skip to main content
10.1145/3050220.3060599acmconferencesArticle/Chapter ViewAbstractPublication PagescommConference Proceedingsconference-collections
short-paper

Adversarial Network Forensics in Software Defined Networking: Demo

Published: 03 April 2017 Publication History

Abstract

The essential part of an SDN-based network are flow rules that enable network elements to steer and control the traffic and deploy policy enforcement points with a fine granularity at any entry-point in a network. Such applications, implemented with the usage of OpenFlow rules, are already integral components of widely used SDN controllers such as Floodlight or OpenDayLight. The implementation details of network policies are reflected in the composition of flow rules and leakage of such information provides adversaries with a significant attack advantage such as bypassing Access Control Lists (ACL), reconstructing the resource distribution of Load Balancers or revealing of Moving Target Defense techniques.
In this demo [4, 5] we present our open-source scanner SDNMap and demonstrate the findings discussed in the paper "Adversarial Network Forensics in Software Defined Networking" [6]. On two real world examples, Floodlight's Access Control Lists (ACL) and Floodlight's Load Balancer (LBaaS), we show that severe security issues arise with the ability to reconstruct the details of OpenFlow rules on the data-plane.

References

[1]
Floodlight lbaas. http://bit.ly/2d6gKUY.
[2]
Floodlight sdn controller. http://www.projectfloodlight.org/floodlight/.
[3]
Sdnmap repo. https://github.com/SDNMap.
[4]
Video acl. https://youtu.be/rTMYvoRFc0U.
[5]
Video lbaas. https://youtu.be/9v7mjMrkxHk.
[6]
Achleitner, S., Laporta, T., Jaeger, T., and Mcdaniel, P. Adversarial network forensics in software defined networking. In ACM Symposium on SDN Research (SOSR 2017).

Cited By

View all
  • (2023)Host-Based Flow Table Size Inference in Multi-Hop SDNGLOBECOM 2023 - 2023 IEEE Global Communications Conference10.1109/GLOBECOM54140.2023.10436907(25-30)Online publication date: 4-Dec-2023

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
SOSR '17: Proceedings of the Symposium on SDN Research
April 2017
211 pages
ISBN:9781450349475
DOI:10.1145/3050220
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 03 April 2017

Permissions

Request permissions for this article.

Check for updates

Qualifiers

  • Short-paper
  • Research
  • Refereed limited

Funding Sources

  • U.S. Army Research Laboratory Cyber Security Collaborative Research Alliance

Conference

SOSR '17
Sponsor:
SOSR '17: Symposium on SDN Research
April 3 - 4, 2017
CA, Santa Clara, USA

Acceptance Rates

Overall Acceptance Rate 7 of 43 submissions, 16%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)1
  • Downloads (Last 6 weeks)1
Reflects downloads up to 06 Jan 2025

Other Metrics

Citations

Cited By

View all
  • (2023)Host-Based Flow Table Size Inference in Multi-Hop SDNGLOBECOM 2023 - 2023 IEEE Global Communications Conference10.1109/GLOBECOM54140.2023.10436907(25-30)Online publication date: 4-Dec-2023

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Media

Figures

Other

Tables

Share

Share

Share this Publication link

Share on social media