Visible to the public Alleviating Eavesdropping Attacks in Software-defined Networking Data Plane

Submitted by K_Hooper on Wed, 05/09/2018 - 10:53am
TitleAlleviating Eavesdropping Attacks in Software-defined Networking Data Plane
Publication TypeConference Paper
Year of Publication2017
AuthorsAseeri, Ahmad, Netjinda, Nuttapong, Hewett, Rattikorn
Conference NameProceedings of the 12th Annual Conference on Cyber and Information Security Research
PublisherACM
Conference LocationNew York, NY, USA
ISBN Number978-1-4503-4855-3
Keywordsanti-eavesdropping, multipath routing, OpenFlow, pubcrawl, Resiliency, Scalability, SDN, SDN security
AbstractSoftware-Defined Networking (SDN) is an emerging paradigm that introduces a concept of programmable networks to enhance the agility in networking management. By separating concerns of the data plane and the control plane, implementing network switching as packet forwarding, and using centralized software to logically control the entire networks, SDN makes it simpler to automate and configure the network to respond to high-level policy enforcement and dynamically changing network conditions. As SDN becomes more prevalent, its security issues are increasingly critical. Eaves-dropping attacks are one of the most common and important network attacks because they are relatively easy to implement and their effects can escalate to more severe attacks. This paper addresses the issue of how to cope with eavesdropping attacks in the SDN data plane by using multiple routing paths to reduce the severity of data leakage. While this existing approach appears to be considerably effective, our simple analysis uncovers that without a proper strategy of data communication, it can still lead to 100% of data exposure. The paper describes a remedy along with illustrations both analytically and experimentally. The results show that our proposed remedy can avoid such catastrophe and further reduces the percentage of risk from data exposure approximately by a factor of 1/n where n is the number of alternate disjoint paths.
URLhttp://doi.acm.org/10.1145/3064814.3064832
DOI10.1145/3064814.3064832
Citation Keyaseeri_alleviating_2017
Groups: