Loading…

Fingerprinting Software-Defined Networks

In this paper, we study the feasibility of fingerprinting of controller-switch interactions in SDN networks by a remote adversary whose aim is to acquire knowledge about specific flow rules that are installed at the switches. This knowledge empowers the adversary with a better understanding of the n...

Full description

Saved in:
Bibliographic Details
Main Authors: Bifulco, Roberto, Heng Cui, Karame, Ghassan O., Klaedtke, Felix
Format: Conference Proceeding
Language:English
Subjects:
Citations: Items that cite this one
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:In this paper, we study the feasibility of fingerprinting of controller-switch interactions in SDN networks by a remote adversary whose aim is to acquire knowledge about specific flow rules that are installed at the switches. This knowledge empowers the adversary with a better understanding of the network's packet-forwarding logic and exposes the network to a number of threats. In our study, we collect measurements from hosts located across the globe using a realistic SDN network comprising of OpenFlow hardware switches. We show that, by leveraging information from the RTT and packet-pair dispersion of the exchanged packets, fingerprinting attacks on SDN networks succeed with overwhelming probability. We also show that these attacks are not restricted to active adversaries, but can be equally mounted by passive adversaries that only monitor traffic exchanged with the SDN network. Finally, we sketch an efficient countermeasure to strengthen SDN networks against fingerprinting.
ISSN:1092-1648
2643-3303
DOI:10.1109/ICNP.2015.26