malicious code and access control in sdn
play

Malicious Code and Access Control in SDN SPRING14 , 31.7. 1.8.2014 - PowerPoint PPT Presentation

Malicious Code and Access Control in SDN SPRING14 , 31.7. 1.8.2014 Hans Christian Rpke Chair for System Security 1 Introduction 2 Malicious Code in SDN 3 Access Control in SDN 4 Conclusions Software-Defined Networks|Horst Grtz


  1. Malicious Code and Access Control in SDN SPRING’14 , 31.7. – 1.8.2014 Hans Christian Röpke Chair for System Security

  2. 1 Introduction 2 Malicious Code in SDN 3 Access Control in SDN 4 Conclusions Software-Defined Networks|Horst Görtz Institute for IT-Security|SPRING’14|31.7. – 1.8.2014 2/19

  3. Computer Market Evolution Appl. Specialized Applications Open Interface Specialized Operation Systems Open Interface Specialized Hardware • Closed, proprietary • Open interfaces • Slow innovation • Rapid innovation • Small industry • Huge industry ∗ McKeown et al., ONS’11 Software-Defined Networks|Horst Görtz Institute for IT-Security|SPRING’14|31.7. – 1.8.2014 3/19

  4. Networks Today Specialized Features Specialized Control Systems Open Interface Specialized Hardware • Closed, proprietary • Open interfaces • Slow innovation ∗ McKeown et al., ONS’11 Software-Defined Networks|Horst Görtz Institute for IT-Security|SPRING’14|31.7. – 1.8.2014 4/19

  5. Network Market Evolution Appl. Specialized Features Open Interface Specialized Control ? Systems Open Interface Specialized Hardware • Open interfaces • Closed, proprietary • Rapid innovation (?) • Slow innovation ∗ McKeown et al., ONS’11 Software-Defined Networks|Horst Görtz Institute for IT-Security|SPRING’14|31.7. – 1.8.2014 5/19

  6. What is Software-Defined Networking? Definition SDN : = Decoupling network control features from forwarding hardware. Appl. Appl. Appl. Appl. Appl. Spec. Features Spec. Control Northbound API Systems Spec. Spec. HW Network OS Spec. Features Spec. Control Features Spec. Control Southbound API Systems Systems Spec. HW Open Spec. HW Interface Open Open Interface Interface Software-Defined Networks|Horst Görtz Institute for IT-Security|SPRING’14|31.7. – 1.8.2014 6/19

  7. SDN @ Google � Backbone performance � Fault tolerance � Operation costs ∗ Hölzle, ONS’12 Software-Defined Networks|Horst Görtz Institute for IT-Security|SPRING’14|31.7. – 1.8.2014 7/19

  8. Example Appl. SDN controller packet Flow table ? Software-Defined Networks|Horst Görtz Institute for IT-Security|SPRING’14|31.7. – 1.8.2014 8/19

  9. Example Appl. SDN controller Flow packet rule packet packet Flow table ? Flow rule Software-Defined Networks|Horst Görtz Institute for IT-Security|SPRING’14|31.7. – 1.8.2014 9/19

  10. SDN Layers Application Layer Network intelligence Appl. Global network view SDN controller Control Layer Complexity hiding Switch programming Flow packet rule Switch Infrastructure Packet forwarding packet packet Flow table ? Flow rule Software-Defined Networks|Horst Görtz Institute for IT-Security|SPRING’14|31.7. – 1.8.2014 10/19

  11. Most Common Implementation SDN SDN Appl. Appl. Common OS Standard PC HW SDN SDN Appl. Appl. SDN SDN Appl. Appl. Other Processes SDN Controller Process Common OS Standard PC Hardware OpenFlow-enabled Switch Network Software-Defined Networks|Horst Görtz Institute for IT-Security|SPRING’14|31.7. – 1.8.2014 11/19

  12. Module vs. REST Applications SDN SDN Appl. Appl. Common OS Standard PC HW SDN SDN REST Applications Appl. Appl. SDN SDN Module Applications Appl. Appl. Other Processes SDN Controller Process Common OS Standard PC Hardware OpenFlow-enabled Switch Network Software-Defined Networks|Horst Görtz Institute for IT-Security|SPRING’14|31.7. – 1.8.2014 12/19

  13. Network-level vs. System-level • Network-level • Main purpose • Forwarding decisions • Flow rules • System-level • Rather a side effect • Negligible for SDN • But significant with respect to security ∗ Canini et al., NSDI’13 Software-Defined Networks|Horst Görtz Institute for IT-Security|SPRING’14|31.7. – 1.8.2014 13/19

  14. Malicious SDN Applications SDN SDN Appl. Appl. Other Processes SDN Controller Process Common OS Standard PC Hardware OpenFlow-enabled Switch Network • Module applications • Consequences on system-level Software-Defined Networks|Horst Görtz Institute for IT-Security|SPRING’14|31.7. – 1.8.2014 14/19

  15. Experiments • Malicious SDN module application samples • Denial-of-service attack • Arbitrary code execution • Remote control / backdoor • Examined SDN controllers (popular & state-of-the-art) • Beacon • Floodlight • OpenDaylight • HP VAN • Results • SDN controller shutdown • Malware execution • Remote control of SDN controllers ( → of entire networks) Software-Defined Networks|Horst Görtz Institute for IT-Security|SPRING’14|31.7. – 1.8.2014 15/19

  16. Security Tool • Idea • Put SDN module applications into a sandbox • Control access to sensitive operations • Design Default rules Security SDN appl. A rule set rule set SDN appl. B rule set Access Sensitive ? operations Control Code SDN Appl. Execution Non-sensitive operations • Contribution: Effective attack prevention Software-Defined Networks|Horst Görtz Institute for IT-Security|SPRING’14|31.7. – 1.8.2014 16/19

  17. Access Control in SDN • Security tool limitations • Unknown sensitive operations in use • Manual configuration • Idea: Access control framework • Enable developers to define permissions • Enable network operators to review permission requests • Enforce network operations to decide on permission requests (before the start of a certain SDN application) • Activate security rules automatically according to decisions • Support network operators in case of unavailable permission requests • Contributions • Provide access control mechanism for SDN controllers • Protect SDN controller on system-level Software-Defined Networks|Horst Görtz Institute for IT-Security|SPRING’14|31.7. – 1.8.2014 17/19

  18. Conclusions • SDN may change the network market drastically • SDN promises rapid innovation through third-party software • Third-party software must not be malicious-free • Malicious SDN applications harm entire networks • SDN security is essential for the SDN success • We provide building blocks for system-level SDN security • Security analysis • Security tool • Access control mechanism Software-Defined Networks|Horst Görtz Institute for IT-Security|SPRING’14|31.7. – 1.8.2014 18/19

  19. Many thanks for your attention! Questions? Contact Hans Christian Röpke christian.roepke@rub.de Chair for System Security

Recommend


More recommend