Effective Topology Tampering Attacks and Defenses in Software-Defined Networks

被引：52

作者：

Skowyra, Richard ^{[1
]}

Xu, Lei ^{[2
]}

Gu, Guofei ^{[2
]}

Dedhia, Veer ^{[1
]}

Hobson, Thomas ^{[1
]}

Okhravi, Hamed ^{[1
]}

Landry, James ^{[1
]}

机构：

[1] MIT, Lincoln Lab, 244 Wood St, Lexington, MA 02173 USA

[2] Texas A&M Univ, College Stn, TX USA

来源：

2018 48TH ANNUAL IEEE/IFIP INTERNATIONAL CONFERENCE ON DEPENDABLE SYSTEMS AND NETWORKS (DSN) | 2018年

基金：

美国国家科学基金会;

关键词：

D O I：

10.1109/DSN.2018.00047

中图分类号：

TP301 [理论、方法];

学科分类号：

081202 ;

摘要：

As Software-Defined Networking has gained increasing prominence, new attacks have been demonstrated which can corrupt the SDN controller's view of network topology. These topology poisoning attacks, most notably host-location hijacking and link fabrication attacks, enable adversaries to impersonate end-hosts or inter-switch links in order to monitor, corrupt, or drop network flows. In response, defenses have been developed to detect such attacks and raise an alert. In this paper, we analyze two such defenses, TopoGuard and Sphinx, and present two new attacks, Port Probing and Port Amnesia, that can successfully bypass them. We then develop and present extensions to TopoGuard to make it resilient to such attacks.

引用

页码：374 / 385

页数：12

共 50 条

[21] Misreporting Attacks in Software-Defined Networking
Burke, Quinn
McDaniel, Patrick
La Porta, Thomas
Yu, Mingli
He, Ting
[J]. SECURITY AND PRIVACY IN COMMUNICATION NETWORKS (SECURECOMM 2020), PT I, 2020, 335 : 276 - 296
[22] Performance Analysis of Software-Defined Networks to Mitigate Private VLAN Attacks
Alvarez, David
Nuno, Pelayo
Gonzalez, Carlos T.
Bulnes, Francisco G.
Granda, Juan C.
Garcia-Carrillo, Dan
[J]. SENSORS, 2023, 23 (04)
[23] Detection and defense against network isolation attacks in software-defined networks
Yu, Zhipeng
Zhu, Hui
Xiao, Rui
Song, Chao
Dong, Jian
Li, Hui
[J]. TRANSACTIONS ON EMERGING TELECOMMUNICATIONS TECHNOLOGIES, 2021, 32 (05)
[24] Attacking Network Isolation in Software-Defined Networks: New attacks and Countermeasures
Xiao, Rui
Zhu, Hui
Song, Chao
Liu, Ximeng
Dong, Jian
Li, Hui
[J]. 2018 27TH INTERNATIONAL CONFERENCE ON COMPUTER COMMUNICATION AND NETWORKS (ICCCN), 2018,
[25] DoSGuard: Mitigating Denial-of-Service Attacks in Software-Defined Networks
Li, Jishuai
Tu, Tengfei
Li, Yongsheng
Qin, Sujuan
Shi, Yijie
Wen, Qiaoyan
[J]. SENSORS, 2022, 22 (03)
[26] Denial of Service Attacks Detection in Software-Defined Wireless Sensor Networks
Nunez Segura, Gustavo A.
Skaperas, Sotiris
Chorti, Arsenia
Mamatas, Lefteris
Margi, Cintia Borges
[J]. 2020 IEEE INTERNATIONAL CONFERENCE ON COMMUNICATIONS WORKSHOPS (ICC WORKSHOPS), 2020,
[27] Preventing Timing Side-Channel Attacks in Software-Defined Networks
Shoaib, Faizan
Chow, Yang-Wai
Vlahu-Gjorgievska, Elena
[J]. 2021 IEEE ASIA-PACIFIC CONFERENCE ON COMPUTER SCIENCE AND DATA ENGINEERING (CSDE), 2021,
[28] Automated Controller Placement for Software-Defined Networks to Resist DDoS Attacks
Haque, Muhammad Reazul
Tan, Saw Chin
Yusoff, Zulfadzli
Nisar, Kashif
Kwang, Lee Ching
Kaspin, Rizaludin
Chowdhry, Bhawani Shankar
Buyya, Rajkumar
Majumder, Satya Prasad
Gupta, Manoj
Memon, Shuaib
[J]. CMC-COMPUTERS MATERIALS & CONTINUA, 2021, 68 (03): : 3147 - 3165
[29] Protecting Software-Defined Enterprise Networks from Packet Injection Attacks
ul Huque, Tanvir
den Hartog, Frank
[J]. PROCEEDINGS OF THE IEEE 46TH CONFERENCE ON LOCAL COMPUTER NETWORKS (LCN 2021), 2021, : 287 - 292
[30] Poisoning Network Visibility in Software-Defined Networks: New Attacks and Countermeasures
Hong, Sungmin
Xu, Lei
Wang, Haopei
Gu, Guofei
[J]. 22ND ANNUAL NETWORK AND DISTRIBUTED SYSTEM SECURITY SYMPOSIUM (NDSS 2015), 2015,

← 1 2 3 4 5 →