| Title | Detecting Compromised Switches And Middlebox-Bypass Attacks In Service Function Chaining |
| Publication Type | Conference Paper |
| Year of Publication | 2019 |
| Authors | Thang, Nguyen Canh, Park, Minho |
| Conference Name | 2019 29th International Telecommunication Networks and Applications Conference (ITNAC) |
| Date Published | nov |
| Keywords | Chained Attacks, Compromised Switches, computer network security, middlebox-bypass attack, probe-based methods, pubcrawl, Resiliency, Scalability, service function chaining, Service Function Chaining (SFC), SFC, statistical analysis, statistics-based methods |
| Abstract | Service Function Chaining (SFC) provides a special capability that defines an ordered list of network services as a virtual chain and makes a network more flexible and manageable. However, SFC is vulnerable to various attacks caused by compromised switches, especially the middlebox-bypass attack. In this paper, we propose a system that can detect not only middlebox-bypass attacks but also other incorrect forwarding actions by compromised switches. The existing solutions to protect SFC against compromised switches and middlebox-bypass attacks can only solve individual problems. The proposed system uses both probe-based and statistics-based methods to check the probe packets with random pre-assigned keys and collect statistics from middleboxes for detecting any abnormal actions in SFC. It is shown that the proposed system takes only 0.08 ms for the packet processing while it prevents SFC from the middlebox-bypass attacks and compromised switches, which is the negligible delay. |
| DOI | 10.1109/ITNAC46935.2019.9077969 |
| Citation Key | thang_detecting_2019 |
Detecting Compromised Switches And Middlebox-Bypass Attacks In Service Function Chaining