A secure computation framework for SDNs

Proceedings of the third workshop on Hot topics in software defined networking Pub Date : 2014-08-22 DOI:10.1145/2620728.2620768

N. Jagadeesan, R. Pal, Kaushik Nadikuditi, Yan Huang, E. Shi, Minlan Yu

{"title":"A secure computation framework for SDNs","authors":"N. Jagadeesan, R. Pal, Kaushik Nadikuditi, Yan Huang, E. Shi, Minlan Yu","doi":"10.1145/2620728.2620768","DOIUrl":null,"url":null,"abstract":"Software Defined Networking (SDN) introduces a logically centralized control plane to run diverse management applications. In practice, a logically centralized control plane is realized using multiple controllers for scalability, reliability, and availability reasons. In fact, for various current and future networks of interest, it is practically infeasible to attempt a physically centralized SDN system. As SDN gains popularity, it is important to secure the SDN infrastructure to be resilient to potential attacks. In SDN, controllers can become high-value and attractive targets for an adversary for the following reasons. First, controllers are sinks of information collected from different switches. This includes network topology and flow-counter values. Such information can be privacy sensitive. For example, an organization may wish to protect its internal network topology or hide what type of traffic is being routed through its network. In addition, privacy policies may prohibit information from flowing between one part of the organizational network to another. Second, controllers run full-fledged software stacks including an operating system and management applications. Therefore, they may expose a much larger attack surface than switches. Moreover, threats may arise from multiple sources. In addition to software vulnerabilities that may exist in the controller software stack, malicious insiders who have privileged access to the controllers may leak sensitive information or sabotage network operations. For example, the network operator wants to make sure that traffic flow counters in the controllers stay untouched by an adversary. Manipulation of these counters could allow DDoS","PeriodicalId":309136,"journal":{"name":"Proceedings of the third workshop on Hot topics in software defined networking","volume":"34 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-08-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"12","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the third workshop on Hot topics in software defined networking","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2620728.2620768","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 12

Abstract

Software Defined Networking (SDN) introduces a logically centralized control plane to run diverse management applications. In practice, a logically centralized control plane is realized using multiple controllers for scalability, reliability, and availability reasons. In fact, for various current and future networks of interest, it is practically infeasible to attempt a physically centralized SDN system. As SDN gains popularity, it is important to secure the SDN infrastructure to be resilient to potential attacks. In SDN, controllers can become high-value and attractive targets for an adversary for the following reasons. First, controllers are sinks of information collected from different switches. This includes network topology and flow-counter values. Such information can be privacy sensitive. For example, an organization may wish to protect its internal network topology or hide what type of traffic is being routed through its network. In addition, privacy policies may prohibit information from flowing between one part of the organizational network to another. Second, controllers run full-fledged software stacks including an operating system and management applications. Therefore, they may expose a much larger attack surface than switches. Moreover, threats may arise from multiple sources. In addition to software vulnerabilities that may exist in the controller software stack, malicious insiders who have privileged access to the controllers may leak sensitive information or sabotage network operations. For example, the network operator wants to make sure that traffic flow counters in the controllers stay untouched by an adversary. Manipulation of these counters could allow DDoS

查看原文本刊更多论文

sdn的安全计算框架

SDN (Software Defined Networking)是指通过逻辑上集中的控制平面来运行各种管理应用的网络。在实际应用中，出于可扩展性、可靠性和可用性的考虑，可以使用多个控制器来实现逻辑上集中的控制平面。事实上，对于当前和未来的各种网络，尝试物理集中式SDN系统实际上是不可行的。随着SDN的普及，确保SDN基础设施能够抵御潜在的攻击是非常重要的。在SDN中，由于以下原因，控制器可以成为攻击者的高价值和有吸引力的目标。首先，控制器是从不同的交换机收集信息的接收器。这包括网络拓扑和流量计数器值。这些信息可能是隐私敏感信息。例如，组织可能希望保护其内部网络拓扑结构或隐藏正在通过其网络路由的流量类型。此外，隐私政策可能会禁止信息在组织网络的一部分到另一部分之间流动。其次，控制器运行完整的软件栈，包括操作系统和管理应用程序。因此，它们暴露的攻击面可能比交换机大得多。此外，威胁可能来自多个来源。除了控制器软件栈中可能存在软件漏洞外，具有访问控制器特权的恶意内部人员还可能泄露敏感信息或破坏网络运行。例如，网络运营商希望确保控制器中的流量计数器不受攻击者的影响。操纵这些计数器可能会导致DDoS攻击

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings of the third workshop on Hot topics in software defined networking

自引率

0.00%

发文量