Field Manipulation Attacks Based on Sniffing Techniques

Jianfeng XU; Fangtao ZHANG; Zhen XU; Liming WANG

doi:10.11999/JEIT191047

Volume 42 Issue 10

Oct. 2020

Turn off MathJax

Article Contents

Article Navigation > Journal of Electronics & Information Technology > 2020 > 42(10): 2342-2349

Jianfeng XU, Fangtao ZHANG, Zhen XU, Liming WANG. Field Manipulation Attacks Based on Sniffing Techniques[J]. Journal of Electronics & Information Technology, 2020, 42(10): 2342-2349. doi: 10.11999/JEIT191047

Citation:

Jianfeng XU, Fangtao ZHANG, Zhen XU, Liming WANG. Field Manipulation Attacks Based on Sniffing Techniques[J]. Journal of Electronics & Information Technology, 2020, 42(10): 2342-2349. doi: 10.11999/JEIT191047

Citation:

PDF( 1802 KB)

Field Manipulation Attacks Based on Sniffing Techniques

doi: 10.11999/JEIT191047

Jianfeng XU^{1, 2},
Fangtao ZHANG¹,
Zhen XU^{1
,
,},
Liming WANG¹

1.
Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China
2.
School of Cyber Security, University of Chinese Academy of Sciences, Beijing 100049, China

Funds: Beijing Municipal Science and Technology Project (Z181100002718003)

Received Date: 2019-12-30
Rev Recd Date: 2020-07-23

Available Online: 2020-07-28

Publish Date: 2020-10-13

Abstract

Abstract

The flexibility, manageability, and programmability brought by Software-Defined Networking (SDN), however come at the cost of new attack vectors. Malicious manipulation attacks against the key fields in OpenFlow is proposed, and three sniffing technologies based on forwarding delay to ensure the feasibility of manipulation attacks are designed. The experimental results show that the field manipulation attacks consume SDN resources greatly, leading to a significant decrease in the communication performance between legitimate users.
- Software-Defined Networking (SDN),
- OpenFlow,
- Field manipulation attack,
- Sniffing

FullText(HTML)

References(18)

References

MCKEOWN N, ANDERSON T, BALAKRISHNAN H, et al. OpenFlow: Enabling innovation in campus networks[J]. ACM SIGCOMM Computer Communication Review, 2008, 38(2): 69–74. doi: 10.1145/1355734.1355746

ZENG Yue, GUO Songtao, and LIU Guiyan. Comprehensive link sharing avoidance and switch aggregation for software-defined data center networks[J]. Future Generation Computer Systems, 2019, 91: 25–36. doi: 10.1016/j.future.2018.08.034

WANG Haopei, SRIVASTAVA A, XU Lei, et al. Bring your own controller: Enabling tenant-deﬁned SDN apps in IaaS clouds[C]. IEEE Conference on Computer Communications, Atlanta, USA, 2017: 1–9. doi: 10.1109/INFOCOM.2017.8057137.

SAHAY R, MENG Weizhi, ESTAY D A S, et al. CyberShip-IoT: A dynamic and adaptive SDN-based security policy enforcement framework for ships[J]. Future Generation Computer Systems, 2019, 100: 736–750. doi: 10.1016/j.future.2019.05.049

ZHENG Jing, LI Qi, GU Guofei, et al. Realtime DDoS defense using COTS SDN switches via adaptive correlation analysis[J]. IEEE Transactions on Information Forensics and Security, 2018, 13(7): 1838–1853. doi: 10.1109/TIFS.2018.2805600

姚琳元, 董平, 张宏科. 基于对象特征的软件定义网络分布式拒绝服务攻击检测方法[J]. 电子与信息学报, 2017, 39(2): 381–388. doi: 10.11999/JEIT160370

YAO Linyuan, DONG Ping, and ZHANG Hongke. Distributed denial of service attack detection based on object character in software defined network[J]. Journal of Electronics &Information Technology, 2017, 39(2): 381–388. doi: 10.11999/JEIT160370

武泽慧, 魏强, 任开磊, 等. 基于OpenFlow交换机洗牌的DDoS攻击动态防御方法[J]. 电子与信息学报, 2017, 39(2): 397–404. doi: 10.11999/JEIT160449

WU Zehui, WEI Qiang, REN Kailei, et al. Dynamic defense for DDoS attack using OpenFlow-based switch shuffling approach[J]. Journal of Electronics &Information Technology, 2017, 39(2): 397–404. doi: 10.11999/JEIT160449

DENG Shuhua, GAO Xing, LU Zebin, et al. DoS vulnerabilities and mitigation strategies in software-defined networks[J]. Journal of Network and Computer Applications, 2019, 125: 209–219. doi: 10.1016/j.jnca.2018.10.011

SKOWYRA R, XU Lei, GU Guofei, et al. Effective topology tampering attacks and defenses in software-defined networks[C]. The 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, Luxembourg City, 2018: 374–385. doi: 10.1109/dsn.2018.00047.

LI Qi, ZOU Xiaoyue, HUANG Qun, et al. Dynamic packet forwarding verification in SDN[J]. IEEE Transactions on Dependable and Secure Computing, 2019, 16(6): 915–929. doi: 10.1109/TDSC.2018.2810880

CAO Jiahao, LI Qi, XIE Renjie, et al. The crosspath attack: Disrupting the SDN control channel via shared links[C]. The 28th USENIX Conference on Security Symposium, Berkeley, USA, 2019: 19–36.

SHIN S and GU Guofei. Attacking software-defined networks: A first feasibility study[C]. The 2nd ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, Hong Kong, China, 2013: 165–166. doi: 10.1145/2491185.2491220.

CAO Jiahao, XU Mingwei, LI Qi, et al. Disrupting sdn via the data plane: A low-rate flow table overflow attack[C]. The 13th International Conference on Security and Privacy in Communication Networks, Niagara Falls, Canada, 2017: 356–376. doi: 10.1007/978-3-319-78813-5_18.

JAIN S, KUMAR A, MANDAL S, et al. B4: Experience with a globally-deployed software defined wan[J]. ACM SIGCOMM Computer Communication Review, 2013, 43(4): 3–14. doi: 10.1145/2486001.2486019

Open Networking Foundation. OpenFlow switch specification 1.5. 1[EB/OL]. https://www.opennetworking.org/software-defined-standards/specifications/, 2019.

ZHANG Mengtao, LI Guanyu, XU Lei, et al. Control plane reflection attacks in SDNs: New attacks and countermeasures[C]. The 21st International Symposium on Research in Attacks, Intrusions, and Defenses, Heraklion, Greece, 2018: 161–183. doi: 10.1007/978-3-030-00470-5_8.

XU Hongli, YU Zhuolong, QIAN Chen, et al. Minimizing flow statistics collection cost of SDN using wildcard requests[C]. IEEE Conference on Computer Communications, Atlanta, USA, 2017: 1–9. doi: 10.1109/INFOCOM.2017.8056992.

ZHU Huikang, FAN Hongbo, LUO Xuan, et al. Intelligent timeout master: Dynamic timeout for SDN-based data centers[C]. The 13th International Symposium on Integrated Network Management, Ottawa, Canada, 2015: 734–737. doi: 10.1109/INM.2015.7140363.

Relative Articles

Supplements(0)

Cited By

Proportional views