Deakin University
Browse

File(s) under permanent embargo

Gwardar: towards protecting a software-defined network from malicious network operating systems

Version 2 2024-06-12, 18:41
Version 1 2019-05-02, 10:52
conference contribution
posted on 2024-06-12, 18:41 authored by A Shaghaghi, SS Kanhere, MA Kaafar, S Jha
A Software-Defined Network (SDN) controller (aka. Network Operating System or NOS) is regarded as the brain of the network and is the single most critical element responsible to manage an SDN. Complimentary to existing solutions that aim to protect a NOS, we propose an intrusion protection system designed to protect an SDN against a controller that has been successfully compromised. Gwardar maintains a virtual replica of the data plane by intercepting the OpenFlow messages exchanged between the control and data plane. By observing the long-term flow of the packets, Gwardar learns the normal set of trajectories in the data plane for distinct packet headers. Upon detecting an unexpected packet trajectory, it starts by verifying the data plane forwarding devices by comparing the actual packet trajectories with the expected ones computed over the virtual replica. If the anomalous trajectories match the NOS instructions, Gwardar inspects the NOS itself. For this, it submits policies matching the normal set of trajectories and verifies whether the controller submits matching flow rules to the data plane and whether the network view provided to the application plane reflects the changes. Our evaluation results prove the practicality of Gwardar with a high detection accuracy in a reasonable time-frame.

History

Pagination

1-5

Location

Cambridge, Mass.

Start date

2018-11-01

End date

2018-11-03

ISBN-13

9781538676592

Language

eng

Publication classification

E1.1 Full written paper - refereed

Copyright notice

2018, IEEE

Editor/Contributor(s)

[Unknown]

Title of proceedings

NCA 2018 : Proceedings of the 2018 IEEE 17th International Symposium on Network Computing and Applications

Event

IEEE Computer Society. Conference (17th : 2018 : Cambridge, Mass.)

Publisher

Institute of Electrical and Electronics Engineers

Place of publication

Piscataway, N.J.

Series

IEEE Computer Society Conference

Usage metrics

    Research Publications

    Categories

    No categories selected

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC