Fingerprinting OpenFlow controllers: The first step to attack an SDN control plane
Abdelhadi Azzouni, Othmen Braham, Nguyen Thi Mai Trang, Guy Pujolle,, and Raouf Boutaba
TL;DR
This paper demonstrates that it is feasible for an attacker in the data plane to identify the specific OpenFlow SDN controller managing a network, highlighting security vulnerabilities in SDN control planes.
Contribution
First to propose techniques for fingerprinting OpenFlow SDN controllers from the data plane, emphasizing the need for enhanced controller security.
Findings
Attacker can successfully identify the controller managing the network.
Fingerprinting techniques are effective across various OpenFlow implementations.
Highlights security risks in current SDN deployments.
Abstract
Software-Defined Networking (SDN) controllers are considered as Network Operating Systems (NOSs) and often viewed as a single point of failure. Detecting which SDN controller is managing a target network is a big step for an attacker to launch specific/effective attacks against it. In this paper, we demonstrate the feasibility of fingerpirinting SDN controllers. We propose techniques allowing an attacker placed in the data plane, which is supposed to be physically separate from the control plane, to detect which controller is managing the network. To the best of our knowledge, this is the first work on fingerprinting SDN controllers, with as primary goal to emphasize the necessity to highly secure the controller. We focus on OpenFlow-based SDN networks since OpenFlow is currently the most deployed SDN technology by hardware and software vendors.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.