Field-based Security Testing of SDN configuration Updates

TL;DR

This paper introduces FISTS, a novel security testing approach for SDN configuration updates in satellite networks, using network probing and machine learning to detect security issues effectively.

Contribution

The paper presents FISTS, a new method combining network probing and unsupervised machine learning to verify security during SDN configuration changes, especially in satellite communication.

Findings

FISTS achieves up to 0.95 precision and 1.00 recall in detecting security issues.

The approach is scalable and effective on real and simulated SDN data.

FISTS improves security verification for SDN reconfigurations in satellite networks.

Abstract

Software-defined systems revolutionized the management of hardware devices but introduced quality assurance challenges that remain to be tackled. For example, software defined networks (SDNs) became a key technology for the prompt reconfigurations of network services in many sectors including telecommunications, data centers, financial services, cloud providers, and manufacturing industry. Unfortunately, reconfigurations may lead to mistakes that compromise the dependability of the provided services. In this paper, we focus on the reconfigurations of network services in the satellite communication sector, and target security requirements, which are often hard to verify; for example, although connectivity may function properly, confidentiality may be broken by packets forwarded to a wrong destination. We propose an approach for FIeld-based Security Testing of SDN Configurations Updates (FISTS). First, it probes the network before and after configuration updates. Then, using the collected data, it relies on unsupervised machine learning algorithms to prioritize the inspection of suspicious node responses, after identifying the network nodes that likely match across the two configurations. Our empirical evaluation has been conducted with network data from simulated and real SDN configuration updates for our industry partner, a world-leading satellite operator. Our results show that, when combined with K-Nearest Neighbour, FISTS leads to best results (up to 0.95 precision and 1.00 recall). Further, we demonstrated its scalability.