Timing SDN Control Planes to Infer Network Configurations
| Title | Timing SDN Control Planes to Infer Network Configurations |
| Publication Type | Conference Paper |
| Year of Publication | 2016 |
| Authors | Sonchack, John, Aviv, Adam J., Keller, Eric |
| Conference Name | Proceedings of the 2016 ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization |
| Publisher | ACM |
| Conference Location | New York, NY, USA |
| ISBN Number | 978-1-4503-4078-6 |
| Keywords | control plane attack, inference attack, OpenFlow, pubcrawl, Resiliency, Scalability, SDN security, software defined networking |
| Abstract | In this paper, we study information leakage by control planes of Software Defined Networks. We find that the response time of an OpenFlow control plane depends on its workload, and we develop an inference attack that an adversary with control of a single host could use to learn about network configurations without needing to compromise any network infrastructure (i.e. switches or controller servers). We also demonstrate that our inference attack works on real OpenFlow hardware. To our knowledge, no previous work has evaluated OpenFlow inference attacks outside of simulation. |
| URL | http://doi.acm.org/10.1145/2876019.2876030 |
| DOI | 10.1145/2876019.2876030 |
| Citation Key | sonchack_timing_2016 |