Analysis of Topology Poisoning Attacks in Software-Defined Networking

Abstract

Software-defined networking (SDN) is an emerging architecture with a great potential to foster the development of modern networks. By separating the control plane from the network devices and centralizing it at a software-based controller, SDN provides network-wide visibility and flexible programmability to network administrators. However, the security aspects of SDN are not yet fully understood. For example, while SDN is resistant to some topology poisoning attacks in which the attacker misleads the routing algorithm about the network structure, similar attacks by compromised hosts and switches are still known to be possible.

The goal of this thesis is to thoroughly analyze the topology poisoning attacks initiated by compromised switches and to identify whether they are a threat to SDN. We identify three base cases of the topology poisoning attack, in which the attack that requires a single compromised switch is a new variant of topology poisoning. We develop proof-of-concept implementations for these attacks in emulated networks based on OpenFlow, the most popular framework for SDN. We also evaluate the attacks in simulated networks by measuring how much additional traffic the attacker can divert to the compromised switches. A wide range of network topologies and routing algorithms are used in the simulations.

The simulation results show that the discovered attacks are severe in many cases. Furthermore, the seriousness of the attacks increases according to the number of tunnels that the attacker can fabricate and also depends on the distance between the tunnel endpoints. The simulations indicate that network design can help to mitigate the attacks by, for example, shortening the paths between switches in the network, randomizing regular network structure, or increasing the load-balancing capability of the routing strategy.