Abstract:
Software-defined networking (SDN) has significantly enriched network functions by separating the control plane from the data plane. Meanwhile, the unique architecture of ...Show MoreMetadata
Abstract:
Software-defined networking (SDN) has significantly enriched network functions by separating the control plane from the data plane. Meanwhile, the unique architecture of SDN brings new security challenges. Recent studies show that attackers can fabricate inter-switch links to hijack the traffic or interfere with network services. In this paper, we uncover two new vulnerabilities that can tamper with the topology view of the SDN controller. Then, we present two novel attacks named Cluster Splitting and Cluster Amnesia according to such flaws. We split or forget partial network topology by establishing a broadcast domain port or external link. As a result, it affects the module responsible for computing topology instances and disrupts the routing calculations. To defend against such attacks, we design a two-stage algorithm to verify the switch port and link in real-time. With the principle of saving the limited control channel resources and not extending the LLDP protocol, we propose LldpChecker. As a lightweight extension for SDN controllers, it can filter malicious broadcast domain ports and external links. We conduct a series of experiments to evaluate the effectiveness and efficiency of LldpChecker. The results show that LldpChecker can effectively mitigate these two novel attacks with negligible overhead.
Published in: IEEE Transactions on Dependable and Secure Computing ( Volume: 21, Issue: 4, July-Aug. 2024)