Taking control of SDN-based cloud systems via the data plane

Proceedings of the Symposium on SDN Research, SOSR 2018

Volumn , Issue , 2018, Pages

  Thimmaraju, Kashyap ^a   Shastry, Bhargava ^a   Fiebig, Tobias ^b   Hetzelt, Felicitas ^a   Seifert, Jean Pierre ^a   Feldmann, Anja ^c   Schmid, Stefan ^a,d,e  

^a TECHNISCHE UNIVERSITÄT BERLIN   (Germany)

^b DELFT UNIVERSITY OF TECHNOLOGY   (Netherlands)

^c MAX PLANCK INSTITUTE FOR INFORMATICS   (Germany)

^d UNIVERSITY OF VIENNA   (Austria)

^e AALBORG UNIVERSITY   (Denmark)

Author keywords

Attacker models; Cloud security; Data plane security; MPLS; Network isolation; Network virtualization; NFV; Open vSwitch; OpenStack; Packet parsing; ROP; SDN; Virtual switches

Indexed keywords

MULTIPROTOCOL LABEL SWITCHING; NETWORK FUNCTION VIRTUALIZATION; PLATFORM AS A SERVICE (PAAS);

ATTACKER MODELS; CLOUD SECURITIES; DATA PLANES; NETWORK ISOLATION; NETWORK VIRTUALIZATION; OPEN VSWITCH; OPENSTACK; PACKET PARSING; VIRTUAL SWITCHES;

NETWORK SECURITY;

EID: 85049390536     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/3185467.3185468     Document Type: Conference Paper

References (97)

1. [n. d.]. ROPGadget Tool. https://github.com/JonathanSalwan/ROPgadget/tree/master. ([n. d.]). Accessed: 02-06-2016.
2. 2009. Cisco VN-Link: Virtualization-Aware Networking. White paper. (2009).
3. 2013. Huawei HG8245 backdoor and remote access. http://websec.ca/advisories/view/Huawei-web-backdoor-and-remote-access. (2013). Accessed: 27-01-2017.
4. 2014. Netis Routers Leave Wide Open Backdoor. http://blog.trendmicro.com/trendlabs-security-intelligence/netisrouters- leave-wide-open-backdoor/. (2014). Accessed: 27-01-2017.
5. 2014. Snowden: The NSA planted backdoors in Cisco products. http://www.infoworld.com/article/2608141/internet-privacy/snowden-the-nsa-planted\-backdoors-in-cisco-products.html. (2014). Accessed: 27-01-2017.
6. 2016. OpenStack Security Guide. http://docs.openstack.org/securityguide. (2016). Accessed: 27-01-2017.
7. 2016. What is Openstack? https://www.openstack.org/software. (2016).
8. Martín Abadi, Mihai Budiu, Úlfar Erlingsson, and Jay Ligatti. 2005. Control-flow Integrity. In Proc. ACM Conference on Computer and Communications Security (CCS). 340-353.
9. Nawaf Alhebaishi, Lingyu Wang, Sushil Jajodia, and Anoop Singhal. 2016. Threat Modeling for Cloud Data Center Infrastructures. In Intl. Symposium on Foundations and Practice of Security. Springer, 302-319.
10. L. Andersson, P. Doolan, N. Feldman, A. Fredette, and B. Thomas. 2001. LDP Specification. RFC 3036 (Proposed Standard). (January 2001). http://www.ietf .org/rfc/rfc3036.txt Obsoleted by RFC 5036.
11. Hitesh Ballani, Paolo Costa, Christos Gkantsidis, Matthew P Grosvenor, Thomas Karagiannis, Lazaros Koromilas, and Greg O'Shea. 2015. Enabling end-host network functions. In ACM Computer Communication Review (CCR), Vol. 45. 493-507.
12. Adam Belay, George Prekas, Ana Klimovic, Samuel Grossman, Christos Kozyrakis, and Edouard Bugnion. 2014. IX: A protected dataplane operating system for high throughput and low latency. In Proc. Usenix Symposium on Operating Systems Design and Implementation (OSDI). 49-65.
13. BESS Comitters. 2017. BESS (Berkeley Extensible Software Switch). https://github.com/NetSys/bess. (2017). Accessed: 09-05-2017.
14. Martín Casado, Teemu Koponen, Rajiv Ramanathan, and Scott Shenker. 2010. Virtualizing the Network Forwarding Plane. In Proc. ACM CoNEXT Workshop on Programmable Routers for Extensible Services of Tomorrow. Article 8, 6 pages.
15. Stephen Checkoway et al. 2016. A Systematic Analysis of the Juniper Dual EC Incident. Cryptology ePrint Archive, Report 2016/376. (2016).
16. Sean Choi, Xiang Long, Muhammad Shahbaz, Skip Booth, Andy Keep, John Marshall, and Changhoon Kim. 2017. PVPP: A Programmable Vector Packet Processor. In Proc. ACM Symposium on Software Defined Networking Research (SOSR). ACM, 197-198.
17. Andrei Costin. 2015. All your cluster-grids are belong to us: Monitoring the (in)security of infrastructure monitoring systems. In Proc. IEEE Communications and Network Security (CNS). 550-558. https://doi.org/10.1109/CNS.2015.7346868
18. Crispin Cowan et al. 1998. StackGuard: Automatic Adaptive Detection and Prevention of Buffer-overflow Attacks. In Proc. Usenix Security Symp. 5-5.
19. Ana Danping et al. 2016. Threat Analysis for the SDN Architecture. Technical Report. (2016).
20. Mohan Dhawan, Rishabh Poddar, Kshiteej Mahajan, and Vijay Mann. 2015. SPHINX: Detecting Security Attacks in Software-Defined Networks.. In Proc. Internet Society Symposium on Network and Distributed System Security (NDSS).
21. Mihai Dobrescu and Katerina Argyraki. 2014. Software Dataplane Verification. In Proc. Usenix Symposium on Networked Systems Design and Implementation (NSDI). 101-114.
22. Dan Gonzales et al. 2017. Cloud-Trust - a Security Assessment Model for Infrastructure as a Service (IaaS) Clouds. Proc. IEEE Conference on Cloud Computing PP, 99 (2017), 1-1.
23. Nick Feamster, Jennifer Rexford, and Ellen Zegura. 2013. The Road to SDN. Queue 11, 12 (December 2013).
24. Anja Feldmann, Philipp Heyder, Michael Kreutzer, Stefan Schmid, Jean- Pierre Seifert, Haya Shulman, Kashyap Thimmaraju, Michael Waidner, and Jens Sieberg. 2016. NetCo: Reliable Routing With Unreliable Routers. In IEEE Workshop on Dependability Issues on SDN and NFV.
25. Tobias Fiebig, Franziska Lichtblau, Florian Streibelt, Thorben Krueger, Pieter Lexis, Randy Bush, and Anja Feldmann. 2016. SoK: An Analysis of Protocol Design: Avoiding Traps for Implementation and Deployment. arXiv preprint arXiv:1610.05531 (2016).
26. Daniel Firestone. 2017. VFP: A Virtual Switch Platform for Host SDN in the Public Cloud.. In Proc. Usenix Symposium on Networked Systems Design and Implementation (NSDI). 315-328.
27. Andy Gospodarek. 2017. The birth of SmartNICs - offloading dataplane traffic to...software. https://youtu.be/AGSy51VlKaM. (2017). Open vSwitch Fall Conference 2017. Accessed: 29-01-2018.
28. Bernd Grobauer, Tobias Walloschek, and Elmar Stocker. 2011. Understanding Cloud Computing Vulnerabilities. Proc. IEEE Security & Privacy (S&P) 9, 2 (March 2011), 50-57. https://doi.org/10.1109/MSP.2010.115
29. Michio Honda, Felipe Huici, Giuseppe Lettieri, and Luigi Rizzo. 2015. mSwitch: A highly-scalable, modular software switch. In Proc. ACM Symposium on Software Defined Networking Research (SOSR). 1.
30. Sungmin Hong, Lei Xu, HaopeiWang, and Guofei Gu. 2015. Poisoning Network Visibility in Software-Defined Networks: New Attacks and Countermeasures.. In Proc. Internet Society Symposium on Network and Distributed System Security (NDSS).
31. Jinho Hwang, KK Ramakrishnan, and Timothy Wood. 2014. NetVM: High performance and flexible networking using virtualization on commodity platforms. In Proc. Usenix Symposium on Networked Systems Design and Implementation (NSDI). 445-458.
32. Intel. 2015. Enabling NFV to Deliver on its Promise. https://www-ssl.intel.com/content/www/us/en/communications/nfv-packet-processing-brief .html. (2015).
33. Ethan J Jackson et al. 2016. Softflow: A middlebox architecture for open vswitch. In Usenix Annual Technical Conference (ATC). 15-28.
34. Van Jacobson. 1988. Congestion avoidance and control. In ACM Computer Communication Review (CCR), Vol. 18. 314-329.
35. Sushant Jain et al. 2013. B4: Experience with a Globally-deployed Software Defined Wan. In Proc. ACM SIGCOMM. 3-14.
36. Samuel Jero et al. 2017. BEADS: Automated Attack Discovery in OpenFlow-Based SDN Systems. In Proc. RAID Recent Advances in Intrusion Detection.
37. Xin Jin, Eric Keller, and Jennifer Rexford. 2012. Virtual Switching Without a Hypervisor for a More Secure Cloud. San Jose, CA.
38. Daya Kamath et al. 2010. Edge virtual Bridge Proposal, Version 0. Rev. 0.1. Apr 23 (2010), 1-72.
39. Andrzej Kamisinski and Carol Fung. 2015. FlowMon: Detecting Malicious Switches in Software-Defined Networks. In Proc. ACM Workshop on Automated Decision making for Active Cyber Defense. 39-45.
40. Kallol Krishna Karmakar, Vijay Varadharajan, and Uday Tupakula. 2017. Mitigating attacks in Software Defined Network (SDN). 112-117.
41. Peyman Kazemian, George Varghese, and Nick McKeown. 2012. Header Space Analysis: Static Checking for Networks. In Proc. Usenix Symposium on Networked Systems Design and Implementation (NSDI). 113-126.
42. R. Klöti, V. Kotronis, and P. Smith. 2013. OpenFlow: A security analysis. In Proc. IEEE International Conference on Network Protocols (ICNP). 1-6. https://doi.org/10.1109/ICNP.2013.6733671
43. Eddie Kohler, Robert Morris, Benjie Chen, John Jannotti, and M Frans Kaashoek. 2000. The Click modular router. ACM Trans. Computer Systems 18, 3 (2000), 263-297.
44. Teemu Koponen et al. 2014. Network Virtualization in Multi-tenant Datacenters. In Proc. Usenix Symposium on Networked Systems Design and Implementation (NSDI). USENIX Association, 203-216.
45. Diego Kreutz, Fernando M.V. Ramos, and Paulo Verissimo. 2013. Towards Secure and Dependable Software-defined Networks. In Proc. ACMWorkshop on Hot Topics in Software Defined Networking (HotSDN). 55-60.
46. Volodymyr Kuznetsov et al. 2014. Code-Pointer Integrity. In Proc. Usenix Symposium on Operating Systems Design and Implementation (OSDI). 147-163.
47. Sihyung Lee, Tina Wong, and Hyong S Kim. 2006. Secure split assignment trajectory sampling: A malicious router detection system. In Proc. IEEE/IFIP Transactions on Dependable and Secure Computing (DSN). 333-342.
48. Joao Martins et al. 2014. ClickOS and the Art of Network Function Virtualization. In Proc. Usenix Symposium on Networked Systems Design and Implementation (NSDI). 459-473.
49. Craig Matsumoto. 2014. Time for an SDN Sequel? Scott Shenker Preaches SDN Version 2. https://www.sdxcentral.com/articles/news/scott-shenker-preaches-revised-sdn-sdnv2/2014/10/. (2014). Accessed: 27-01-2017.
50. Stephanos Matsumoto, Samuel Hitz, and Adrian Perrig. 2014. Fleet: Defending SDNs from malicious administrators. In Proc. ACM Workshop on Hot Topics in Software Defined Networking (HotSDN). 103-108.
51. Nick McKeown et al. 2008. OpenFlow: Enabling innovation in campus networks. ACM Computer Communication Review (CCR) 38, 2 (2008), 69-74.
52. Microsoft. 2013. Hyper-V Virtual Switch Overview. https://technet.microsoft.com/en-us/library/hh831823(v=ws.11) .aspx. (2013). Accessed: 27-01-2017.
53. László Molnár, Gergely Pongrácz, Gábor Enyedi, Zoltán Lajos Kis, Levente Csikor, Ferenc Juhász, Attila Korösi, and Gábor Rétvári. 2016. Dataplane Specialization for High-performance OpenFlow Software Switching. In Proc. ACM SIGCOMM. 539-552.
54. Yoshihiro Nakajima, Tomoya Hibi, Hirokazu Takahashi, Hitoshi Masutani, Katsuhiro Shimano, and Masaki Fukui. 2014. Scalable highperformance elastic software OpenFlow switch in userspace for widearea network. USENIX Open Networking Summit (2014), 1-2.
55. Nicolae Paladi and Christian Gehrmann. 2015. Towards Secure Multitenant Virtualized Networks, Vol. 1. 1180-1185.
56. Manoj Panicker. 2017. Enabling Hardware Offload of OVS Control & Data plane using LiquidIO. https://youtu.be/qjXBRCFhbqU. (2017). Open vSwitch Fall Conference 2017. Accessed: 29-01-2018.
57. Mathias Payer. 2012. Too much PIE is bad for performance. http://e-collection.library.ethz.ch/eserv/eth:5699/eth-5699-01.pdf. (2012). Accessed: 27-01-2017.
58. Diego Perez-Botero, Jakub Szefer, and Ruby B. Lee. 2013. Characterizing Hypervisor Vulnerabilities in Cloud Computing Servers. In Proc. ACM Workshop on Security in Cloud Computing. 3-10.
59. Simon Peter, Jialin Li, Irene Zhang, Dan R. K. Ports, DougWoos, Arvind Krishnamurthy, Thomas Anderson, and Timothy Roscoe. 2014. Arrakis: The Operating System is the Control Plane. In Proc. Usenix Symposium on Operating Systems Design and Implementation (OSDI). 1-16.
60. Benjamin D Peterson. 2012. Security Implications of the Cisco Nexus 1000V. http://docs.lib.purdue.edu/cgi/viewcontent.cgi?article= 1069&context=techmasters. (2012). Accessed: 27-01-2017.
61. Justin Pettit, Ben Pfaff, Chris Wright, and Madhu Venugopal. 2015. OVN, Bringing Native Virtual Networking to OVS. https://networkheresy.com/2015/01/13/ovn-bringing-nativevirtual- networking-to-ovs/. (2015). Accessed: 27-01-2017.
62. Ben Pfaff. 2013. Open vSwitch: Past, Present, and Future. http://openvswitch.org/slides/ppf .pdf. (2013). Accessed: 27-01-2017.
63. Ben Pfaff et al. 2009. Extending Networking into the Virtualization Layer.. In Proc. ACM Workshop on Hot Topics in Networks (HotNETs).
64. Ben Pfaff et al. 2015. The design and implementation of Open vSwitch. In Proc. Usenix Symposium on Networked Systems Design and Implementation (NSDI). 117-130.
65. Gregory Pickett. 2014. Abusing software defined networks. Black Hat EU (2014).
66. Gergely Pongrácz, László Molnár, and Zoltán Lajos Kis. 2013. Removing roadblocks from SDN: OpenFlow software switch performance on Intel DPDK. In European Workshop on Software Defined Networking. IEEE, 62-67.
67. prweb. 2011. 6WIND Extends Portable Packet Processing Software to Support Intel Data Plane Development Kit. http://www.prweb.com/releases/2011/9/prweb8785683.htm. (2011). Accessed: 27-01-2017.
68. Kaushik Kumar Ram, Alan L Cox, Mehul Chadha, Scott Rixner, and TW Barr. 2013. Hyper-Switch: A Scalable Software Virtual Switching Architecture.. In Usenix Annual Technical Conference (ATC). 13-24.
69. Sridhar Rao. 2015. SDN's Scale Out Effect on OpenStack Neutron. http://thenewstack.io/sdn-controllers-and-openstack-part1/. (2015). Accessed: 27-01-2017.
70. Thomas Ristenpart, Eran Tromer, Hovav Shacham, and Stefan Savage. 2009. Hey, You, Get off of My Cloud: Exploring Information Leakage in Third-party Compute Clouds. In Proc. ACM Conference on Computer and Communications Security (CCS). 199-212.
71. Sasko Ristov, Marjan Gusev, and Aleksandar Donevski. 2013. Openstack cloud security vulnerabilities from inside and outside. Technical Report. (2013), 101-107 pages.
72. Luigi Rizzo. 2012. Netmap: A novel framework for fast packet I/O. In Usenix Annual Technical Conference (ATC). 101-112.
73. Luigi Rizzo and Giuseppe Lettieri. 2012. VALE, a Switched Ethernet for Virtual Machines. In Proc. ACM CoNEXT. 61-72.
74. Robin G. 2016. Open vSwitch with DPDK Overview. https://software.intel.com/en-us/articles/open-vswitch-withdpdk- overview. (2016). Accessed: 27-01-2017.
75. Ryan Roemer, Erik Buchanan, Hovav Shacham, and Stefan Savage. 2012. Return-Oriented Programming: Systems, Languages, and Applications. ACM Trans. on Information and System Security (TISSEC) 15, 1, Article 2 (March 2012), 34 pages.
76. E. Rosen, D. Tappan, G. Fedorkow, Y. Rekhter, D. Farinacci, T. Li, and A. Conta. 2001. MPLS Label Stack Encoding. RFC 3032 (Proposed Standard). (January 2001). http://www.ietf .org/rfc/rfc3032.txt Updated by RFCs 3443, 4182, 5332, 3270, 5129, 5462, 5586, 7274.
77. E. Rosen, A. Viswanathan, and R. Callon. 2001. Multiprotocol Label Switching Architecture. RFC 3031 (Proposed Standard). (January 2001). http://www.ietf .org/rfc/rfc3031.txt Updated by RFCs 6178, 6790.
78. Joanna Rutkowska and Rafal Wojtczuk. 2010. Qubes OS architecture. Invisible Things Lab Tech Rep 54 (2010).
79. Len Sassaman, M. L. Patterson, S. Bratus, and M. E. Locasto. 2013. Security Applications of Formal Language Theory. 7, 3 (Sept 2013), 489-500.
80. Muhammad Shahbaz, Sean Choi, Ben Pfaff, Changhoon Kim, Nick Feamster, Nick McKeown, and Jennifer Rexford. 2016. Pisces: A programmable, protocol-independent software switch. In Proc. ACM SIGCOMM. 525-538.
81. Bhargava Shastry. 2017. Fuzzing Open vSwitch. https://bshastry.github.io/2017/07/24/Fuzzing-OpenvSwitch.html. (2017). Accessed: 29-01-2018.
82. Bhargava Shastry, Markus Leutner, Tobias Fiebig, Kashyap Thimmaraju, Fabian Yamaguchi, Konrad Rieck, Jean-Pierre Seifert Stefan Schmid, and Anja Feldmann. 2017. Static Program Analysis as a Fuzzing Aid. In Proc. RAID Recent Advances in Intrusion Detection.
83. Seungwon Shin, Vinod Yegneswaran, Phillip Porras, and Guofei Gu. 2013. AVANT-GUARD: Scalable and Vigilant Switch Flow Management in Software-defined Networks. In Proc. ACM Conference on Computer and Communications Security (CCS). 413-424.
84. Pontus Sköldström, Balázs Sonkoly, András Gulyás, Felicián Németh, Mario Kind, Fritz-Joachim Westphal, Wolfgang John, Jokin Garay, Eduardo Jacob, Dávid Jocha, et al. 2014. Towards Unified Programmability of Cloud and Carrier Infrastructure. In European Workshop on Software Defined Networking. 55-60.
85. John Sonchack, Adam J Aviv, Eric Keller, and Jonathan M Smith. 2016. Enabling Practical Software-defined Networking Security Applications with OFX. In Proc. Internet Society Symposium on Network and Distributed System Security (NDSS).
86. Patrick Stewin. 2013. A primitive for revealing stealthy peripheralbased attacks on the computing platform's main memory. In Proc. RAID Recent Advances in Intrusion Detection. Springer, 1-20.
87. Jakub Szefer et al. 2011. Eliminating the Hypervisor Attack Surface for a More Secure Cloud. In Proc. ACM Conference on Computer and Communications Security (CCS). 401-412.
88. T. Koponen et al. 2014. Network Virtualization in Multi-tenant Datacenters. In 11th USENIX Symposium on Networked Systems Design and Implementation.
89. Kashyap Thimmaraju et al. 2017. The vAMP Attack: Taking Control of Cloud Systems via the Unified Packet Parser. In Proc. ACM Workshop on Cloud Computing Security (CCSW).
90. Kashyap Thimmaraju, Liron Schiff, and Stefan Schmid. 2017. Outsmarting Network Security with SDN Teleportation. In Proc. IEEE European Security & Privacy (S&P).
91. Heidi Joy Tretheway et al. Apr 2016. A snapshot of Openstack users' attitudes and deployments. Openstack User Survey (Apr 2016).
92. Amin Vahdat. 2014. Enter the Andromeda zone - Google Cloud Platform's latest networking stack. https://cloudplatform.googleblog.com/2014/04/enter-andromeda-zone-google-cloud-platforms-latestnetworking- stack.html. (2014). Accessed: 19-10-2017.
93. Rick Vanover. 2008. Virtual switching to become enhanced with Cisco and VMware announcement. http://www.techrepublic.com/blog/data-center/virtual-switchingto- become-enhanced-with-cisco-and-vmware-announcement. (2008). Accessed: 27-01-2017.
94. VMware. 2009. VMware ESX 4.0 Update 1 Release Notes. https://www.vmware.com/support/vsphere4/doc/vspesx40u1relnotes.html. (2009). Accessed: 27-01-2017.
95. VPP Comitters. 2017. What is VPP? https://wiki.fd.io/view/VPP/WhatisVPP%3F. (2017). Accessed: 09-05-2017.
96. Hanqian Wu et al. 2010. Network security for virtual machine in cloud computing. In Proc. IEEE Conference on Computer Sciences and Convergence Information Technology. 18-21.
97. Dongting Yu, Andrew W Moore, Chris Hall, and Ross Anderson. 2014. Security: A Killer App for SDN? Technical Report. Indiana Uni. at Bloomington.