Outsmarting Network Security with SDN Teleportation

Kashyap Thimmaraju, Liron Schiff, Stefan Schmid

Publikation: Bidrag til bog/antologi/rapport/konference proceedingKonferenceartikel i proceedingForskningpeer review

27 Citationer (Scopus)

Abstract

Software-defined networking is considered a promising new paradigm, enabling more reliable and formally verifiable communication networks. However, this paper shows that the separation of the control plane from the data plane, which lies at the heart of Software-Defined Networks (SDNs), introduces a new vulnerability which we call teleportation. An attacker (e.g., a malicious switch in the data plane or a host connected to the network) can use teleportation to transmit information via the control plane and bypass critical network functions in the data plane (e.g., a firewall), and to violate security policies as well as logical and even physical separations. This paper characterizes the design space for teleportation attacks theoretically, and then identifies four different teleportation techniques. We demonstrate and discuss how these techniques can be exploited for different attacks (e.g., exfiltrating confidential data at high rates), and also initiate the discussion of possible countermeasures. Generally, and given today's trend toward more intent-based networking, we believe that our findings are relevant beyond the use cases considered in this paper.

OriginalsprogEngelsk
TitelProceedings - 2017 IEEE European Symposium on Security and Privacy (EuroS&P)
Antal sider16
ForlagIEEE (Institute of Electrical and Electronics Engineers)
Publikationsdato28 jun. 2017
Sider563-578
Artikelnummer7962003
ISBN (Elektronisk)9781509057610
DOI
StatusUdgivet - 28 jun. 2017
Begivenhed2nd IEEE European Symposium on Security and Privacy, EuroS and P 2017 - Paris, Frankrig
Varighed: 26 apr. 201728 apr. 2017

Konference

Konference2nd IEEE European Symposium on Security and Privacy, EuroS and P 2017
Land/OmrådeFrankrig
ByParis
Periode26/04/201728/04/2017
SponsorIEEE France Section, Technical Committee on Security and Privacy (TC)

Fingeraftryk

Dyk ned i forskningsemnerne om 'Outsmarting Network Security with SDN Teleportation'. Sammen danner de et unikt fingeraftryk.

Citationsformater