Abstract
The new paradigm of Software-Defined Networking (SDN) enables exciting new functionality for building networks. Its core component is the so called SDN controller (also termed network operating system). An SDN controller is logically centralized and crucially important, thus, exploiting it can significantly harm SDN-based networks. As recent work considers only flaws and rudimentary malicious logic inside SDN applications, we focus on rootkit techniques which enable attackers to subvert network operating systems. We present two prototype implementations: a SDN rootkit for the industry’s leading open source controller OpenDaylight as well as a version with basic rootkit functions for the commercial and non-OpenDaylight-based HP controller. Our SDN rootkit is capable of actively hiding itself and malicious network programming as well as providing remote access. Since OpenDaylight intends to establish a reference framework for network operating systems (both open source and commercial), our work demonstrates potential threats for a wide range of network operating systems.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Ali, S.T., Sivaraman, V., Radford, A., Jha, S.: A Survey of Securing Networks using Software Defined Networking. To appear in IEEE Transactions on Reliability
Bodden, E., Sewe, A., Sinschek, J., Oueslati, H., Mezini, M.: Taming reflection: aiding static analysis in the presence of reflection and custom class loaders. In: International Conference on Software Engineering, ICSE (2011)
Canini, M., Venzano, D., Peresini, P., Kostic, D., Rexford, J.: A NICE way to test openflow applications. In: USENIX Symposium on Networked Systems Design and Implementation (2012)
Cisco. Extensible Network Controller. www.cisco.com/c/en/us/products/collateral/cloud-systems-management/extensible-network-controller-xnc/data_sheet_c78-729453.html
Dhawan, M., Poddar, R., Mahajan, K., Mann, V.: SPHINX: detecting security attacks in software-defined networks. In: Symposium on Network and Distributed System Security (2015)
Feamster, N., Rexford, J., Zegura, E.: The Road to SDN. In: ACM Queue: Tomorrow’s Computing Today (2013)
Floodlight. www.floodlight.openflowhub.org
Gude, N., Koponen, T., Pettit, J., Pfaff, B., Casado, M., McKeown, N., Shenker, S.: NOX: towards an operating system for networks. In: ACM SIGCOMM Computer Communication Review (2008)
Hewlett-Packard. HP VAN SDN Controller. www.hp.com
Hewlett-Packard: HP Open Ecosystem Breaks Down Barriers to Software-Defined Networking (2013). www.hp.com
Hölzle, U.: OpenFlow @ Google. Open Networking Summit (2012)
Hong, S., Xu, L., Wang, H., Gu, G.: Poisoning network visibility in software-defined networks: new attacks and countermeasures. In: Symposium on Network and Distributed System Security (2015)
Kazemian, P., Chang, M., Zeng, H., Varghese, G., McKeown, N., Whyte, S.: Real time network policy checking using header space analysis. In: USENIX Symposium on Networked Systems Design and Implementation (2013)
Khurshid, A., Zhou, W., Caesar, M., Godfrey, P.: VeriFlow: verifying network-wide invariants in real time. In: USENIX Symposium on Networked Systems Design and Implementation (2013)
Kreutz, D., Ramos, F., Verissimo, P.: Towards secure and dependable software-defined networks. In: ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking (2013)
Kreutz, D., Ramos, F.M., Verissimo, P., Rothenberg, C.E., Azodolmolky, S., Uhlig, S.: Software-defined networking: a comprehensive survey. In: Proceedings of the IEEE (2015)
Lantz, B., Heller, B., McKeown, N.: A network in a laptop: rapid prototyping for software-defined networks. In: ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking (2010)
Livshits, B., Whaley, J., Lam, M.S.: Reflection analysis for java. In: Yi, K. (ed.) APLAS 2005. LNCS, vol. 3780, pp. 139–160. Springer, Heidelberg (2005)
McKeown, N., Anderson, T., Balakrishnan, H., Parulkar, G., Peterson, L., Rexford, J., Shenker, S.,Turner, J.: OpenFlow: enabling innovation in campus networks. In: ACM SIGCOMM Computer Communication Review (2008)
Networks, J.: Whats behind network downtime? (2008). www-935.ibm.com/services/au/gts/pdf/200249.pdf
McKeown, N.: How SDN will shape networking. Open Networking Summit (2011)
Nunes, B.A.A., Mendonca, M., Nguyen, X.-N., Obraczka, K., Turletti, T.: A survey of software-defined networking: past, present, and future of programmable networks. In: IEEE Communications Surveys & Tutorials (2014)
ONF. Open Networking Foundation. www.opennetworking.org
ONOS. Open Network Operating System. http://onosproject.org/
Open Networking Foundation: Software-Defined Networking: The New Norm for Networks. White paper, Open Networking Foundation (2012)
Oracle. Sun Alert 1000560.1. www.oracle.com (last update in 2008)
Oracle. Sun Alert 1000148.1. www.oracle.com, (last update in 2010)
Porras, P., Cheung, S., Fong, M., Skinner, K., Yegneswaran, V.: Securing the software-defined network control layer. In: Symposium on Network and Distributed System Security (2015)
Porras, P., Shin, S., Yegneswaran, V., Fong, M., Tyson, M., Gu, G.: A security enforcement kernel for openflow networks. In: ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking (2012)
Röpke, C., Holz, T.: Retaining control over sdn network services. In: International Conference on Networked Systems (2015)
Shin, S., Porras, P., Yegneswaran, V., Fong, M., Gu, G., Tyson, M.: FRESCO: modular composable security services for software-defined networks. In: Symposium on Network and Distributed System Security (2013)
Shin, S., Song, Y., Lee, T., Lee, S., Chung, J., Porras, P., Yegneswaran, V., Noh, J., Kang, B.B.: Rosemary: a robust, secure, and high-performance network operating system. In: ACM SIGSAC Conference on Computer and Communications Security (2014)
Shin, S., Yegneswaran, V., Porras, P., Gu, G.: AVANT-GUARD: scalable and vigilant switch flow management in software-defined networks. In: ACM Conference on Computer and Communications Security (2013)
Vogl, S., Gawlik, R., Garmany, B., Kittel, T., Pfoh, J., Eckert, C., Holz, T.: Dynamic hooks: hiding control flow changes within non-control data. In: USENIX Security Symposium (2014)
Wen, X., Chen, Y., Hu, C., Shi, C., Wang, Y.: Towards a secure controller platform for OpenFlow applications. In: ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking (2013)
Acknowledgments
This work has been supported by the German Federal Ministry of Education and Research (BMBF) under support code 01BP12300A; EUREKA-Project SASER.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Röpke, C., Holz, T. (2015). SDN Rootkits: Subverting Network Operating Systems of Software-Defined Networks. In: Bos, H., Monrose, F., Blanc, G. (eds) Research in Attacks, Intrusions, and Defenses. RAID 2015. Lecture Notes in Computer Science(), vol 9404. Springer, Cham. https://doi.org/10.1007/978-3-319-26362-5_16
Download citation
DOI: https://doi.org/10.1007/978-3-319-26362-5_16
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-26361-8
Online ISBN: 978-3-319-26362-5
eBook Packages: Computer ScienceComputer Science (R0)