Security analysis of forwarding strategies in network time measurements using Openflow

2016 11th International Conference for Internet Technology and Secured Transactions (ICITST) Pub Date : 2016-12-01 DOI:10.1109/ICITST.2016.7856686

Alex M. S. Orozco, C. V. Neu, Regio A. Michelin, A. Zorzo

{"title":"Security analysis of forwarding strategies in network time measurements using Openflow","authors":"Alex M. S. Orozco, C. V. Neu, Regio A. Michelin, A. Zorzo","doi":"10.1109/ICITST.2016.7856686","DOIUrl":null,"url":null,"abstract":"Reliable network time measurement tools are important to ensure that monitoring network systems work properly, but their development do not consider security as a concern and, for example, delay attacks could compromise those tools effectiveness. Indeed, nowadays the network time measurement is not always reliable. Some researches do propose to increase network time measurement reliability using Openflow. Nonetheless, those researches do not consider the impact of altering some of the Openflow controller algorithms in their analysis. On one hand, this paper investigates how the provided POX Openflow Controller packet forwarding strategies could be applied to compromise network time measurement reliability. On the other hand, this paper also shows that the way those strategies are applied could prevent against new attacks that need to trust on network time measurement. Therefore, some experiments were performed to show the impact of the POX packet forwarding algorithms on network time measurement, either to compromise or to help in protecting the network.","PeriodicalId":258740,"journal":{"name":"2016 11th International Conference for Internet Technology and Secured Transactions (ICITST)","volume":"73 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2016-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 11th International Conference for Internet Technology and Secured Transactions (ICITST)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICITST.2016.7856686","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 2

Abstract

Reliable network time measurement tools are important to ensure that monitoring network systems work properly, but their development do not consider security as a concern and, for example, delay attacks could compromise those tools effectiveness. Indeed, nowadays the network time measurement is not always reliable. Some researches do propose to increase network time measurement reliability using Openflow. Nonetheless, those researches do not consider the impact of altering some of the Openflow controller algorithms in their analysis. On one hand, this paper investigates how the provided POX Openflow Controller packet forwarding strategies could be applied to compromise network time measurement reliability. On the other hand, this paper also shows that the way those strategies are applied could prevent against new attacks that need to trust on network time measurement. Therefore, some experiments were performed to show the impact of the POX packet forwarding algorithms on network time measurement, either to compromise or to help in protecting the network.

查看原文本刊更多论文

基于Openflow的网络时间测量中转发策略的安全性分析

可靠的网络时间测量工具对于确保监视网络系统正常工作非常重要，但是它们的开发并没有考虑安全性，例如，延迟攻击可能会损害这些工具的有效性。事实上，目前的网络时间测量并不总是可靠的。一些研究提出使用Openflow来提高网络时间测量的可靠性。尽管如此，这些研究并没有在分析中考虑改变一些Openflow控制器算法的影响。一方面，本文研究了所提供的POX Openflow Controller数据包转发策略如何影响网络时间测量的可靠性。另一方面，本文还证明了这些策略的应用方式可以防止需要信任网络时间度量的新攻击。因此，我们进行了一些实验来证明POX包转发算法对网络时间测量的影响，或者是危害网络，或者是帮助保护网络。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2016 11th International Conference for Internet Technology and Secured Transactions (ICITST)

自引率

0.00%

发文量