Logo des Repositoriums
 

SDN Ro2tkits: A Case Study of Subverting A Closed Source SDN Controller

dc.contributor.authorRöpke, Christian
dc.contributor.editorLangweg, Hanno
dc.contributor.editorMeier, Michael
dc.contributor.editorWitt, Bernhard C.
dc.contributor.editorReinhardt, Delphine
dc.date.accessioned2018-03-22T12:40:43Z
dc.date.available2018-03-22T12:40:43Z
dc.date.issued2018
dc.description.abstractAn SDN controller is a core component of the SDN architecture. It is responsible for managing an underlying network while allowing SDN applications to program it as required. Because of this central role, compromising such an SDN controller is of high interest for an attacker. A recently published SDN rootkit has demonstrated, for example, that a malicious SDN application is able to manipulate an entire network while hiding corresponding malicious actions. However, the facts that this attack targeted an open source SDN controller and applied a specific way to subvert this system leaves important questions unanswered: How easy is it to attack closed source SDN controllers in the same way? Can we concentrate on the already presented technique or do we need to consider other attack vectors as well to protect SDN controllers? In this paper, we elaborate on these research questions and present two new SDN rootkits, both targeting a closed source SDN controller. Similar to previous work, the first one is based on Java reflection. In contrast to known reflection abuses, however, we must develop new techniques as the existing ones can only be adopted in parts. Additionally, we demonstrate by a second SDN rootkit that an attacker is by no means limited to reflection-based attacks. In particular, we abuse aspect-oriented programming capabilities to manipulate core functions of the targeted system. To tackle the security issues raised in this case study, we discuss several countermeasures and give concrete suggestions to improve SDN controller security.en
dc.identifier.doi10.18420/sicherheit2018_07
dc.identifier.isbn978-3-88579-675-6
dc.identifier.pissn1617-5468
dc.identifier.urihttps://dl.gi.de/handle/20.500.12116/16297
dc.language.isoen
dc.publisherGesellschaft für Informatik e.V.
dc.relation.ispartofSICHERHEIT 2018
dc.relation.ispartofseriesLecture Notes in Informatics (LNI) - Proceedings, Volume P-281
dc.subjectSoftware-defined networking
dc.subjectSDN controller security
dc.subjectSDN rootkits
dc.titleSDN Ro2tkits: A Case Study of Subverting A Closed Source SDN Controlleren
dc.typeText/Conference Paper
gi.citation.endPage106
gi.citation.publisherPlaceBonn
gi.citation.startPage95
gi.conference.date25.-27. April 2018
gi.conference.locationKonstanz, Germany
gi.conference.sessiontitleWissenschaftliche Beiträge

Dateien

Originalbündel
1 - 1 von 1
Lade...
Vorschaubild
Name:
sicherheit2018-07.pdf
Größe:
363.56 KB
Format:
Adobe Portable Document Format