ATTAIN: An Attack Injection Framework for Software-Defined Networking

被引：11

作者：

Ujcich, Benjamin E. ^{[1
,2
]}

Thakore, Uttam ^{[1
,3
]}

Sanders, William H. ^{[1
,2
]}

机构：

[1] Univ Illinois, Informat Trust Inst, Urbana, IL 61801 USA

[2] Univ Illinois, Dept Elect & Comp Engn, Urbana, IL 61801 USA

[3] Univ Illinois, Dept Comp Sci, Urbana, IL USA

来源：

2017 47TH ANNUAL IEEE/IFIP INTERNATIONAL CONFERENCE ON DEPENDABLE SYSTEMS AND NETWORKS (DSN) | 2017年

关键词：

D O I：

10.1109/DSN.2017.59

中图分类号：

TP3 [计算技术、计算机技术];

学科分类号：

0812 ;

摘要：

Software-defined networking (SDN) has recently attracted interest as a way to provide cyber resiliency because of its programmable and logically centralized nature. However, the security of the SDN architecture itself against malicious attacks is not well understood and must be ensured in order to provide cyber resiliency to systems that use SDNs. In this paper, we present ATTAIN, an attack injection framework for OpenFlow-based SDN architectures. First, we define an attack model that relates system components to an attacker's capability to influence control plane behavior. Second, we define an attack language for writing control plane attacks that can be used to evaluate SDN implementations. Third, we describe an attack injector architecture that actuates attacks in networks. Finally, we evaluate our framework with an enterprise network case study by writing and running attacks with popular SDN controllers.

引用

页码：567 / 578

页数：12

共 50 条

[1] Verification Framework for Software-Defined Networking
Kang, Miyoung
Cho, Jong Jin
[J]. 2022 24TH INTERNATIONAL CONFERENCE ON ADVANCED COMMUNICATION TECHNOLOGY (ICACT): ARITIFLCIAL INTELLIGENCE TECHNOLOGIES TOWARD CYBERSECURITY, 2022, : 518 - 523
[2] Software-Defined Networking
Kirkpatrick, Keith
[J]. COMMUNICATIONS OF THE ACM, 2013, 56 (09) : 16 - 19
[3] Software-defined networking
Greene, Kate
[J]. Technology Review, 2009, 112 (02)
[4] Software-Defined Networking
Zhili Sun
Jiandong Li
Kun Yang
[J]. ZTE Communications, 2014, 12 (02) : 1 - 2
[5] HTTP DDoS flooding attack mitigation in software-defined networking
Park, Sungho
Kim, Youngjun
Choi, Hyungoo
Kyung, Yeunwoong
Park, Jinwoo
[J]. IEICE Transactions on Information and Systems, 2021, E104D (09) : 1496 - 1499
[6] HTTP DDoS Flooding Attack Mitigation in Software-Defined Networking
Park, Sungho
Kim, Youngjun
Choi, Hyungoo
Kyung, Yeunwoong
Park, Jinwoo
[J]. IEICE TRANSACTIONS ON INFORMATION AND SYSTEMS, 2021, E104D (09): : 1496 - 1499
[7] Mitigating the Table-Overflow Attack in Software-Defined Networking
Xu, Tong
Gao, Deyun
Dong, Ping
Foh, Chuan Heng
Zhang, Hongke
[J]. IEEE TRANSACTIONS ON NETWORK AND SERVICE MANAGEMENT, 2017, 14 (04): : 1086 - 1097
[8] Identification and predication of network attack patterns in software-defined networking
Xu, Xiaojun
Wang, Shuliang
Li, Ying
[J]. PEER-TO-PEER NETWORKING AND APPLICATIONS, 2019, 12 (02) : 337 - 347
[9] Identification and predication of network attack patterns in software-defined networking
Xiaojun Xu
Shuliang Wang
Ying Li
[J]. Peer-to-Peer Networking and Applications, 2019, 12 : 337 - 347
[10] A Framework for Threats Analysis Using Software-Defined Networking
Moldovan, Francisc
Oprisa, Ciprian
[J]. 2018 IEEE 14TH INTERNATIONAL CONFERENCE ON INTELLIGENT COMPUTER COMMUNICATION AND PROCESSING (ICCP), 2018, : 451 - 457

← 1 2 3 4 5 →