computing environments. This paper first captures our understanding of the SDN attack surface through a comprehensive survey of existing SDN attack studies, which we extend by enumerating 12 new vectors for SDN abuse. We then organize these vulnerabilities within the well-known confidentiality, integrity, and availability model, assess the severity of these attacks by replicating them in a physical SDN testbed, and evaluate them against three popular SDN controllers. We also evaluate the impact of these attacks against published SDN defense solutions. Finally, we abstract our findings to offer the research and development communities with a deeper understanding of the common design and implementation pitfalls that are enabling the abuse of SDN networks.
ISSN:1063-6692
1558-2566
DOI:10.1109/TNET.2017.2748159