Alleviating eavesdropping attacks in software-defined networking data plane

Ahmad Aseeri, Nuttapong Netjinda, Rattikorn Hewett

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

9 Scopus citations

Abstract

Software-Defined Networking (SDN) is an emerging paradigm that introduces a concept of programmable networks to enhance the agility in networking management. By separating concerns of the data plane and the control plane, implementing network switching as packet forwarding, and using centralized software to logically control the entire networks, SDN makes it simpler to automate and configure the network to respond to high-level policy enforcement and dynamically changing network conditions. As SDN becomes more prevalent, its security issues are increasingly critical. Eavesdropping attacks are one of the most common and important network attacks because they are relatively easy to implement and their effects can escalate to more severe attacks. This paper addresses the issue of how to cope with eavesdropping attacks in the SDN data plane by using multiple routing paths to reduce the severity of data leakage. While this existing approach appears to be considerably effective, our simple analysis uncovers that without a proper strategy of data communication, it can still lead to 100% of data exposure. The paper describes a remedy along with illustrations both analytically and experimentally. The results show that our proposed remedy can avoid such catastrophe and further reduces the percentage of risk from data exposure approximately by a factor of 1/n where n is the number of alternate disjoint paths.

Original languageEnglish
Title of host publicationProceedings of the 12th Annual Cyber and Information Security Research Conference, CISRC 2017
PublisherAssociation for Computing Machinery
ISBN (Electronic)9781450348553
DOIs
StatePublished - Apr 4 2017
Event12th Annual Cyber and Information Security Research Conference, CISRC 2017 - Oak Ridge, United States
Duration: Apr 4 2017Apr 6 2017

Publication series

NameACM International Conference Proceeding Series

Conference

Conference12th Annual Cyber and Information Security Research Conference, CISRC 2017
Country/TerritoryUnited States
CityOak Ridge
Period04/4/1704/6/17

Keywords

  • Anti-Eavesdropping
  • Multipath routing
  • OpenFlow
  • SDN

Fingerprint

Dive into the research topics of 'Alleviating eavesdropping attacks in software-defined networking data plane'. Together they form a unique fingerprint.

Cite this