Taking control of SDN-based cloud systems via the data plane

Kashyap Thimmaraju; Bhargava Shastry; Tobias Fiebig; Felicitas Hetzelt; Jean Pierre Seifert; Anja Feldmann; Stefan Schmid

doi:10.1145/3185467.3185468

Taking control of SDN-based cloud systems via the data plane

Kashyap Thimmaraju, Bhargava Shastry, Tobias Fiebig, Felicitas Hetzelt, Jean Pierre Seifert, Anja Feldmann, Stefan Schmid

Research output: Contribution to book/anthology/report/conference proceeding › Article in proceeding › Research › peer-review

32 Citations (Scopus)

Abstract

Virtual switches are a crucial component of SDN-based cloud systems, enabling the interconnection of virtual machines in a flexible and "software-defined" manner. This paper raises the alarm on the security implications of virtual switches. In particular,we showthat virtual switches not only increase the attack surface of the cloud, but virtual switch vulnerabilities can also lead to attacks of much higher impact compared to traditional switches. We present a systematic security analysis and identify four design decisions which introduce vulnerabilities. Our findings motivate us to revisit existing threat models for SDNbased cloud setups, and introduce a new attacker model for SDN-based cloud systems using virtual switches. We demonstrate the practical relevance of our analysis using a case study with Open vSwitch and OpenStack. Employing a fuzzing methodology, we find several exploitable vulnerabilities in Open vSwitch. Using just one vulnerability we were able to create a worm that can compromise hundreds of servers in a matter of minutes. Our findings are applicable beyond virtual switches: NFV and high-performance fast path implementations face similar issues. This paper also studies various mitigation techniques and discusses how to redesign virtual switches for their integration.

Original language	English
Title of host publication	Proceedings of the Symposium on SDN Research, SOSR 2018
Number of pages	15
Publisher	Association for Computing Machinery
Publication date	28 Mar 2018
Article number	3185468
ISBN (Electronic)	978-1-4503-5664-0
DOIs	https://doi.org/10.1145/3185467.3185468
Publication status	Published - 28 Mar 2018
Event	2018 Symposium on SDN Research, SOSR 2018 - Los Angeles, United States Duration: 28 Mar 2018 → 29 Mar 2018

Conference

Conference	2018 Symposium on SDN Research, SOSR 2018
Country/Territory	United States
City	Los Angeles
Period	28/03/2018 → 29/03/2018
Sponsor	ACM SigComm, Open Networking Summit (ONS)

Keywords

Attacker models
Cloud security
Data plane security
MPLS
Network isolation
Network virtualization
NFV
Open vSwitch
OpenStack
Packet parsing
ROP
SDN
Virtual switches

Access to Document

10.1145/3185467.3185468

AUB Link

Search for the material in Aalborg University Library's search engine

Cite this

@inproceedings{f99eb13256b24d888ccf27f4b22a11c1,

title = "Taking control of SDN-based cloud systems via the data plane",

abstract = "Virtual switches are a crucial component of SDN-based cloud systems, enabling the interconnection of virtual machines in a flexible and {"}software-defined{"} manner. This paper raises the alarm on the security implications of virtual switches. In particular,we showthat virtual switches not only increase the attack surface of the cloud, but virtual switch vulnerabilities can also lead to attacks of much higher impact compared to traditional switches. We present a systematic security analysis and identify four design decisions which introduce vulnerabilities. Our findings motivate us to revisit existing threat models for SDNbased cloud setups, and introduce a new attacker model for SDN-based cloud systems using virtual switches. We demonstrate the practical relevance of our analysis using a case study with Open vSwitch and OpenStack. Employing a fuzzing methodology, we find several exploitable vulnerabilities in Open vSwitch. Using just one vulnerability we were able to create a worm that can compromise hundreds of servers in a matter of minutes. Our findings are applicable beyond virtual switches: NFV and high-performance fast path implementations face similar issues. This paper also studies various mitigation techniques and discusses how to redesign virtual switches for their integration.",

keywords = "Attacker models, Cloud security, Data plane security, MPLS, Network isolation, Network virtualization, NFV, Open vSwitch, OpenStack, Packet parsing, ROP, SDN, Virtual switches",

author = "Kashyap Thimmaraju and Bhargava Shastry and Tobias Fiebig and Felicitas Hetzelt and Seifert, {Jean Pierre} and Anja Feldmann and Stefan Schmid",

year = "2018",

month = mar,

day = "28",

doi = "10.1145/3185467.3185468",

language = "English",

booktitle = "Proceedings of the Symposium on SDN Research, SOSR 2018",

publisher = "Association for Computing Machinery",

address = "United States",

note = "2018 Symposium on SDN Research, SOSR 2018 ; Conference date: 28-03-2018 Through 29-03-2018",

}

Thimmaraju, K, Shastry, B, Fiebig, T, Hetzelt, F, Seifert, JP, Feldmann, A & Schmid, S 2018, Taking control of SDN-based cloud systems via the data plane. in Proceedings of the Symposium on SDN Research, SOSR 2018., 3185468, Association for Computing Machinery, 2018 Symposium on SDN Research, SOSR 2018, Los Angeles, United States, 28/03/2018. https://doi.org/10.1145/3185467.3185468

TY - GEN

T1 - Taking control of SDN-based cloud systems via the data plane

AU - Thimmaraju, Kashyap

AU - Shastry, Bhargava

AU - Fiebig, Tobias

AU - Hetzelt, Felicitas

AU - Seifert, Jean Pierre

AU - Feldmann, Anja

AU - Schmid, Stefan

PY - 2018/3/28

Y1 - 2018/3/28

N2 - Virtual switches are a crucial component of SDN-based cloud systems, enabling the interconnection of virtual machines in a flexible and "software-defined" manner. This paper raises the alarm on the security implications of virtual switches. In particular,we showthat virtual switches not only increase the attack surface of the cloud, but virtual switch vulnerabilities can also lead to attacks of much higher impact compared to traditional switches. We present a systematic security analysis and identify four design decisions which introduce vulnerabilities. Our findings motivate us to revisit existing threat models for SDNbased cloud setups, and introduce a new attacker model for SDN-based cloud systems using virtual switches. We demonstrate the practical relevance of our analysis using a case study with Open vSwitch and OpenStack. Employing a fuzzing methodology, we find several exploitable vulnerabilities in Open vSwitch. Using just one vulnerability we were able to create a worm that can compromise hundreds of servers in a matter of minutes. Our findings are applicable beyond virtual switches: NFV and high-performance fast path implementations face similar issues. This paper also studies various mitigation techniques and discusses how to redesign virtual switches for their integration.

AB - Virtual switches are a crucial component of SDN-based cloud systems, enabling the interconnection of virtual machines in a flexible and "software-defined" manner. This paper raises the alarm on the security implications of virtual switches. In particular,we showthat virtual switches not only increase the attack surface of the cloud, but virtual switch vulnerabilities can also lead to attacks of much higher impact compared to traditional switches. We present a systematic security analysis and identify four design decisions which introduce vulnerabilities. Our findings motivate us to revisit existing threat models for SDNbased cloud setups, and introduce a new attacker model for SDN-based cloud systems using virtual switches. We demonstrate the practical relevance of our analysis using a case study with Open vSwitch and OpenStack. Employing a fuzzing methodology, we find several exploitable vulnerabilities in Open vSwitch. Using just one vulnerability we were able to create a worm that can compromise hundreds of servers in a matter of minutes. Our findings are applicable beyond virtual switches: NFV and high-performance fast path implementations face similar issues. This paper also studies various mitigation techniques and discusses how to redesign virtual switches for their integration.

KW - Attacker models

KW - Cloud security

KW - Data plane security

KW - MPLS

KW - Network isolation

KW - Network virtualization

KW - NFV

KW - Open vSwitch

KW - OpenStack

KW - Packet parsing

KW - ROP

KW - SDN

KW - Virtual switches

UR - http://www.scopus.com/inward/record.url?scp=85049390536&partnerID=8YFLogxK

U2 - 10.1145/3185467.3185468

DO - 10.1145/3185467.3185468

M3 - Article in proceeding

AN - SCOPUS:85049390536

BT - Proceedings of the Symposium on SDN Research, SOSR 2018

PB - Association for Computing Machinery

T2 - 2018 Symposium on SDN Research, SOSR 2018

Y2 - 28 March 2018 through 29 March 2018

ER -

Taking control of SDN-based cloud systems via the data plane

Abstract

Conference

Keywords

Access to Document

AUB Link

Other files and links

Fingerprint

Cite this