Misreporting attacks in software-defined networking

Quinn Burke, Patrick McDaniel, Thomas La Porta, Mingli Yu, Ting He

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Load balancers enable efficient use of network resources by distributing traffic fairly across them. In software-defined networking (SDN), load balancing is most often realized by a controller application that solicits traffic load reports from network switches and enforces load balancing decisions through flow rules. This separation between the control and data planes in SDNs creates an opportunity for an adversary at a compromised switch to misreport traffic loads to influence load balancing. In this paper, we evaluate the ability of such an adversary to control the volume of traffic flowing through a compromised switch by misreporting traffic loads. We use a queuing theoretic approach to model the attack and develop algorithms for misreporting that allow an adversary to tune attack parameters toward specific adversarial goals. We validate the algorithms with a virtual network testbed, finding that through misreporting the adversary can draw nearly all of the load in the subnetwork (+750%, or 85% of the load in the system), or an adversary-desired amount of load (a target load, e.g., +200%) to within 12% error of that target. This is yet another example of how depending on untrustworthy reporting in making control decisions can lead to fundamental security failures.

Original languageEnglish (US)
Title of host publicationSecurity and Privacy in Communication Networks - 16th EAI International Conference, SecureComm 2020, Proceedings
EditorsNoseong Park, Kun Sun, Sara Foresti, Kevin Butler, Nitesh Saxena
PublisherSpringer Science and Business Media Deutschland GmbH
Pages276-296
Number of pages21
ISBN (Print)9783030630850
DOIs
StatePublished - 2020
Event16th International Conference on Security and Privacy in Communication Networks, SecureComm 2020 - Washington, United States
Duration: Oct 21 2020Oct 23 2020

Publication series

NameLecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering, LNICST
Volume335
ISSN (Print)1867-8211

Conference

Conference16th International Conference on Security and Privacy in Communication Networks, SecureComm 2020
CountryUnited States
CityWashington
Period10/21/2010/23/20

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications

Fingerprint Dive into the research topics of 'Misreporting attacks in software-defined networking'. Together they form a unique fingerprint.

Cite this