Exploiting pitfalls in software-defined networking implementation
2016 International Conference On Cyber Security And Protection Of Digital Services (Cyber Security)(2016)
Abstract
The centralised control provided by Software- Defined Networking allows an increase in network security as all traffic can be vetted before leaving the attachment switch. Nevertheless, as in any complex system, there are implementation and policy compromises which lead to security vulnerabilities. This paper exploits such vulnerabilities to implement a suite of attacks, consisting of Address Resolution Protocol (ARP) cache poisoning, Man in the Middle, a firewall and access control bypassing port scan called a Phantom Host Scan, and a Distributed Denial of Service attack called a Phantom Storm which induces the participation of legitimate hosts. These attacks were successfully implemented in a Floodlight controlled network.
MoreTranslated text
Key words
software defined networking implementation,centralised control,network security,security vulnerabilities,address resolution protocol,ARP cache poisoning,phantom host scan,distributed denial of service,floodlight controlled network,phantom storm,distributed denial of service attack
AI Read Science
Must-Reading Tree
Example
Generate MRT to find the research sequence of this paper
Chat Paper
Summary is being generated by the instructions you defined