T Dargahi
A survey on the security of stateful SDN data planes
Dargahi, T; Caponi, A; Ambrosin, M; Bianchi, G; Conti, M
Authors
A Caponi
M Ambrosin
G Bianchi
M Conti
Abstract
Software-Defined Networking (SDN) emerged as an
attempt to introduce network innovations faster, and to radically simplify and automate the management of large networks. SDN traditionally leverages OpenFlow as device-level abstraction. Since OpenFlow permits the programmer to “just” abstract a static flow-table, any stateful control and processing intelligence is necessarily delegated to the network controller. Motivated by the latency and signaling overhead that comes along with such a two-tiered SDN programming model, in the last couple of years several works have proposed innovative switch-level (data plane) programming abstractions capable to deploy some
smartness directly inside the network switches, e.g., in the
form of localized stateful flow processing. Furthermore, the
possible inclusion of states and state maintenance primitives inside the switches is currently being debated in the OpenFlow standardization community itself. In this paper, after having provided the reader with a background on such emerging stateful SDN data plane proposals, we focus our attention on the security implications that data plane programmability brings about. Also via the identification of potential attack scenarios, we specifically
highlight possible vulnerabilities specific to stateful in-switch
processing (including denial of service and saturation attacks), which we believe should be carefully taken into consideration in the ongoing design of current and future proposals for stateful SDN data planes.
Citation
Dargahi, T., Caponi, A., Ambrosin, M., Bianchi, G., & Conti, M. (2017). A survey on the security of stateful SDN data planes. Communications Surveys and Tutorials, IEEE Communications Society, 19(3), 1701-1725. https://doi.org/10.1109/COMST.2017.2689819
Journal Article Type | Article |
---|---|
Online Publication Date | Mar 30, 2017 |
Publication Date | Mar 30, 2017 |
Deposit Date | May 20, 2019 |
Journal | IEEE Communications Surveys & Tutorials |
Publisher | Institute of Electrical and Electronics Engineers |
Volume | 19 |
Issue | 3 |
Pages | 1701-1725 |
DOI | https://doi.org/10.1109/COMST.2017.2689819 |
Publisher URL | https://doi.org/10.1109/COMST.2017.2689819 |
Related Public URLs | https://ieeexplore.ieee.org/xpl/RecentIssue.jsp?punumber=9739 |
Downloadable Citations
About USIR
Administrator e-mail: library-research@salford.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2024
Advanced Search