MLSNet: A Policy Complying Multilevel Security Framework for Software Defined Networking

Ensuring that information flowing through a network is secure from manipulation and eavesdropping by unauthorized parties is an important task for network administrators. Many cyber attacks rely on a lack of network-level information flow controls to successfully compromise a victim network. Once an adversary exploits an initial entry point, they can eavesdrop and move laterally within the network (e.g., scan and penetrate internal nodes) to further their malicious goals. In this paper, we propose a novel multilevel security (MLS) framework to enforce a secure inter-node information flow policy within the network and therein vastly reduce the attack surface available to an adversary who has penetrated it. In contrast to prior work on multilevel security in computer networks which relied on enforcing the policy at network endpoints, we leverage the centralization of software-defined networks (SDNs) by moving the task to the controller and providing this service transparently to all nodes in the network. Our framework, MLSNet, formalizes the generation of a policy compliant network configuration (i.e., set of flow rules on the SDN switches) as network optimization problems, with the objectives of (1) maximizing the number of flows satisfying all security constraints and (2) minimizing the security cost of routing any remaining flows to guarantee availability. We demonstrate that MLSNet can securely route flows that satisfy the security constraints (e.g., >80% of flows in a performed benchmark) and route the remaining flows with a minimal security cost.

[1]  王莹 使用Security—Enhanced Linux增强系统安全 , 2003 .

[2]  Kim-Kwang Raymond Choo,et al.  Distributed denial of service (DDoS) resilience in cloud: Review and conceptual cloud DDoS mitigation framework , 2016, J. Netw. Comput. Appl..

[3]  Tuomas Aura,et al.  Spook in Your Network: Attacking an SDN with a Compromised OpenFlow Switch , 2014, NordSec.

[4]  Thomas F. La Porta,et al.  Adversarial Network Forensics in Software Defined Networking , 2017, SOSR.

[5]  Ying Zhang,et al.  PGA: Using Graphs to Express and Automatically Reconcile Network Policies , 2015, Comput. Commun. Rev..

[6]  Vinod Yegneswaran,et al.  Flow Wars: Systemizing the Attack Surface and Defenses in Software-Defined Networks , 2017, IEEE/ACM Transactions on Networking.

[7]  Wei Liu,et al.  Trust data collections via vehicles joint with unmanned aerial vehicles in the smart Internet of Things , 2020, Trans. Emerg. Telecommun. Technol..

[8]  D. Elliott Bell,et al.  Secure Computer System: Unified Exposition and Multics Interpretation , 1976 .

[9]  Laura Savu,et al.  Cloud Computing: Deployment Models, Delivery Models, Risks and Research Challenges , 2011, 2011 International Conference on Computer and Management (CAMAN).

[10]  Dorothy E. Denning,et al.  A lattice model of secure information flow , 1976, CACM.

[11]  R. Hunt,et al.  TCP/IP security threats and attack methods , 1999, Comput. Commun..

[12]  Teresa F. Lunt,et al.  A Semantic Framework of the Multilevel Secure Relational Model , 1997, IEEE Trans. Knowl. Data Eng..

[13]  Avishai Wool,et al.  A quantitative study of firewall configuration errors , 2004, Computer.

[14]  Malur K. Sundareshan,et al.  A Model for Multilevel Security in Computer Networks , 1990, IEEE Trans. Software Eng..

[15]  Thomas F. La Porta,et al.  Misreporting Attacks in Software-Defined Networking , 2020, SecureComm.

[16]  Chen-Nee Chuah,et al.  FIREMAN: a toolkit for firewall modeling and analysis , 2006, 2006 IEEE Symposium on Security and Privacy (S&P'06).

[17]  Sajjad Haider,et al.  Security threats in cloud computing , 2011, 2011 International Conference for Internet Technology and Secured Transactions.

[18]  Colin Tankard,et al.  Advanced Persistent threats and how to monitor and deter them , 2011, Netw. Secur..

[19]  Mohsen Guizani,et al.  Topology Discovery in Software Defined Networks: Threats, Taxonomy, and State-of-the-Art , 2017, IEEE Communications Surveys & Tutorials.

[20]  O. S. Saydjari Multilevel Security: Reprise , 2004, IEEE Secur. Priv..

[21]  Rob Sherwood,et al.  OFLOPS: An Open Framework for OpenFlow Switch Evaluation , 2012, PAM.

[22]  George Varghese,et al.  P4: programming protocol-independent packet processors , 2013, CCRV.

[23]  Paul Ferguson,et al.  Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing , 1998, RFC.

[24]  Lance Spitzner,et al.  Honeypots: catching the insider threat , 2003, 19th Annual Computer Security Applications Conference, 2003. Proceedings..

[25]  Richard M. Karp,et al.  Reducibility Among Combinatorial Problems , 1972, 50 Years of Integer Programming.

[26]  George Varghese,et al.  Real Time Network Policy Checking Using Header Space Analysis , 2013, NSDI.

[27]  Amin Vahdat,et al.  A scalable, commodity data center network architecture , 2008, SIGCOMM '08.

[28]  Ratul Mahajan,et al.  Measuring ISP topologies with Rocketfuel , 2004, IEEE/ACM Transactions on Networking.

[29]  Vijay Varadharajan,et al.  A multilevel security model for a distributed object-oriented system , 1990, [1990] Proceedings of the Sixth Annual Computer Security Applications Conference.

[30]  Xiang Cai,et al.  CS-BuFLO: A Congestion Sensitive Website Fingerprinting Defense , 2014, WPES.

[31]  Gail-Joon Ahn,et al.  FLOWGUARD: building robust firewalls for software-defined networks , 2014, HotSDN.

[32]  Bo Jiang,et al.  Trust based energy efficient data collection with unmanned aerial vehicle in edge network , 2020, Trans. Emerg. Telecommun. Technol..

[33]  George Varghese,et al.  Header Space Analysis: Static Checking for Networks , 2012, NSDI.

[34]  Ting He,et al.  Flow Table Security in SDN: Adversarial Reconnaissance and Intelligent Attacks , 2020, IEEE INFOCOM 2020 - IEEE Conference on Computer Communications.

[35]  Myung-Ki Shin,et al.  Software-defined networking (SDN): A reference architecture and open APIs , 2012, 2012 International Conference on ICT Convergence (ICTC).

[36]  Lei Xu,et al.  Poisoning Network Visibility in Software-Defined Networks: New Attacks and Countermeasures , 2015, NDSS.

[37]  Vern Paxson,et al.  Outside the Closed World: On Using Machine Learning for Network Intrusion Detection , 2010, 2010 IEEE Symposium on Security and Privacy.

[38]  Dijiang Huang,et al.  Brew: A Security Policy Analysis Framework for Distributed SDN-Based Cloud Environments , 2019, IEEE Transactions on Dependable and Secure Computing.

[39]  Geoffrey Smith,et al.  A Type-Based Approach to Program Security , 1997, TAPSOFT.

[40]  Mabry Tyson,et al.  A security enforcement kernel for OpenFlow networks , 2012, HotSDN '12.

[41]  David A. Maltz,et al.  Network traffic characteristics of data centers in the wild , 2010, IMC '10.

[42]  Christoph Meinel,et al.  Infrastructure as a service security: Challenges and solutions , 2010, 2010 The 7th International Conference on Informatics and Systems (INFOS).

[43]  Julian Jang,et al.  A survey of emerging threats in cybersecurity , 2014, J. Comput. Syst. Sci..

[44]  Lujo Bauer,et al.  Detecting and resolving policy misconfigurations in access-control systems , 2008, SACMAT '08.

[45]  David Sands,et al.  Declassification: Dimensions and principles , 2009, J. Comput. Secur..

[46]  Mauro Conti,et al.  A Survey of Man In The Middle Attacks , 2016, IEEE Communications Surveys & Tutorials.

[47]  Richard M. Karp,et al.  Reducibility among combinatorial problems" in complexity of computer computations , 1972 .

[48]  Ying Zhang,et al.  Supporting Diverse Dynamic Intent-based Policies using Janus , 2017, CoNEXT.

[49]  Douglas J. Leith,et al.  A Web Traffic Analysis Attack Using Only Timing Information , 2014, IEEE Transactions on Information Forensics and Security.

[50]  Zhiwen Zeng,et al.  A trust-based minimum cost and quality aware data collection scheme in P2P network , 2020, Peer-to-Peer Netw. Appl..

[51]  Vijay Mann,et al.  SPHINX: Detecting Security Attacks in Software-Defined Networks , 2015, NDSS.