SaTC: CORE: Small: Adversarial Network Reconnaissance in Software Defined Networking

As a novel networking paradigm, SDN introduces both the opportunities of easier network management and more flexible policy deployment, and the challenges of new attack surfaces. This project investigate such new attack surfaces from the perspective of adversarial reconnaissance, which is a family of techniques that allow insider and outsider attackers to use the network behavior and control-plane messaging to infer the structure, configuration, and vulnerabilities of the target SDN. To secure future networks against such attackers, this project proposes to develop a systematic understanding of the techniques, capabilities, fundamental limits, and countermeasures of adversarial reconnaissance in SDNs.

Through collaboration with Dr. Patrick McDaniel (co-PI) and his student, we plan to investigate two correlated questions: (1) What information can be learned by an adversary? (2) What attacks can be launched based on this information? We will carry out two parallel thrusts, one focusing on an internal adversary (compromised switch), and the other focusing on an external adversary (compromised host). Our initial studies have covered flow table reconnaissance from host-based adversary and load balancer reconnaissance from switch-based adversary, with many more interesting questions to be explored next.

Publications:

 

 

Powered by WordPress. Designed by WooThemes

Skip to toolbar