Skip to main content
SpringerLink
Log in

Using Machine Learning for Detecting Timing Side-Channel Attacks in SDN

  • Conference paper
  • First Online:
Mobile Internet Security (MobiSec 2022)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 1644))

Included in the following conference series:

Abstract

Software-Defined Networking (SDN) is a networking technology that allows for the programming and efficient management of networks. Due to the separation of the data plane and the control plane, SDN is prone to timing side-channel attacks. The adversary can use timing information to obtain data about the network such as flow tables, routes, controller types, ports, and so on. The focus of current mitigation strategies for timing side-channel attacks is largely on minimizing them through network architectural changes. This adds considerable overhead to the SDNs and makes establishing the origin of the attack a challenge. In this paper, we propose a machine learning-based approach for detecting timing side-channel attacks and identifying their source in SDNs. We adopt the machine learning methodology for this solution since it delivers faster and more accurate output. As opposed to conventional methods, it can precisely detect timing side-channel activity in SDN and determine the attacker’s origin. Because this security solution is intended to be used in association with SDN, its architecture ensures that it has a low impact on network traffic and resource consumption. The overall design findings indicate that our method is effective in detecting timing side-channel attacks in SDN and accurately identifying the attacker’s machine.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 69.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 89.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Ahmad, I., Kumar, T., Liyanage, M., Okwuibe, J., Ylianttila, M., Gurtov, A.: Overview of 5g security challenges and solutions. IEEE Commun. Stand. Mag. 2(1), 36–43 (2018)

    Article  Google Scholar 

  2. Arsalan, A., Rehman, R.A.: Prevention of timing attack in software defined named data network with vanets. In: 2018 International Conference on Frontiers of Information Technology (FIT), pp. 247–252. IEEE (2018)

    Google Scholar 

  3. Asadollahi, S., Goswami, B., Sameer, M.: Ryu controller’s scalability experiment on software defined networks. In: 2018 IEEE International Conference on Current Trends in Advanced Computing (ICCTAC), pp. 1–5. IEEE (2018)

    Google Scholar 

  4. Banker, K., Garrett, D., Bakkum, P., Verch, S.: MongoDB in action: covers MongoDB version 3.0. Simon and Schuster (2016)

    Google Scholar 

  5. Boukria, S., Guerroumi, M.: Intrusion detection system for SDN network using deep learning approach. In: 2019 International Conference on Theoretical and Applicative Aspects of Computer Science (ICTAACS), vol. 1, pp. 1–6. IEEE (2019)

    Google Scholar 

  6. Conti, M., De Gaspari, F., Mancini, L.V.: A novel stealthy attack to gather SDN configuration-information. IEEE Trans. Emerg. Top. Comput. 8(2), 328–340 (2018)

    Article  Google Scholar 

  7. Dunlap, S., Butts, J., Lopez, J., Rice, M., Mullins, B.: Using timing-based side channels for anomaly detection in industrial control systems. Int. J. Crit. Infrastruct. Prot. 15, 12–26 (2016)

    Article  Google Scholar 

  8. Hou, J., Zhang, M., Zhang, Z., Shi, W., Qin, B., Liang, B.: On the fine-grained fingerprinting threat to software-defined networks. Futur. Gener. Comput. Syst. 107, 485–497 (2020)

    Article  Google Scholar 

  9. Karimi, E., Fei, Y., Kaeli, D.: Hardware/software obfuscation against timing side-channel attack on a GPU. In: 2020 IEEE International Symposium on Hardware Oriented Security and Trust (HOST), pp. 122–131. IEEE (2020)

    Google Scholar 

  10. Kaur, K., Singh, J., Ghumman, N.S.: Mininet as software defined networking testing platform. In: International Conference on Communication, Computing & Systems (ICCCS), pp. 139–42 (2014)

    Google Scholar 

  11. Liu, A., Chen, J.X., Wechsler, H., et al.: Real-time timing channel detection in an software-defined networking virtual environment. Intell. Inf. Manag. 7(06), 283 (2015)

    Google Scholar 

  12. Liu, S., Reiter, M.K., Sekar, V.: Flow reconnaissance via timing attacks on SDN switches. In: 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS), pp. 196–206. IEEE (2017)

    Google Scholar 

  13. Manu, B., Koundinya, A.K.: Intrusion tolerant architecture for SDN networks through flow monitoring. In: 2017 2nd International Conference on Computational Systems and Information Technology for Sustainable Solution (CSITSS), pp. 1–5. IEEE (2017)

    Google Scholar 

  14. Martins, J.S., Campos, M.B.: A security architecture proposal for detection and response to threats in SDN networks. In: 2016 IEEE ANDESCON, pp. 1–4. IEEE (2016)

    Google Scholar 

  15. Sahu, K., Kshirsagar, R., Vasudeva, S., Alzahrani, T., Karimian, N.: Leveraging timing side-channel information and machine learning for IoT security. In: 2021 IEEE International Conference on Consumer Electronics (ICCE), pp. 1–6. IEEE (2021)

    Google Scholar 

  16. Schnepf, N., Badonnel, R., Lahmadi, A., Merz, S.: Automated verification of security chains in software-defined networks with synaptic. In: 2017 IEEE Conference on Network Softwarization (NetSoft), pp. 1–9. IEEE (2017)

    Google Scholar 

  17. Schnepf, N., Badonnel, R., Lahmadi, A., Merz, S.: Synaptic: a formal checker for SDN-based security policies. In: NOMS 2018–2018 IEEE/IFIP Network Operations and Management Symposium, pp. 1–2. IEEE (2018)

    Google Scholar 

  18. Scott-Hayward, S., Natarajan, S., Sezer, S.: A survey of security in software defined networks. IEEE Commun. Surv. Tutor. 18(1), 623–654 (2015)

    Article  Google Scholar 

  19. Sepulveda, M.J., Diguet, J.P., Strum, M., Gogniat, G.: NOC-based protection for SOC time-driven attacks. IEEE Embed. Syst. Lett. 7(1), 7–10 (2014)

    Article  Google Scholar 

  20. Shoaib, F., Chow, Y.W., Vlahu-Gjorgievska, E.: Preventing timing side-channel attacks in software-defined networks. In: 2021 IEEE Asia-Pacific Conference on Computer Science and Data Engineering (CSDE), pp. 1–6 (2021). https://doi.org/10.1109/CSDE53843.2021.9718377

  21. Wikipedia contributors. Random forest – Wikipedia, the free encyclopedia (2022). Accessed 15 Sep 2022

    Google Scholar 

  22. Yoon, C., et al.: Flow wars: systemizing the attack surface and defenses in software-defined networks. IEEE/ACM Trans. Netw. 25(6), 3514–3530 (2017)

    Article  Google Scholar 

  23. Zhang, M., et al.: Control plane reflection attacks and defenses in software-defined networks. IEEE/ACM Trans. Netw. 29(2), 623–636 (2020)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Computing and Information Technology, University of Wollongong, Wollongong, Australia

    Faizan Shoaib, Yang-Wai Chow, Elena Vlahu-Gjorgievska & Chau Nguyen

Authors
  1. Faizan Shoaib
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yang-Wai Chow
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Elena Vlahu-Gjorgievska
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Chau Nguyen
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Faizan Shoaib .

Editor information

Editors and Affiliations

  1. Kookmin University, Seoul, Korea (Republic of)

    Ilsun You

  2. Sangmyung University, Cheonan-si, Korea (Republic of)

    Hwankuk Kim

  3. Middle East Technical University, Ankara, Türkiye

    Pelin Angin

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Shoaib, F., Chow, YW., Vlahu-Gjorgievska, E., Nguyen, C. (2023). Using Machine Learning for Detecting Timing Side-Channel Attacks in SDN. In: You, I., Kim, H., Angin, P. (eds) Mobile Internet Security. MobiSec 2022. Communications in Computer and Information Science, vol 1644. Springer, Singapore. https://doi.org/10.1007/978-981-99-4430-9_13

Download citation

  • DOI: https://doi.org/10.1007/978-981-99-4430-9_13

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-99-4429-3

  • Online ISBN: 978-981-99-4430-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation