Unveiling SDN Controller Identity through Timing Side Channel

Software-defined networking (SDN) has revolutionized the landscape of network management by decoupling control and data planes and becoming the backbone of many IT infrastructures including data centers, cloud computing, and enterprise networks. At the same time, however, the control plane has becom...

Full description

Saved in:
Bibliographic Details
Main Authors: Kyung, Sukwha, Baek, Jaejong, Ahn, Gail-Joon
Format: Conference Proceeding
Language:English
Subjects:
Accuracy
Artificial neural networks
Centralized control
Cloud computing
Data centers
Fingerprint recognition
Noise
Prevention and mitigation
Software defined networking
Timing
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
cited_by
cites
container_end_page 177
container_issue
container_start_page 169
container_title
container_volume
creator Kyung, Sukwha
Baek, Jaejong
Ahn, Gail-Joon
description Software-defined networking (SDN) has revolutionized the landscape of network management by decoupling control and data planes and becoming the backbone of many IT infrastructures including data centers, cloud computing, and enterprise networks. At the same time, however, the control plane has become a prime target for adversaries due to its critical role in network operations and centralized control functions. In this paper, we demonstrate how to discover the identity of different SDN controllers, which could be leveraged for more sophisticated attacks by adversaries. Our approach adopts a timing-based side channel and deep neural networks (DNN). To achieve this, we analyze real-world SDN traffic in a research computing center and accurately identify the controllers, minimizing the impact of random noise. Despite various factors that influence controller behaviors, our fingerprinting approach achieves an average accuracy of more than 90%. Lastly, the mitigation strategies are also discussed.
doi_str_mv 10.1109/NoF62948.2024.10741434
format conference_proceeding
fullrecord <record><control><sourceid>ieee_CHZPO</sourceid><recordid>TN_cdi_ieee_primary_10741434</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>10741434</ieee_id><sourcerecordid>10741434</sourcerecordid><originalsourceid>FETCH-ieee_primary_107414343</originalsourceid><addsrcrecordid>eNqFjr0KwjAYAKMgWLRvIJIXaP3yU9MOTtWiSxfrLAU_20hMJY1C314QnZ1uuBuOkCWDmDHIVmVXrHkm05gDlzEDJZkUckTCTGWpSEAopdZqTAKeChEBKD4lYd_fAEBwkEwkAdmc7Au10bahx21J88561xmDjh4uaL32A_Wt655NSyt9_2T6gjRva2vRzMnkWpsewy9nZFHsqnwfaUQ8P5y-1244_87EH_0GNgg7OA</addsrcrecordid><sourcetype>Publisher</sourcetype><iscdi>true</iscdi><recordtype>conference_proceeding</recordtype></control><display><type>conference_proceeding</type><title>Unveiling SDN Controller Identity through Timing Side Channel</title><source>IEEE Xplore All Conference Series</source><creator>Kyung, Sukwha ; Baek, Jaejong ; Ahn, Gail-Joon</creator><creatorcontrib>Kyung, Sukwha ; Baek, Jaejong ; Ahn, Gail-Joon</creatorcontrib><description>Software-defined networking (SDN) has revolutionized the landscape of network management by decoupling control and data planes and becoming the backbone of many IT infrastructures including data centers, cloud computing, and enterprise networks. At the same time, however, the control plane has become a prime target for adversaries due to its critical role in network operations and centralized control functions. In this paper, we demonstrate how to discover the identity of different SDN controllers, which could be leveraged for more sophisticated attacks by adversaries. Our approach adopts a timing-based side channel and deep neural networks (DNN). To achieve this, we analyze real-world SDN traffic in a research computing center and accurately identify the controllers, minimizing the impact of random noise. Despite various factors that influence controller behaviors, our fingerprinting approach achieves an average accuracy of more than 90%. Lastly, the mitigation strategies are also discussed.</description><identifier>EISSN: 2833-0072</identifier><identifier>EISBN: 9798350377767</identifier><identifier>DOI: 10.1109/NoF62948.2024.10741434</identifier><language>eng</language><publisher>IEEE</publisher><subject>Accuracy ; Artificial neural networks ; Centralized control ; Cloud computing ; Data centers ; Fingerprint recognition ; Noise ; Prevention and mitigation ; Software defined networking ; Timing</subject><ispartof>International Conference on the Network of the Future (Online), 2024, p.169-177</ispartof><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/10741434$$EHTML$$P50$$Gieee$$H</linktohtml><link.rule.ids>309,310,780,784,789,790,27925,54555,54932</link.rule.ids><linktorsrc>$$Uhttps://ieeexplore.ieee.org/document/10741434$$EView_record_in_IEEE$$FView_record_in_$$GIEEE</linktorsrc></links><search><creatorcontrib>Kyung, Sukwha</creatorcontrib><creatorcontrib>Baek, Jaejong</creatorcontrib><creatorcontrib>Ahn, Gail-Joon</creatorcontrib><title>Unveiling SDN Controller Identity through Timing Side Channel</title><title>International Conference on the Network of the Future (Online)</title><addtitle>NoF</addtitle><description>Software-defined networking (SDN) has revolutionized the landscape of network management by decoupling control and data planes and becoming the backbone of many IT infrastructures including data centers, cloud computing, and enterprise networks. At the same time, however, the control plane has become a prime target for adversaries due to its critical role in network operations and centralized control functions. In this paper, we demonstrate how to discover the identity of different SDN controllers, which could be leveraged for more sophisticated attacks by adversaries. Our approach adopts a timing-based side channel and deep neural networks (DNN). To achieve this, we analyze real-world SDN traffic in a research computing center and accurately identify the controllers, minimizing the impact of random noise. Despite various factors that influence controller behaviors, our fingerprinting approach achieves an average accuracy of more than 90%. Lastly, the mitigation strategies are also discussed.</description><subject>Accuracy</subject><subject>Artificial neural networks</subject><subject>Centralized control</subject><subject>Cloud computing</subject><subject>Data centers</subject><subject>Fingerprint recognition</subject><subject>Noise</subject><subject>Prevention and mitigation</subject><subject>Software defined networking</subject><subject>Timing</subject><issn>2833-0072</issn><isbn>9798350377767</isbn><fulltext>true</fulltext><rsrctype>conference_proceeding</rsrctype><creationdate>2024</creationdate><recordtype>conference_proceeding</recordtype><sourceid>6IE</sourceid><recordid>eNqFjr0KwjAYAKMgWLRvIJIXaP3yU9MOTtWiSxfrLAU_20hMJY1C314QnZ1uuBuOkCWDmDHIVmVXrHkm05gDlzEDJZkUckTCTGWpSEAopdZqTAKeChEBKD4lYd_fAEBwkEwkAdmc7Au10bahx21J88561xmDjh4uaL32A_Wt655NSyt9_2T6gjRva2vRzMnkWpsewy9nZFHsqnwfaUQ8P5y-1244_87EH_0GNgg7OA</recordid><startdate>20241002</startdate><enddate>20241002</enddate><creator>Kyung, Sukwha</creator><creator>Baek, Jaejong</creator><creator>Ahn, Gail-Joon</creator><general>IEEE</general><scope>6IE</scope><scope>6IL</scope><scope>CBEJK</scope><scope>RIE</scope><scope>RIL</scope></search><sort><creationdate>20241002</creationdate><title>Unveiling SDN Controller Identity through Timing Side Channel</title><author>Kyung, Sukwha ; Baek, Jaejong ; Ahn, Gail-Joon</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-ieee_primary_107414343</frbrgroupid><rsrctype>conference_proceedings</rsrctype><prefilter>conference_proceedings</prefilter><language>eng</language><creationdate>2024</creationdate><topic>Accuracy</topic><topic>Artificial neural networks</topic><topic>Centralized control</topic><topic>Cloud computing</topic><topic>Data centers</topic><topic>Fingerprint recognition</topic><topic>Noise</topic><topic>Prevention and mitigation</topic><topic>Software defined networking</topic><topic>Timing</topic><toplevel>online_resources</toplevel><creatorcontrib>Kyung, Sukwha</creatorcontrib><creatorcontrib>Baek, Jaejong</creatorcontrib><creatorcontrib>Ahn, Gail-Joon</creatorcontrib><collection>IEEE Electronic Library (IEL) Conference Proceedings</collection><collection>IEEE Proceedings Order Plan All Online (POP All Online) 1998-present by volume</collection><collection>IEEE Xplore All Conference Proceedings</collection><collection>IEEE Xplore</collection><collection>IEEE Proceedings Order Plans (POP All) 1998-Present</collection></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext_linktorsrc</fulltext></delivery><addata><au>Kyung, Sukwha</au><au>Baek, Jaejong</au><au>Ahn, Gail-Joon</au><format>book</format><genre>proceeding</genre><ristype>CONF</ristype><atitle>Unveiling SDN Controller Identity through Timing Side Channel</atitle><btitle>International Conference on the Network of the Future (Online)</btitle><stitle>NoF</stitle><date>2024-10-02</date><risdate>2024</risdate><spage>169</spage><epage>177</epage><pages>169-177</pages><eissn>2833-0072</eissn><eisbn>9798350377767</eisbn><abstract>Software-defined networking (SDN) has revolutionized the landscape of network management by decoupling control and data planes and becoming the backbone of many IT infrastructures including data centers, cloud computing, and enterprise networks. At the same time, however, the control plane has become a prime target for adversaries due to its critical role in network operations and centralized control functions. In this paper, we demonstrate how to discover the identity of different SDN controllers, which could be leveraged for more sophisticated attacks by adversaries. Our approach adopts a timing-based side channel and deep neural networks (DNN). To achieve this, we analyze real-world SDN traffic in a research computing center and accurately identify the controllers, minimizing the impact of random noise. Despite various factors that influence controller behaviors, our fingerprinting approach achieves an average accuracy of more than 90%. Lastly, the mitigation strategies are also discussed.</abstract><pub>IEEE</pub><doi>10.1109/NoF62948.2024.10741434</doi></addata></record>
fulltext fulltext_linktorsrc
identifier EISSN: 2833-0072
ispartof International Conference on the Network of the Future (Online), 2024, p.169-177
issn 2833-0072
language eng
recordid cdi_ieee_primary_10741434
source IEEE Xplore All Conference Series
subjects Accuracy
Artificial neural networks
Centralized control
Cloud computing
Data centers
Fingerprint recognition
Noise
Prevention and mitigation
Software defined networking
Timing
title Unveiling SDN Controller Identity through Timing Side Channel
url http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-07T19%3A27%3A43IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-ieee_CHZPO&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.genre=proceeding&rft.atitle=Unveiling%20SDN%20Controller%20Identity%20through%20Timing%20Side%20Channel&rft.btitle=International%20Conference%20on%20the%20Network%20of%20the%20Future%20(Online)&rft.au=Kyung,%20Sukwha&rft.date=2024-10-02&rft.spage=169&rft.epage=177&rft.pages=169-177&rft.eissn=2833-0072&rft_id=info:doi/10.1109/NoF62948.2024.10741434&rft.eisbn=9798350377767&rft_dat=%3Cieee_CHZPO%3E10741434%3C/ieee_CHZPO%3E%3Cgrp_id%3Ecdi_FETCH-ieee_primary_107414343%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_id=info:pmid/&rft_ieee_id=10741434&rfr_iscdi=true