Abstract
Software-Defined Networking (SDN) is a networking technology that allows for the programming and efficient management of networks. Due to the separation of the data plane and the control plane, SDN is prone to timing side-channel attacks. The adversary can use timing information to obtain data about the network such as flow tables, routes, controller types, ports, and so on. The focus of current mitigation strategies for timing side-channel attacks is largely on minimizing them through network architectural changes. This adds considerable overhead to the SDNs and makes establishing the origin of the attack a challenge. In this paper, we propose a machine learning-based approach for detecting timing side-channel attacks and identifying their source in SDNs. We adopt the machine learning methodology for this solution since it delivers faster and more accurate output. As opposed to conventional methods, it can precisely detect timing side-channel activity in SDN and determine the attacker’s origin. Because this security solution is intended to be used in association with SDN, its architecture ensures that it has a low impact on network traffic and resource consumption. The overall design findings indicate that our method is effective in detecting timing side-channel attacks in SDN and accurately identifying the attacker’s machine.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Ahmad, I., Kumar, T., Liyanage, M., Okwuibe, J., Ylianttila, M., Gurtov, A.: Overview of 5g security challenges and solutions. IEEE Commun. Stand. Mag. 2(1), 36–43 (2018)
Arsalan, A., Rehman, R.A.: Prevention of timing attack in software defined named data network with vanets. In: 2018 International Conference on Frontiers of Information Technology (FIT), pp. 247–252. IEEE (2018)
Asadollahi, S., Goswami, B., Sameer, M.: Ryu controller’s scalability experiment on software defined networks. In: 2018 IEEE International Conference on Current Trends in Advanced Computing (ICCTAC), pp. 1–5. IEEE (2018)
Banker, K., Garrett, D., Bakkum, P., Verch, S.: MongoDB in action: covers MongoDB version 3.0. Simon and Schuster (2016)
Boukria, S., Guerroumi, M.: Intrusion detection system for SDN network using deep learning approach. In: 2019 International Conference on Theoretical and Applicative Aspects of Computer Science (ICTAACS), vol. 1, pp. 1–6. IEEE (2019)
Conti, M., De Gaspari, F., Mancini, L.V.: A novel stealthy attack to gather SDN configuration-information. IEEE Trans. Emerg. Top. Comput. 8(2), 328–340 (2018)
Dunlap, S., Butts, J., Lopez, J., Rice, M., Mullins, B.: Using timing-based side channels for anomaly detection in industrial control systems. Int. J. Crit. Infrastruct. Prot. 15, 12–26 (2016)
Hou, J., Zhang, M., Zhang, Z., Shi, W., Qin, B., Liang, B.: On the fine-grained fingerprinting threat to software-defined networks. Futur. Gener. Comput. Syst. 107, 485–497 (2020)
Karimi, E., Fei, Y., Kaeli, D.: Hardware/software obfuscation against timing side-channel attack on a GPU. In: 2020 IEEE International Symposium on Hardware Oriented Security and Trust (HOST), pp. 122–131. IEEE (2020)
Kaur, K., Singh, J., Ghumman, N.S.: Mininet as software defined networking testing platform. In: International Conference on Communication, Computing & Systems (ICCCS), pp. 139–42 (2014)
Liu, A., Chen, J.X., Wechsler, H., et al.: Real-time timing channel detection in an software-defined networking virtual environment. Intell. Inf. Manag. 7(06), 283 (2015)
Liu, S., Reiter, M.K., Sekar, V.: Flow reconnaissance via timing attacks on SDN switches. In: 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS), pp. 196–206. IEEE (2017)
Manu, B., Koundinya, A.K.: Intrusion tolerant architecture for SDN networks through flow monitoring. In: 2017 2nd International Conference on Computational Systems and Information Technology for Sustainable Solution (CSITSS), pp. 1–5. IEEE (2017)
Martins, J.S., Campos, M.B.: A security architecture proposal for detection and response to threats in SDN networks. In: 2016 IEEE ANDESCON, pp. 1–4. IEEE (2016)
Sahu, K., Kshirsagar, R., Vasudeva, S., Alzahrani, T., Karimian, N.: Leveraging timing side-channel information and machine learning for IoT security. In: 2021 IEEE International Conference on Consumer Electronics (ICCE), pp. 1–6. IEEE (2021)
Schnepf, N., Badonnel, R., Lahmadi, A., Merz, S.: Automated verification of security chains in software-defined networks with synaptic. In: 2017 IEEE Conference on Network Softwarization (NetSoft), pp. 1–9. IEEE (2017)
Schnepf, N., Badonnel, R., Lahmadi, A., Merz, S.: Synaptic: a formal checker for SDN-based security policies. In: NOMS 2018–2018 IEEE/IFIP Network Operations and Management Symposium, pp. 1–2. IEEE (2018)
Scott-Hayward, S., Natarajan, S., Sezer, S.: A survey of security in software defined networks. IEEE Commun. Surv. Tutor. 18(1), 623–654 (2015)
Sepulveda, M.J., Diguet, J.P., Strum, M., Gogniat, G.: NOC-based protection for SOC time-driven attacks. IEEE Embed. Syst. Lett. 7(1), 7–10 (2014)
Shoaib, F., Chow, Y.W., Vlahu-Gjorgievska, E.: Preventing timing side-channel attacks in software-defined networks. In: 2021 IEEE Asia-Pacific Conference on Computer Science and Data Engineering (CSDE), pp. 1–6 (2021). https://doi.org/10.1109/CSDE53843.2021.9718377
Wikipedia contributors. Random forest – Wikipedia, the free encyclopedia (2022). Accessed 15 Sep 2022
Yoon, C., et al.: Flow wars: systemizing the attack surface and defenses in software-defined networks. IEEE/ACM Trans. Netw. 25(6), 3514–3530 (2017)
Zhang, M., et al.: Control plane reflection attacks and defenses in software-defined networks. IEEE/ACM Trans. Netw. 29(2), 623–636 (2020)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Shoaib, F., Chow, YW., Vlahu-Gjorgievska, E., Nguyen, C. (2023). Using Machine Learning for Detecting Timing Side-Channel Attacks in SDN. In: You, I., Kim, H., Angin, P. (eds) Mobile Internet Security. MobiSec 2022. Communications in Computer and Information Science, vol 1644. Springer, Singapore. https://doi.org/10.1007/978-981-99-4430-9_13
Download citation
DOI: https://doi.org/10.1007/978-981-99-4430-9_13
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-99-4429-3
Online ISBN: 978-981-99-4430-9
eBook Packages: Computer ScienceComputer Science (R0)