research-article

Performance impact of topology poisoning attack in SDN and its countermeasure

Authors:

Ashutosh Kumar Singh,

Shashank SrivastavaAuthors Info & Claims

SIN '17: Proceedings of the 10th International Conference on Security of Information and Networks

Pages 179 - 184

https://doi.org/10.1145/3136825.3136881

Published: 13 October 2017 Publication History

Abstract

Topology Discovery is a crucial task for a controller in Software Defined Networks (SDN). In this paper, we present an attack model to disturb topology discovery service of controller, by injecting fake links in the network. Our attack model assumes, some switches present in the network are compromised by attacker. Fake links injected through compromised switches, causes a huge packet loss in the network. We have performed a comparative analysis of packet loss for our proposed attack model and packet loss for previously proposed model. We also provide an efficient countermeasure for proposed attack model based on detection of fake link at controller. Both attack model and countermeasure are tested for a real time network.

References

[1]

Talal Alharbi, Marius Portmann, and Farzaneh Pakzad. 2015. The (in) security of topology discovery in software defined networks. In Local Computer Networks (LCN), 2015 IEEE 40th Conference on. IEEE, 502--505.

Digital Library

[2]

Markku Antikainen, Tuomas Aura, and Mikko Särelä. 2014. Spook in your network: Attacking an sdn with a compromised openflow switch. In Nordic Conference on Secure IT Systems. Springer, 229--244.

[3]

Stuart Bailey, Deepak Bansal, Linda Dunbar, Dave Hood, Zoltán Lajos Kis, Ben MackCrane, Jeff Maguire, Dan Malek, David Meyer, Manuel Paul, et al. 2013. SDN Architecture Overview. Open Networking Foundation, Ver 1 (2013).

[4]

Martin Casado, Tal Garfinkel, Aditya Akella, Michael J Freedman, Dan Boneh, Nick McKeown, and Scott Shenker. 2006. SANE: A Protection Architecture for Enterprise Networks. In USENIX Security Symposium, Vol. 49. 50.

Digital Library

[5]

G Adam Covington, Glenn Gibb, John W Lockwood, and Nick Mckeown. 2009. A packet generator on the NetFPGA platform. In Field Programmable Custom Computing Machines, 2009. FCCM'09. 17th IEEE Symposium on. IEEE, 235--238.

Digital Library

[6]

Mohan Dhawan, Rishabh Poddar, Kshiteej Mahajan, and Vijay Mann. 2015. SPHINX: Detecting Security Attacks in Software-Defined Networks. In NDSS.

[7]

Nick Feamster, Jennifer Rexford, and Ellen Zegura. 2013. The road to SDN. Queue 11, 12 (2013), 20.

Digital Library

[8]

Open Networking Fundation. 2012. Software-defined networking: The new norm for networks. ONF White Paper 2 (2012), 2--6.

[9]

Steffen Gebert, Rastin Pries, Daniel Schlosser, and Klaus Heck. 2012. Internet access traffic measurement and analysis. Traffic Monitoring and Analysis (2012), 29--42.

Digital Library

[10]

Marcel Großmann and Stephan JA Schuberth. 2013. Auto-Mininet: Assessing the Internet Topology Zoo in a Software-Defined Network Emulator. Messung, Mellierung un Bewertung von Rechensystemen (MMBnet) 7 (2013).

[11]

Natasha Gude, Teemu Koponen, Justin Pettit, Ben Pfaff, Martin Casado, Nick McKeown, and Scott Shenker. 2008. NOX: towards an operating system for networks. ACM SIGCOMM Computer Communication Review 38, 3 (2008), 105--110.

Digital Library

[12]

Sungmin Hong, Lei Xu, Haopei Wang, and Guofei Gu. 2015. Poisoning Network Visibility in Software-Defined Networks: New Attacks and Countermeasures. In NDSS.

[13]

Simon Knight, Hung X Nguyen, Nick Falkner, Rhys Bowden, and Matthew Roughan. 2011. The internet topology zoo. IEEE Journal on Selected Areas in Communications 29, 9 (2011), 1765--1775.

[14]

Diego Kreutz, Fernando Ramos, and Paulo Verissimo. 2013. Towards secure and dependable software-defined networks. In Proceedings of the second ACM SIGCOMM workshop on Hot topics in software defined networking. ACM, 55--60.

Digital Library

[15]

Lun Li, David Alderson, Walter Willinger, and John Doyle. 2004. A first-principles approach to understanding the internet's router-level topology. In ACM SIGCOMM Computer Communication Review, Vol. 34. ACM, 3--14.

Digital Library

[16]

Mohammad Z Masoud, Yousf Jaradat, and Ismael Jannoud. 2015. On preventing ARP poisoning attack utilizing Software Defined Network (SDN) paradigm. In Applied Electrical Engineering and Computing Technologies (AEECT), 2015 IEEE Jordan Conference on. IEEE, 1--5.

[17]

Lisa Schehlmann, Sebastian Abt, and Harald Baier. 2014. Blessing or curse? Revisiting security aspects of Software-Defined Networking. In Network and Service Management (CNSM), 2014 10th International Conference on. IEEE, 382--387.

[18]

Ajay Tirumala, Feng Qin, Jon Dugan, Jim Ferguson, and Kevin Gibbs. 2005. Iperf:The TCP/UDP bandwidth measurement tool. http://dast.nlanr.net/Projects (2005).

Cited By

Chaganti RSuliman WRavi VDua A(2023)Deep Learning Approach for SDN-Enabled Intrusion Detection System in IoT NetworksInformation10.3390/info1401004114:1(41)Online publication date: 9-Jan-2023
https://doi.org/10.3390/info14010041
Soltani SShojafar MMostafaei HTafazolli R(2023)Real-Time Link Verification in Software-Defined NetworksIEEE Transactions on Network and Service Management10.1109/TNSM.2023.323869120:3(3596-3611)Online publication date: Sep-2023
https://doi.org/10.1109/TNSM.2023.3238691
Kong DShen YChen XCheng QLiu HZhang DLiu XChen SWu C(2023)Combination Attacks and Defenses on SDN Topology DiscoveryIEEE/ACM Transactions on Networking10.1109/TNET.2022.320356131:2(904-919)Online publication date: Apr-2023
https://doi.org/10.1109/TNET.2022.3203561
Show More Cited By

Index Terms

Performance impact of topology poisoning attack in SDN and its countermeasure
1. Security and privacy
  1. Systems security
    1. Denial-of-service attacks

Recommendations

Detection of Topology Poisoning by Silent Relay Attacker in SDN
MobiCom '18: Proceedings of the 24th Annual International Conference on Mobile Computing and Networking

Topology Poisoning can be easily performed by injecting a fake link between SDN switches using a silent relay attack. This attack is difficult to detect because 1) the attacker is a passive man-in-the-middle to relay control messages between the ...
Manipulating OpenFlow Link Discovery Packet Forwarding for Topology Poisoning
CCS '24: Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security

Software-defined networking (SDN) is a centralized, dynamic, and programmable network management technology that enables flexible traffic control and scalability. SDN facilitates network administration through a centralized view of the underlying ...
SECAP Switch—Defeating Topology Poisoning Attacks Using P4 Data Planes
Abstract
Programmable networking is evolving from programmable control plane solutions such as OpenFlow-based software-defined networking (SDN) to programmable data planes such as P4-based SDN. To support the functionality of the SDN, the correct view of ...

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences

SIN '17: Proceedings of the 10th International Conference on Security of Information and Networks

October 2017

321 pages

ISBN:9781450353038

DOI:10.1145/3136825

General Chairs:
Rajveer Singh Shekhawat
Manipal University Jaipur, India
,
M. S. Gaur
IIT Jammu, India
,
Atilla Elci
Aksaray University, Turkey
,
Jaideep Vaidya
Rutgers University
,
Oleg Makarevich
Southern Federal University, Russia
,
Ron Poet
University of Glasgow, UK
,
Mehmet Orgun
McQuarie Univ, Australia
,
Vijaypal S. Dhaka
Manipal University Jaipur, India
,
Manoj K. Bohra
Manipal University Jaipur, India
,
Virender Singh
IIT Bombay, India
,
Ludmila Babenko
Southern Federal University, Russia
,
Naghmeh M. Sheykhkanloo
Napier University, UK
,
Behnam Rahnama
Medis Inc., Iran

Copyright © 2017 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 13 October 2017

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

SIN '17

SIN '17: Security of Information and Networks

October 13 - 15, 2017

Jaipur, India

Acceptance Rates

Overall Acceptance Rate 102 of 289 submissions, 35%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

10
Total Citations
View Citations
270
Total Downloads

Downloads (Last 12 months)9
Downloads (Last 6 weeks)0

Reflects downloads up to 01 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

Chaganti RSuliman WRavi VDua A(2023)Deep Learning Approach for SDN-Enabled Intrusion Detection System in IoT NetworksInformation10.3390/info1401004114:1(41)Online publication date: 9-Jan-2023
https://doi.org/10.3390/info14010041
Soltani SShojafar MMostafaei HTafazolli R(2023)Real-Time Link Verification in Software-Defined NetworksIEEE Transactions on Network and Service Management10.1109/TNSM.2023.323869120:3(3596-3611)Online publication date: Sep-2023
https://doi.org/10.1109/TNSM.2023.3238691
Kong DShen YChen XCheng QLiu HZhang DLiu XChen SWu C(2023)Combination Attacks and Defenses on SDN Topology DiscoveryIEEE/ACM Transactions on Networking10.1109/TNET.2022.320356131:2(904-919)Online publication date: Apr-2023
https://doi.org/10.1109/TNET.2022.3203561
Karnani SAgrawal NKumar R(2023)A comprehensive survey on low-rate and high-rate DDoS defense approaches in SDN: taxonomy, research challenges, and opportunitiesMultimedia Tools and Applications10.1007/s11042-023-16781-083:12(35253-35306)Online publication date: 29-Sep-2023
https://doi.org/10.1007/s11042-023-16781-0
Soltani SShojafar MMostafaei HPooranian ZTafazolli R(2021)Link Latency Attack in Software-Defined Networks2021 17th International Conference on Network and Service Management (CNSM)10.23919/CNSM52442.2021.9615598(187-193)Online publication date: 25-Oct-2021
https://doi.org/10.23919/CNSM52442.2021.9615598
TOK MDEMİRCİ M(2021)Yazılım Tanımlı Ağlarda Bağlantı Katmanı Keşif Protokolünün İstismarına Dayalı Topoloji Zehirleme Saldırılarının İncelenmesiUludağ University Journal of The Faculty of Engineering10.17482/uumfd.769939(589-608)Online publication date: 23-Aug-2021
https://doi.org/10.17482/uumfd.769939
Fatima KZahoor KZakaria Bawany N(2021)SDN Control Plane Security: Attacks and Mitigation TechniquesProceedings of the 4th International Conference on Networking, Information Systems & Security10.1145/3454127.3456612(1-6)Online publication date: 1-Apr-2021
https://dl.acm.org/doi/10.1145/3454127.3456612
Hua JZhou ZZhong S(2021)Flow Misleading: Worm-Hole Attack in Software-Defined Networking via Building In-Band Covert ChannelIEEE Transactions on Information Forensics and Security10.1109/TIFS.2020.301309316(1029-1043)Online publication date: 2021
https://doi.org/10.1109/TIFS.2020.3013093
Huang XShi PLiu YXu F(2020)Towards trusted and efficient SDN topology discoveryComputer Networks: The International Journal of Computer and Telecommunications Networking10.1016/j.comnet.2020.107119170:COnline publication date: 1-Jul-2020
https://dl.acm.org/doi/10.1016/j.comnet.2020.107119
Ja’fari FMostafavi SMizanian KJafari E(2020)An intelligent botnet blocking approach in software defined networks using honeypotsJournal of Ambient Intelligence and Humanized Computing10.1007/s12652-020-02461-6Online publication date: 14-Aug-2020
https://doi.org/10.1007/s12652-020-02461-6

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten