Fingerprinting OpenFlow Controllers: The First Step to Attack an SDN Control Plane

Abstract : Software-Defined Networking (SDN) controllers are considered as Network Operating Systems (NOSs) and often viewed as a single point of failure. Detecting which SDN controller is managing a target network is a big step for an attacker to launch specific/effective attacks against it. In this paper, we demonstrate the feasibility of fingerpirinting SDN controllers. We propose techniques allowing an attacker placed in the data plane, which is supposed to be physically separate from the control plane, to detect which controller is managing the network. To the best of our knowledge, this is the first work on fingerprinting SDN controllers, with as primary goal to emphasize the necessity to highly secure the controller. We focus on OpenFlow-based SDN networks since OpenFlow is currently the most deployed SDN technology by hardware and software vendors.
Type de document :
Communication dans un congrès
59th annual IEEE Global Communications Conference (GLOBECOM 2016), Dec 2016, Washington DC, United States. IEEE, pp.1-6, 2016, 〈10.1109/GLOCOM.2016.7841843〉
Liste complète des métadonnées

Littérature citée [8 références]  Voir  Masquer  Télécharger

https://hal.sorbonne-universite.fr/hal-01538464
Contributeur : Abdelhadi Azzouni <>
Soumis le : mardi 13 juin 2017 - 16:04:06
Dernière modification le : jeudi 21 mars 2019 - 13:14:05
Document(s) archivé(s) le : mardi 12 décembre 2017 - 15:34:04

Fichier

fingerprintingsdn.pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

Citation

Abdelhadi Azzouni, Othmen Braham, Thi-Mai-Trang Nguyen, Guy Pujolle, Raouf Boutaba. Fingerprinting OpenFlow Controllers: The First Step to Attack an SDN Control Plane. 59th annual IEEE Global Communications Conference (GLOBECOM 2016), Dec 2016, Washington DC, United States. IEEE, pp.1-6, 2016, 〈10.1109/GLOCOM.2016.7841843〉. 〈hal-01538464〉

Partager

Métriques

Consultations de la notice

168

Téléchargements de fichiers

217