| Summary: | Research in Software Defined Networks (SDN) has gained momentum in recent years. SDNs are getting mature, however, there are still many research challenges that need to be considered before SDN become ubiquitous. The adaptation of the technology brings immediate focus to its security aspects. The centralized nature of the SDN makes it prone to many denial of service attacks, especially if the policy parameters of SDN are known to adversaries. In this work, we present techniques to perform fingerprinting of SDN including policy parameters such as hard and idle/soft timeouts, OpenFlow match-fields used by the SDN controller, controller reaction at table full event and information about the topology of the targeted network. An adversary can launch a carefully planned attack, especially on the SDN data plane, if these policy parameters are easily discoverable for a SDN domain. Assuming access to the SDN domain's host and customized packet generation from the compromised host, we propose efficient techniques to discover these aforementioned policy parameters. The results of the proposed fingerprinting techniques are verified by using Mininet.
|
|---|
