SaTC: CORE: Small: Adversarial Network Reconnaissance in Software Defined Networking

Project Summary:

As a novel networking paradigm, SDN introduces both the opportunities of easier network management and more flexible policy deployment, and the challenges of new attack surfaces. This project investigate such new attack surfaces from the perspective of adversarial reconnaissance, which is a family of techniques that allow insider and outsider attackers to use the network behavior and control-plane messaging to infer the structure, configuration, and vulnerabilities of the target SDN. To secure future networks against such attackers, this project proposes to develop a systematic understanding of the techniques, capabilities, fundamental limits, and countermeasures of adversarial reconnaissance in SDNs.

Through collaboration with Dr. Patrick McDaniel (co-PI) and his student, we plan to investigate two correlated questions: (1) What information can be learned by an adversary? (2) What attacks can be launched based on this information? We will carry out two parallel thrusts, one focusing on an internal adversary (compromised switch), and the other focusing on an external adversary (compromised host). Our initial studies have covered flow table reconnaissance from host-based adversary and load balancer reconnaissance from switch-based adversary, with many more interesting questions to be explored next.

Participants:

PI

Ting He (PI)

Patrick McDaniel (co-PI)

Student

Quinn Burke (PhD)

Tian Xie (PhD)

Sanchal Thakkar (MS, 2022)

Namitha Nambiar (MS, 2021)

Mingli Yu (MS, 2020)

Publications:

Journal

1. Yudi Huang, Yilei Lin, and Ting He, Optimized Cross-Path Attacks via Adversarial Reconnaissance, Proceedings of the ACM on Measurement and Analysis of Computing Systems, vol. 7, no. 3, article 58, December 2023.
2. Tian Xie, Sanchal Thakkar, Ting He, Patrick McDaniel, and Quinn Burke, Joint Caching and Routing in Cache Networks with Arbitrary Topology, IEEE Transactions on Parallel and Distributed Systems, vol. 34, no. 8, pp. 2237-2250, August 2023.
3. Tian Xie, Namitha Nambiar, Ting He, and Patrick McDaniel, “Attack Resilience of Cache Replacement Policies: A Study Based on TTL Approximation,” IEEE/ACM Transactions on Networking, vol. 30, no. 6, pp. 2433 – 2447, December 2022. [Implementation of Configurable Rule Replacement Policy in Open vSwitch] [Code and Data for Mininet Experiment]
4. Q. Burke, F. Mehmeti, R. George, T. Jaeger, T. La Porta, and P. McDaniel, “Enforcing Multilevel Security Policies in Unstable Networks,” IEEE Transactions on Network and Service Management, vol. 19, no. 3, pp. 2349 – 2365, September 2022.
5. Quinn Burke, Patrick McDaniel, Tom La Porta, Mingli Yu, and Ting He, “Misreporting Attacks against Load Balancers in Software-Defined Networking,” accepted to Springer Mobile Networks and Applications (MONET), December 2021. [Code]
6. Mingli Yu, Tian Xie, Ting He, Patrick McDaniel, and Quinn K. Burke, “Flow Table Security in SDN: Adversarial Reconnaissance and Intelligent Attacks,” IEEE/ACM Transactions on Networking, vol. 29, no. 6, pp. 2793-2806, December 2021. [Supplementary file]
7. Stefan Achleitner, Quinn Burke, Patrick McDaniel, Trent Jaeger, Tom LaPorta, and Srikanth Krishnamurthy, “MLSNet: A Policy Complying Multilevel Security Framework for Software Defined Networking,” IEEE Transactions on Network and Service Management, vol. 18, no. 1, pp. 729-744, March 2021. [arXiv version]

Conference

1. Yudi Huang, Yilei Lin, and Ting He, Optimized Cross-Path Attacks via Adversarial Reconnaissance, ACM Sigmetrics, June 2024.
2. Tian Xie, Sanchal Thakkar, Ting He, Novella Bartolini, and Patrick McDaniel, Host-based Flow Table Size Inference in Multi-hop SDN, IEEE Globecom, December 2023.
3. Yudi Huang and Ting He, Overlay Routing over an Uncooperative Underlay, ACM MobiHoc, October 2023. [Supplementary material]
4. Tian Xie, Sanchal Thakkar, Ting He, Patrick McDaniel, and Quinn Burke, Joint Caching and Routing in Cache Networks with Arbitrary Topology, IEEE ICDCS, July 2022.
5. Yilei Lin, Ting He, and Guodong Pang, Queuing Network Topology Inference Using Passive Measurements, IFIP Networking, June 2021.
6. Tian Xie, Ting He, Patrick McDaniel, and Namitha Nambiar, Attack Resilience of Cache Replacement Policies, IEEE INFOCOM, May 2021.
7. Quinn Burke, Patrick McDaniel, Tom La Porta, Mingli Yu, and Ting He, Misreporting Attacks in Software-Defined Networking, International Conference on Security and Privacy in Communication Networks (SecureComm 2020), October 2020.
   
8. Mingli Yu, Ting He, Patrick McDaniel, and Quinn K. Burke, Flow Table Security in SDN: Adversarial Reconnaissance and Intelligent Attacks, IEEE INFOCOM, April 2020. Code

PI Meetings:

2022

• highlight slide
• poster
• short video