Inferring Flow Table State through Active Fingerprinting in SDN Environments: A Practical Approach

Marcin Gregorczyk; Wojciech Mazurczyk

doi:10.5220/0010573905760586

Inferring Flow Table State through Active Fingerprinting in SDN Environments: A Practical Approach

Marcin Gregorczyk, Wojciech Mazurczyk

2021

Abstract

Software-Defined Networking (SDN) is currently a popular and heavily investigated concept, e.g., in cloud computing. Despite its obvious benefits, the decoupling of the control and data planes brings new security risks. One of the major threats is overflow attack, which can lead to network instability. To perform it in an efficient manner, an attacker needs to infer the flow table state, and for this purpose, typically fingerprinting techniques are utilized. In this paper, first, we prove that the previously proposed fingerprinting method exhibits major limitations. Then, building upon the existing solution, we propose an improved attack technique which is able to predict the flow table state with more than 99% prediction accuracy. Moreover, our solution has additional advantages over state-of-the-art solutions, i.e., it is adaptive and robust, thus it is suitable for real-world applications. Finally, we also discuss potential countermeasures that can be used to thwart such threats.

Download

Paper Citation

in Harvard Style

Gregorczyk M. and Mazurczyk W. (2021). Inferring Flow Table State through Active Fingerprinting in SDN Environments: A Practical Approach. In Proceedings of the 18th International Conference on Security and Cryptography - Volume 1: SECRYPT, ISBN 978-989-758-524-1, pages 576-586. DOI: 10.5220/0010573905760586

in Bibtex Style

@conference{secrypt21,
author={Marcin Gregorczyk and Wojciech Mazurczyk},
title={Inferring Flow Table State through Active Fingerprinting in SDN Environments: A Practical Approach},
booktitle={Proceedings of the 18th International Conference on Security and Cryptography - Volume 1: SECRYPT,},
year={2021},
pages={576-586},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0010573905760586},
isbn={978-989-758-524-1},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 18th International Conference on Security and Cryptography - Volume 1: SECRYPT,
TI - Inferring Flow Table State through Active Fingerprinting in SDN Environments: A Practical Approach
SN - 978-989-758-524-1
AU - Gregorczyk M.
AU - Mazurczyk W.
PY - 2021
SP - 576
EP - 586
DO - 10.5220/0010573905760586