performance and security evaluation of sdn networks in
play

Performance and Security Evaluation of SDN Networks in OMNeT++/INET - PowerPoint PPT Presentation

Dec 06, 2023 •147 likes •386 views

Performance and Security Evaluation of SDN Networks in OMNeT++/INET Marco Tiloca, Alexandra Stagkopoulou, Gianluca Dini Software Defined Networking - Overview Key concepts Separation of Control plane and Data plane Centralized SDN

  1. Performance and Security Evaluation of SDN Networks in OMNeT++/INET Marco Tiloca, Alexandra Stagkopoulou, Gianluca Dini

  2. Software Defined Networking - Overview Key concepts • Separation of Control plane and Data plane – Centralized SDN controller and simple Switches – Control plane • Management of routes and network traffic – Establishment of routes and flows – Data plane • Forwarding of network packets – Based on flows and packet-matching rules – OpenFlow as de-facto standard • Control messages and APIs for controllers and switches – Interoperability among different platforms and vendors – 15 September 2016, Brno OMNeT++ Summit 2016 2

  3. Software Defined Networking - Overview 15 September 2016, Brno OMNeT++ Summit 2016 3

  4. Need for evaluation tools Quantitative assessment of SDN systems • At design time (before deployment!) – Avoid practically infeasible analytical models – Network and communication performance • Typical performance indicators (throughput, delay, …) – Traffic models and quality of service – SDN-based monitoring systems • Specialized applications running on the SDN controller – Anomaly detection and enforcement of mitigation policies – Evaluate accuracy, reactiveness and effectiveness – Cyber/physical security attacks • Effects and impact on the network and applications – Attack ranking based on effect severity – 15 September 2016, Brno OMNeT++ Summit 2016 4

  5. Our simulation tool Goal: design a simulation tool for SDN network • Enable quantitative evaluation of performance and security – Intended for network designers and researchers – Built on top of INET/OMNeT++ • Support for SDN units and OpenFlow – Support for evaluation of cyber/physical attacks – Work in progress – Source code available at [1] – This tool does NOT: • Discover new attacks and vulnerabilities – Evaluate feasibility and success rate of security attacks – [1] https://github.com/marco-tiloca-sics/INET_SDN_dev 15 September 2016, Brno OMNeT++ Summit 2016 5

  6. INET support for SDN Some software modules previously developed [2] • Basic SDN Controller and switch nodes – Basic OpenFlow messages (exchange and processing) – Basic packet-matching with installed flows (based on MAC address only) – We have further added • OpenFlow messages for flow management and update – OpenFlow messages for statistic collection (basic OpenFlow method) – Arbitrary complex packet-matching with installed flows – Future extensions • Advanced methods for statistic collection (e.g. sFlow ) – Modules supporting well-known Controller applications – [2] D. Klein and M. Jarschel, An OpenFlow extension for the OMNeT++ INET framework ”, 6th International ICST Conference on Simulation Tools and Techniques (SimuTools ’ 13), pp. 322 – 329, March 2013 15 September 2016, Brno OMNeT++ Summit 2016 6

  7. SDN controller Host running specific SDN services • Controller application • Flow establishment – Installation /update of flows on switches – Statistic collection from switches – Enforcement of traffic policies – … – Monitoring system • Yet another dedicated application – Traffic monitoring and anomaly detection – SDN controller node Anomaly mitigation and neutralization – (more details soon…) – 15 September 2016, Brno OMNeT++ Summit 2016 7

  8. SDN switch Control plane Data plane • • Traditional-host stack Collection of minimal stacks – – Interaction with the SDN controller Packet matching and forwarding – – Switch node 15 September 2016, Brno OMNeT++ Summit 2016 8

  9. SDN-based monitoring systems Step 1 – Statistic collection from switches • Basic OpenFlow method based on polling interval – Alternative fine-grained methods e.g. sFlow (future work) – Step 2 – Statistic analysis • Dedicated application on the SDN controller – Detection of anomalous traffic distribution (e.g. entropy-based) – Detection of anomalous traffic volumes to/from network nodes – Step 3 – Anomaly mitigation • Flow installation/update on switches – Isolation of anomalous/malevolent traffic – Basic methods implemented as a proof-of-concept • 15 September 2016, Brno OMNeT++ Summit 2016 9

  10. Evaluation of security attacks Attack effects are simulated • Attacks are assumed to be successfully performed – There is no reproduction of their actual execution – Only final effects are reproduced at runtime – Quantitative evaluation • Assess effects and impact on networks and applications – Observe changes in performance indicators – Consider an attack-free case as comparative baseline – Core concepts first introduced in [3] • Attack Specification Language and Attack Simulation Engine – Current adaptation to SDN architectures and scenarios – Enable attacks where switches are victims or exploited units – [3] M. Tiloca, F. Racciatti and G. Dini, Simulative Evaluation of Se-curity Attacks in Networked Critical Infrastructures , The 2nd International Workshop on Reliability and Security Aspects for Critical Infrastructure Protection (ReSA4CI), Lecture Notes in Computer Science LNCS 9338. Springer, pp. 314 – 323, September 2015 15 September 2016, Brno OMNeT++ Summit 2016 10

  11. Core concept #1 - Attack Specification Language The user describes attacks to be evaluated • Attacks are described in terms of their final effects – No need to describe how attacks are actually executed – Attack format • List of atomic events to be injected at runtime – Events modeled by high-level primitive functions – Node primitives • Intended for physical attacks – End targets are network nodes – Message primitives • Intended for cyber attacks – End targets are network packets – 15 September 2016, Brno OMNeT++ Summit 2016 11

  12. Core concept #1 - Attack Specification Language Node primitives Physical attacks • One node primitive each – destroy() move() Message primitives Cyber attacks • List of message primitives drop() create() – Packet fields addressed by a dot notation clone() retrieve() – Either conditional or unconditional change() send() put() – from T nodes = <list of nodes> do { Conditional cyber attacks • filter (<condition>) <list of events> Occur if a condition is verified as true – } Unconditional cyber attacks from T every P do { • <list of events> Occur periodically, from a specified time – } 15 September 2016, Brno OMNeT++ Summit 2016 12

  13. Core concept #2 - Attack Simulation Engine Additional INET modules • Global Event Processor – Local Event Processor (1 per network node) – Injection and processing of attack events at runtime – Local Event Processor • Gate by-pass between each pair of layers in the stack – Intercept, chance and inject packets at different layers – Transparent to the network nodes – Global Event Processor • Connected with all the Local Event Processors – Enable complex attacks involving more nodes (e.g. wormhole) – 15 September 2016, Brno OMNeT++ Summit 2016 13

  14. Core concept #2 - Attack Simulation Engine Adaptation to generic hosts and SDN Controllers 15 September 2016, Brno OMNeT++ Summit 2016 14

  15. Core concept #2 - Attack Simulation Engine Adaptation to SDN switches (work in progress) 15 September 2016, Brno OMNeT++ Summit 2016 15

  16. Reproduction of attack effects 1. The user: USER Describes the attacks with the specification language – Attack description Converts the description into XML (Python interpreter) – Runs a new simulation importing the XML attack file – 2. The Attack Simulation Engine: INET Parses the XML attack file – Injection of attack events Builds attack lists and starts attack timers – Injects the specified attack events at runtime – 3. Collection and analysis of results USER Attack-free scenario as comparison baseline – Analysis of results Attack ranking and selection of countermeasures – 15 September 2016, Brno OMNeT++ Summit 2016 16

  17. Reproduction of attack effects We have NOT: • Modified event scheduling/handling in INET – Modified applications or communication protocols – The user is NOT required to: • Implement actual adversaries and attack executions – Modify applications and communication protocols – Implement or customize INET components – The user considers as starting points: • The network scenario, applications and protocols – The applications and service running on the SDN controller – The security attacks to be evaluated – 15 September 2016, Brno OMNeT++ Summit 2016 17

  18. Example scenario Communication patterns • C1  S1 10 pkt/s – C2  S2 5 pkt/s – C3  S2 3.33 pkt/s – C4  S3 5 pkt/s – Flow management policies • Periodic expiration (every 30 s) – Periodic statistic collection – Privacy by design – Anomaly detection Denial of Service attack • • Entropy-based w/ fixed threshold Start at t = 90 s – – Bounded TX/RX rates per node C3 sends additional packets to S2 – – Attack injection rate R – 15 September 2016, Brno OMNeT++ Summit 2016 18

  19. Denial of Service - Results Different attack injection rates • The stronger the attack, the more packets received by the victim – Well-tuned monitoring system: attack always detected at t = 120 s – 15 September 2016, Brno OMNeT++ Summit 2016 19

Recommend

Performance Evaluation of Performance Evaluation of Security- -Aware Routing Protocols Aware

Performance Evaluation of Performance Evaluation of Security- -Aware Routing Protocols Aware

Performance Evaluation of Performance Evaluation of Security- -Aware Routing Protocols Aware Routing Protocols Security for Clustered Mobile Ad Hoc for Clustered Mobile Ad Hoc Networks Networks Gregory S. Yovanof - - Kerem Kerem Ericsi

1.16k views • 26 slides
The JMT Simulator for The JMT Simulator for Performance Evaluation of Performance Evaluation of

The JMT Simulator for The JMT Simulator for Performance Evaluation of Performance Evaluation of

Politecnico di Milano - DEI Milan, Italy The JMT Simulator for The JMT Simulator for Performance Evaluation of Performance Evaluation of Non-Product-Form Queueing Networks Non-Product-Form Queueing Networks Marco Bertoli, Giuliano Casale,

475 views • 32 slides
What is a performance evaluation? Performance Management v. Performance Evaluation Evaluation

What is a performance evaluation? Performance Management v. Performance Evaluation Evaluation

3/16/2015 Employee Performance Evaluations and Their Importance Presented by Summer Randall March 18, 2015 What is a performance evaluation? Performance Management v. Performance Evaluation Evaluation Management One time event Ongoing

175 views • 6 slides
Performance Evaluation and Improvement of Broadcasting Algorithms in Ad Hoc Networks Hao Zhang

Performance Evaluation and Improvement of Broadcasting Algorithms in Ad Hoc Networks Hao Zhang

Performance Evaluation and Improvement of Broadcasting Algorithms in Ad Hoc Networks Hao Zhang and Zhong Ping Jiang ECE Department Polytechnic University, New York 1 Ad Hoc Networks No base station, self-organized Energy and bandwidth

364 views • 21 slides
Performance Evaluation of 3G CDMA Networks with Antenna Arrays IEEE 4th Workshop on Applications

Performance Evaluation of 3G CDMA Networks with Antenna Arrays IEEE 4th Workshop on Applications

Jul. 2003 1 Performance Evaluation of 3G CDMA Networks with Antenna Arrays IEEE 4th Workshop on Applications and Services in Wireless Networks Dr. D. J. Shyy The MITRE Corporation Jin Yu and Dr. Yu-Dong Yao Stevens Institute of Technology

436 views • 22 slides
Njira DFAP Final Performance Njira DFAP Final Performance Evaluation Presentation Evaluation

Njira DFAP Final Performance Njira DFAP Final Performance Evaluation Presentation Evaluation

Njira DFAP Final Performance Njira DFAP Final Performance Evaluation Presentation Evaluation Presentation TANGO International Meet our Presenters Lori Du Trieuille, BHA Malawi Team Leader, USAID/ BHA Steve Sibande, Food Security Monitoring

417 views • 39 slides
IT Security Evaluation Why do we need security evaluation To provide a basis for specifying

IT Security Evaluation Why do we need security evaluation To provide a basis for specifying

IT Security Evaluation Why do we need security evaluation To provide a basis for specifying security expectations To verify that a computer product/system fulfills the requirements imposed on it To establish a metric for the degree

535 views • 19 slides
Title goes here Tools for Performance Evaluation Timing and performance evaluation has been

Title goes here Tools for Performance Evaluation Timing and performance evaluation has been

Title goes here Tools for Performance Evaluation Timing and performance evaluation has been an art Experiences and Lessons Learned Resolution of the clock with a Portable Interface to Issues about cache effects Hardware Performance

594 views • 5 slides
Evaluation of Amplification attacks in large-scale networks to improve detection performance

Evaluation of Amplification attacks in large-scale networks to improve detection performance

Chair of Network Architectures and Services Department of Informatics Technical University of Munich Evaluation of Amplification attacks in large-scale networks to improve detection performance Michael Kpferl Interdisciplinary Project Final

517 views • 49 slides
APPLYING BCMP MULTI-CLASS QUEUEING NETWORKS FOR THE PERFORMANCE EVALUATION OF HIERARCHICAL AND

APPLYING BCMP MULTI-CLASS QUEUEING NETWORKS FOR THE PERFORMANCE EVALUATION OF HIERARCHICAL AND

APPLYING BCMP MULTI-CLASS QUEUEING NETWORKS FOR THE PERFORMANCE EVALUATION OF HIERARCHICAL AND MODULAR SOFTWARE SYSTEMS Simonetta Balsamo Gian-Luca Dei Rossi Andrea Marin Dipartimento di Informatica Universit` a Ca Foscari, Venezia

298 views • 15 slides
Telematics 2 &amp; Performance Evaluation Chapter 4 Introduction to Performance Evaluation

Telematics 2 &amp; Performance Evaluation Chapter 4 Introduction to Performance Evaluation

Telematics 2 &amp; Performance Evaluation Chapter 4 Introduction to Performance Evaluation Telematics 2 / Performance Evaluation (WS 17/18): 04 PE Introduction 1 Overview q Goals of Performance Evaluation q Basic Notions: System and Model

317 views • 27 slides
A ns2-based simulation framework for performance evaluation of overlay networks Michele Amoretti

A ns2-based simulation framework for performance evaluation of overlay networks Michele Amoretti

A ns2-based simulation framework for performance evaluation of overlay networks Michele Amoretti Mauro Andreolini Francesco Zanichelli Riccardo Lancellotti Universit di Parma Universit di Modena e Reggio Emilia FIRB Web-Minds, Genova

623 views • 16 slides
Diffusion approximation as a tool in computer networks performance evaluation CNT 2500 Tadeusz

Diffusion approximation as a tool in computer networks performance evaluation CNT 2500 Tadeusz

Diffusion approximation as a tool in computer networks performance evaluation CNT 2500 Tadeusz Czachrski tadek@iitis.pl https://www.iitis.pl/en/person/tczachorski Institute of Theoretical and Applied Informatics of Polish Academy of

880 views • 54 slides
Discrete-Event Simulation and Performance Evaluation 01204525 Wireless Sensor Networks and

Discrete-Event Simulation and Performance Evaluation 01204525 Wireless Sensor Networks and

Discrete-Event Simulation and Performance Evaluation 01204525 Wireless Sensor Networks and Internet of Things Chaiporn Ja Jaikaeo (c (chaiporn.j@ku.ac.th) Department of f Computer Engineering Kasetsart University Materials taken from

988 views • 25 slides
Why do we need security evaluation To provide a basis for specifying security expectations

Why do we need security evaluation To provide a basis for specifying security expectations

Why do we need security evaluation To provide a basis for specifying security expectations IT Security Evaluation To verify that a computer product/system fulfills the requirements imposed on it To establish a metric for the degree

70 views • 4 slides
End to End Delay Performance Evaluation for VoIP in the LTE Network Dai, Hongxin

End to End Delay Performance Evaluation for VoIP in the LTE Network Dai, Hongxin

ENSC 427 COMMUNICATION NETWORKS SPRING 2013 Final Project Presentation End to End Delay Performance Evaluation for VoIP in the LTE Network Dai, Hongxin danield @ sfu.ca Ishita, Farah fishita @ sfu.ca Lo, Hao Hua

530 views • 24 slides
4. Performance Analysis of Parallel Programs 4.1 Performance Evaluation of Computer User

4. Performance Analysis of Parallel Programs 4.1 Performance Evaluation of Computer User

4. Performance Analysis of Parallel Programs 4.1 Performance Evaluation of Computer User criteria: - Small response times Computing center criteria: - High throughputs 4.1.1 Evaluation of CPU Performance 4.1.1 Evaluation of CPU Performance

478 views • 24 slides
Company Introduction Improving the security and performance of your data centres, networks and

Company Introduction Improving the security and performance of your data centres, networks and

SOLUTIONS &amp; SUPPORT PROFESSIONAL &amp; MANAGED SERVICES Company Introduction Improving the security and performance of your data centres, networks and applications Network Data Cyber Application Network Test www.phoenixdatacom.com

476 views • 10 slides
Performance Evaluation of an Optical Packet Scheduling Switch Kyriakos Vlachos, Kyriaki

Performance Evaluation of an Optical Packet Scheduling Switch Kyriakos Vlachos, Kyriaki

Research Academic Computer Technology Institute Communication Networks Laboratory Performance Evaluation of an Optical Packet Scheduling Switch Kyriakos Vlachos, Kyriaki Seklou, Emmanuel Varvarigos Communication Networks Laboratory

182 views • 16 slides
Performance Evaluation in LTE Networks (SGW-u Tunnels) Sina Shafaei Advisors: Daniel G. Raumer,

Performance Evaluation in LTE Networks (SGW-u Tunnels) Sina Shafaei Advisors: Daniel G. Raumer,

Chair for Network Architectures and Services Chair for Network Architectures and Services Technische Universitt Mnchen Technische Universitt Mnchen IDP Final Talk Performance Evaluation in LTE Networks (SGW-u Tunnels) Sina

288 views • 18 slides
Performance and Security Tradeoff Katinka Wolter Bertinoro, June 26, 2010 Table of Contents

Performance and Security Tradeoff Katinka Wolter Bertinoro, June 26, 2010 Table of Contents

Performance and Security Tradeoff Katinka Wolter Bertinoro, June 26, 2010 Table of Contents Introduction Performance Cost of Encryption Performance Evaluation of a Key Distribution Centre Modelling and Quantifying Intrusion Tolerant Systems

1.27k views • 95 slides
Fararano Fararano DFAP DFAP Final Performance Final Performance Evaluation Evaluation TANGO

Fararano Fararano DFAP DFAP Final Performance Final Performance Evaluation Evaluation TANGO

Fararano Fararano DFAP DFAP Final Performance Final Performance Evaluation Evaluation TANGO International Meet our Presenters John Dunlop Mission Director, USAID Madagascar Kevin Henry Team Leader, Madagascar DFAP Evaluation Independent

788 views • 40 slides
Performance Evaluation of Performance Evaluation of Phasor Measurement Systems Phasor

Performance Evaluation of Performance Evaluation of Phasor Measurement Systems Phasor

PNNL-SA-60867 Panel: International Experience in PMU Applications Performance Evaluation of Performance Evaluation of Phasor Measurement Systems Phasor Measurement Systems Henry Huang (PNNL), Bogdan Kasztenny (GE), Vahid Madani (PG&amp;E), Ken

452 views • 29 slides
Model Evaluation Model Evaluation Metrics for Performance Evaluation How to evaluate the

Model Evaluation Model Evaluation Metrics for Performance Evaluation How to evaluate the

Model Evaluation Model Evaluation Metrics for Performance Evaluation How to evaluate the performance of a model? Methods for Performance Evaluation How to obtain reliable estimates? Methods for Model Comparison How to

636 views • 36 slides

More recommend