ATTAIN: An Attack Injection Framework for Software-Defined Networking

Benjamin E. Ujcich, Uttam Thakore, William H. Sanders

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Software-defined networking (SDN) has recently attracted interest as a way to provide cyber resiliency because of its programmable and logically centralized nature. However, the security of the SDN architecture itself against malicious attacks is not well understood and must be ensured in order to provide cyber resiliency to systems that use SDNs. In this paper, we present ATTAIN, an attack injection framework for OpenFlow-based SDN architectures. First, we define an attack model that relates system components to an attacker's capability to influence control plane behavior. Second, we define an attack language for writing control plane attacks that can be used to evaluate SDN implementations. Third, we describe an attack injector architecture that actuates attacks in networks. Finally, we evaluate our framework with an enterprise network case study by writing and running attacks with popular SDN controllers.

Original languageEnglish (US)
Title of host publicationProceedings - 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2017
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages567-578
Number of pages12
ISBN (Electronic)9781538605417
DOIs
StatePublished - Aug 30 2017
Externally publishedYes
Event47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2017 - Denver, United States
Duration: Jun 26 2017Jun 29 2017

Publication series

NameProceedings - 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2017

Other

Other47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2017
CountryUnited States
CityDenver
Period6/26/176/29/17

Keywords

  • OpenFlow
  • SDN
  • attack injection
  • attack language
  • attack model
  • dependability
  • fault injection
  • security
  • software testing
  • software-defined networking

ASJC Scopus subject areas

  • Hardware and Architecture
  • Computer Networks and Communications
  • Safety, Risk, Reliability and Quality

Fingerprint Dive into the research topics of 'ATTAIN: An Attack Injection Framework for Software-Defined Networking'. Together they form a unique fingerprint.

  • Cite this

    Ujcich, B. E., Thakore, U., & Sanders, W. H. (2017). ATTAIN: An Attack Injection Framework for Software-Defined Networking. In Proceedings - 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2017 (pp. 567-578). [8023155] (Proceedings - 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2017). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/DSN.2017.59