Vulnerabilities and Attacks of Inter-device Coordination in Programmable Networks

In programmable networks, some networking systems coordinate data plane switches to realize in-network functions (e.g., in-band network telemetry). However, the vulnerabilities of inter-device coordination are still largely unknown and neglected, which is highly concerning given the increasing popularity of this paradigm. In this paper, we identify three attack scenarios built upon such vulnerabilities, where attackers mislead the behaviors of networking systems that exploit inter-device coordination to execute in-network functions. We implement 20 existing networking systems on Tofino-based switches and a simulator, and attack these systems with the identified attacks. The experimental results indicate that our attacks significantly interfere with the normal operations of the selected networking systems, e.g., the cache hit rate of NetCache drops 38%. Our analysis also demonstrates that none of existing methods can fully mitigate our attacks since they fail to verify the packets for inter-device coordination.

[1]  Jun Guo,et al.  Torp: Full-Coverage and Low-Overhead Profiling of Host-Side Latency , 2022, IEEE INFOCOM 2022 - IEEE Conference on Computer Communications.

[2]  Qun Huang,et al.  Escala: Timely Elastic Scaling of Control Channels in Network Measurement , 2022, IEEE INFOCOM 2022 - IEEE Conference on Computer Communications.

[3]  Shouling Ji,et al.  V-Shuttle: Scalable and Semantics-Aware Hypervisor Virtual Device Fuzzing , 2021, CCS.

[4]  Christian Esteve Rothenberg,et al.  dh-aes-p4: On-premise encryption and in-band key-exchange in P4 fully programmable data planes , 2021, 2021 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN).

[5]  Patrick P. C. Lee,et al.  DeltaINT: Toward General In-band Network Telemetry with Extremely Low Bandwidth Overhead , 2021, 2021 IEEE 29th International Conference on Network Protocols (ICNP).

[6]  Mina Tahmasbi Arashloo,et al.  DBVal: Validating P4 Data Plane Runtime Behavior , 2021, SOSR.

[7]  Vladimir Braverman,et al.  Programmable packet scheduling with a single queue , 2021, SIGCOMM.

[8]  Srinivasan Seshan,et al.  RedPlane: enabling fault-tolerant stateful in-switch applications , 2021, SIGCOMM.

[9]  Ankit Singla,et al.  Order P4-66: Characterizing and mitigating surreptitious programmable network device exploitation , 2021, ArXiv.

[10]  Chunming Wu,et al.  SPEED: Resource-Efficient and High-Performance Deployment for Data Plane Programs , 2020, 2020 IEEE 28th International Conference on Network Protocols (ICNP).

[11]  Jiarong Xing,et al.  Secure State Migration in the Data Plane , 2020, SPIN@SIGCOMM.

[12]  Xiaoqi Chen,et al.  Implementing AES Encryption on Programmable Switches via Scrambled Lookup Tables , 2020, SPIN@SIGCOMM.

[13]  Pengcheng Zhang,et al.  Flow Event Telemetry on Programmable Data Plane , 2020, SIGCOMM.

[14]  Srinivasan Seshan,et al.  TEA: Enabling State-Intensive Network Functions on Programmable Switches , 2020, SIGCOMM.

[15]  Vladimir Braverman,et al.  NetLock: Fast, Centralized Lock Management Using Programmable Switches , 2020, SIGCOMM.

[16]  Minlan Yu,et al.  PINT: Probabilistic In-band Network Telemetry , 2020, SIGCOMM.

[17]  M. E. Bader Specifications , 2020, Practical Quality Management in the Chemical Process Industry.

[18]  Jennifer Rexford,et al.  Tracking P4 Program Execution in the Data Plane , 2020, SOSR.

[19]  Christopher Patton,et al.  Probabilistic Data Structures in Adversarial Environments , 2019, CCS.

[20]  Guofei Gu,et al.  NETHCF: Enabling Line-rate and Adaptive Spoofed IP Traffic Filtering , 2019, 2019 IEEE 27th International Conference on Network Protocols (ICNP).

[21]  Fabien Geyer,et al.  Cryptographic Hashing in P4 Data Planes , 2019, 2019 ACM/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS).

[22]  Minlan Yu,et al.  HPCC: high precision congestion control , 2019, SIGCOMM.

[23]  Patrick P. C. Lee,et al.  MV-Sketch: A Fast and Compact Invertible Sketch for Heavy Flow Detection in Network Data Streams , 2019, IEEE INFOCOM 2019 - IEEE Conference on Computer Communications.

[24]  William H. Sanders,et al.  Cross-App Poisoning in Software-Defined Networking , 2018, CCS.

[25]  Mun Choon Chan,et al.  BurstRadar: Practical Real-time Microburst Monitoring for Datacenter Networks , 2018, APSys.

[26]  Laurent Vanbever,et al.  SABRE: Protecting Bitcoin against Routing Attacks , 2018, NDSS.

[27]  Vincent Liu,et al.  Synchronized network snapshots , 2018, SIGCOMM.

[28]  Peng Liu,et al.  Elastic sketch: adaptive and fast network-wide measurements , 2018, SIGCOMM.

[29]  Nick McKeown,et al.  p4v: practical verification for programmable data planes , 2018, SIGCOMM.

[30]  Costin Raiciu,et al.  Debugging P4 programs with vera , 2018, SIGCOMM.

[31]  Stefan Schmid,et al.  Charting the Security Landscape of Programmable Dataplanes , 2018, ArXiv.

[32]  Xiaozhou Li,et al.  NetChain: Scale-Free Sub-RTT Coordination , 2018, NSDI.

[33]  Kirill Levchenko,et al.  Uncovering Bugs in P4 Programs with Assertion-based Verification , 2018, SOSR.

[34]  Vinod Yegneswaran,et al.  Flow Wars: Systemizing the Attack Surface and Defenses in Software-Defined Networks , 2017, IEEE/ACM Transactions on Networking.

[35]  Arvind Krishnamurthy,et al.  High-resolution measurement of data center microbursts , 2017, Internet Measurement Conference.

[36]  Nate Foster,et al.  NetCache: Balancing Key-Value Stores with Fast In-Network Caching , 2017, SOSP.

[37]  Laurent Vanbever,et al.  Swing State: Consistent Updates for Stateful and Programmable Data Planes , 2017, SOSR.

[38]  S. Muthukrishnan,et al.  Heavy-Hitter Detection Entirely in the Data Plane , 2016, SOSR.

[39]  Vladimir Braverman,et al.  One Sketch to Rule Them All: Rethinking Network Flow Monitoring with UnivMon , 2016, SIGCOMM.

[40]  Edo Liberty,et al.  Optimal Quantile Approximation in Streams , 2016, 2016 IEEE 57th Annual Symposium on Foundations of Computer Science (FOCS).

[41]  Alex C. Snoeren,et al.  Inside the Social Network's (Datacenter) Network , 2015, Comput. Commun. Rev..

[42]  Rodrigo Fonseca,et al.  Planck , 2014, SIGCOMM.

[43]  Brent E. Stephens,et al.  Planck , 2014, ACM SIGCOMM Computer Communication Review.

[44]  Kevin Benton,et al.  OpenFlow vulnerability assessment , 2013, HotSDN '13.

[45]  Albert G. Greenberg,et al.  Data center TCP (DCTCP) , 2010, SIGCOMM '10.

[46]  Zhi-Li Zhang,et al.  Quantile sampling for practical delay monitoring in Internet backbone networks , 2007, Comput. Networks.

[47]  Graham Cormode,et al.  An improved data stream summary: the count-min sketch and its applications , 2004, J. Algorithms.

[48]  Jiarong Xing,et al.  Bedrock: Programmable Network Support for Secure RDMA Systems , 2022, USENIX Security Symposium.

[49]  Jiarong Xing,et al.  Ripple: A Programmable, Decentralized Link-Flooding Defense Against Adaptive Adversaries , 2021, USENIX Security Symposium.

[50]  Torsten Hoefler,et al.  ReDMArk: Bypassing RDMA Security Mechanisms , 2021, USENIX Security Symposium.

[51]  Minlan Yu,et al.  Jaqen: A High-Performance Switch-Native Approach for Detecting and Mitigating Volumetric DDoS Attacks with Programmable Switches , 2021, USENIX Security Symposium.

[52]  Vladimir Braverman,et al.  Twenty Years After: Hierarchical Core-Stateless Fair Queueing , 2021, NSDI.

[53]  Li Chen,et al.  LightGuardian: A Full-Visibility, Lightweight, In-band Telemetry System Using Sketchlets , 2021, NSDI.

[54]  Boon Thau Loo,et al.  Flightplan: Dataplane Disaggregation and Placement for P4 Programs , 2021, NSDI.

[55]  Narseo Vallina-Rodriguez,et al.  Blind In/On-Path Attacks and Applications to VPNs , 2021, USENIX Security Symposium.

[56]  Jianping Wu,et al.  Poseidon: Mitigating Volumetric DDoS Attacks with Programmable Switches , 2020, NDSS.

[57]  Vijay Mann,et al.  SPHINX: Detecting Security Attacks in Software-Defined Networks , 2015, NDSS.

[58]  Lei Xu,et al.  Poisoning Network Visibility in Software-Defined Networks: New Attacks and Countermeasures , 2015, NDSS.