A Framework for Policy Inconsistency Detection in Software-Defined Networks

Software-Defined Networking (SDN) has aggressively grown in data center networks, telecommunication providers, and enterprises by virtue of its programmable and extensible control plane. Also, there have been many kinds of research on the security of SDN components along with the growth of SDN. Some of them have inspected network policy inconsistency problems that can severely cause network reliability and security issues in SDN. However, they do not consider whether a single network policy itself is corrupted during processing inside and between SDN components. In this paper, we thus focus on the question of how to automatically identify cases in which the SDN stack fails to prevent policy inconsistencies from arising among those components. We then present AudiSDN, an automated fuzz-testing framework designed to formulate test cases in which policy inconsistencies can arise in OpenFlow networks, the most prevalent SDN protocol. To prove its feasibility, we applied AudiSDN to two widely used SDN controllers, Floodlight and ONOS, and uncovered three separate CVEs (Common Vulnerabilities and Exposures) that cause the network policy inconsistencies among SDN components. Furthermore, we investigate the design flaws that cause the inconsistencies in modern SDN components, suggesting specific validations to address such a serious but understudied pragmatic concern.

[1]  Stefan Schmid,et al.  P4Consist: Toward Consistent P4 SDNs , 2020, IEEE Journal on Selected Areas in Communications.

[2]  Anja Feldmann,et al.  Toward Consistent SDNs: A Case for Network State Fuzzing , 2020, IEEE Transactions on Network and Service Management.

[3]  George Parisis,et al.  Towards Model Checking Real-World Software-Defined Networks , 2020, CAV.

[4]  Seungwon Shin,et al.  RE-CHECKER: Towards Secure RESTful Service in Software-Defined Networking , 2018, 2018 IEEE Conference on Network Function Virtualization and Software Defined Networks (NFV-SDN).

[5]  Adam Doupé,et al.  AIM-SDN: Attacking Information Mismanagement in SDN-datastores , 2018, CCS.

[6]  Seungwon Shin,et al.  INDAGO: A New Framework For Detecting Malicious SDN Applications , 2018, 2018 IEEE 26th International Conference on Network Protocols (ICNP).

[7]  Lei Xu,et al.  Effective Topology Tampering Attacks and Defenses in Software-Defined Networks , 2018, 2018 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN).

[8]  Vinod Yegneswaran,et al.  A Security-Mode for Carrier-Grade SDN Controllers , 2017, ACSAC.

[9]  Vinod Yegneswaran,et al.  Flow Wars: Systemizing the Attack Surface and Defenses in Software-Defined Networks , 2017, IEEE/ACM Transactions on Networking.

[10]  Sonia Fahmy,et al.  BEADS: Automated Attack Discovery in OpenFlow-Based SDN Systems , 2017, RAID.

[11]  Marco Chiesa,et al.  Decentralized Consistent Updates in SDN , 2017, SOSR.

[12]  Sanjay Jha,et al.  WedgeTail: An Intrusion Prevention System for the Data Plane of Software Defined Networks , 2017, AsiaCCS.

[13]  Vinod Yegneswaran,et al.  DELTA: A Security Assessment Framework for Software-Defined Networks , 2017, NDSS.

[14]  Hao Li,et al.  Mind the Gap: Monitoring the Control-Data Plane Consistency in Software Defined Networks , 2016, CoNEXT.

[15]  Theophilus Benson,et al.  Isolating and Tolerating SDN Application Failures with LegoSDN , 2016, SOSR.

[16]  Pavol Cerný,et al.  Event-driven network programming , 2015, PLDI.

[17]  Michael J. Freedman,et al.  Ravana: controller fault-tolerance in software-defined networking , 2015, SOSR.

[18]  Xin Jin,et al.  CoVisor: A Compositional Hypervisor for Software-Defined Networks , 2015, NSDI.

[19]  Neil Immerman,et al.  Decentralizing SDN Policies , 2015, POPL.

[20]  Brent Byunghoon Kang,et al.  Rosemary: A Robust, Secure, and High-performance Network Operating System , 2014, CCS.

[21]  Yifei Yuan,et al.  NetEgg: Programming Network Policies by Examples , 2014, HotNets.

[22]  Rupak Majumdar,et al.  Kuai: A model checker for software-defined networks , 2014, 2014 Formal Methods in Computer-Aided Design (FMCAD).

[23]  Pavlin Radoslavov,et al.  ONOS: towards an open, distributed SDN OS , 2014, HotSDN.

[24]  Zhi Liu,et al.  Troubleshooting blackbox SDN control software with minimal causal sequences , 2014 .

[25]  Michael Schapira,et al.  VeriCon: towards verifying controller programs in software-defined networks , 2014, PLDI.

[26]  Fernando M. V. Ramos,et al.  Software-Defined Networking: A Comprehensive Survey , 2014, Proceedings of the IEEE.

[27]  Nate Foster,et al.  NetKAT: semantic foundations for networks , 2014, POPL.

[28]  George Varghese,et al.  P4: programming protocol-independent packet processors , 2013, CCRV.

[29]  Sakir Sezer,et al.  Sdn Security: A Survey , 2013, 2013 IEEE SDN for Future Networks and Services (SDN4FNS).

[30]  Guofei Gu,et al.  Attacking software-defined networks: a first feasibility study , 2013, HotSDN '13.

[31]  Min Zhu,et al.  B4: experience with a globally-deployed software defined wan , 2013, SIGCOMM.

[32]  Srikanth Kandula,et al.  Achieving high utilization with software-driven WAN , 2013, SIGCOMM.

[33]  Brighten Godfrey,et al.  VeriFlow: verifying network-wide invariants in real time , 2012, HotSDN '12.

[34]  Mabry Tyson,et al.  A security enforcement kernel for OpenFlow networks , 2012, HotSDN '12.

[35]  George Varghese,et al.  Header Space Analysis: Static Checking for Networks , 2012, NSDI.

[36]  David Walker,et al.  Consistent updates for software-defined networks: change you can believe in! , 2011, HotNets-X.

[37]  Nick McKeown,et al.  A network in a laptop: rapid prototyping for software-defined networks , 2010, Hotnets-IX.

[38]  Sujata Banerjee,et al.  ElasticTree: Saving Energy in Data Center Networks , 2010, NSDI.

[39]  Ruzica Piskac,et al.  Avenir: Managing Data Plane Diversity with Control Plane Synthesis , 2021, NSDI.

[40]  Lei Xu,et al.  Attacking the Brain: Races in the SDN Control Plane , 2017, USENIX Security Symposium.

[41]  Vinod Yegneswaran,et al.  Securing the Software Defined Network Control Layer , 2015, NDSS.

[42]  Vijay Mann,et al.  SPHINX: Detecting Security Attacks in Software-Defined Networks , 2015, NDSS.

[43]  Lei Xu,et al.  Poisoning Network Visibility in Software-Defined Networks: New Attacks and Countermeasures , 2015, NDSS.

[44]  Angela Orebaugh,et al.  Wireshark & Ethereal Network Protocol Analyzer Toolkit , 2007 .