Skip to main content
Vulnerability Assessment

Project Coordinator (EU) :

Sapienza University of Rome

Country of the EU Coordinator :

Italy

Organisation Type :

Academia

Project participants :

Sapienza University of Rome

Prof Novella Bartolini is the Italian PI of the project. She is a professor at the Department of Computer Science of Sapienza University of Rome.  She carried out research related to the project in three main areas: SDN optimization, network recovery and robustness augmentation, and network monitoring.

Dr. Viviana Arrigoni, Ph.D., co-PI of the Sapienza research unit, key person in supervision of the experiments. She is a postdoctoral researcher and co-author of several joint papers on network tomography and monitoring. She carries out research also on self-recovering networking and adaptive routing in SDN networks.

Federico Trombetti, PhD Student, he is co-author of several joint papers on network tomography.

Matteo Prata, Ph.D. student. He is co-author of several joint papers on self-recovering networking and adaptive routing in SDN networks.

 

Penn State University

Ting He (US partner) has worked extensively on network state identification and SDN. Her works on network tomography provide theory and algorithms with provable performances for host-based inference of the structure and state of a computer network that cannot be directly observed from the control plane, thus providing means to assess what a host-based adversary can learn from end-to-end measurements.

Tian Xie, Ph.D. student,  carrying out research on network management, monitoring, and SDN network security.

Sanchal Thakkar, Ph.D. student,  carrying out research on network management, monitoring, and SDN network security.

 

State of US partner :

Pennsylvania

Starting date :

Vulnerability Assessment and Robust Defenses for Optimized Attacks in Dynamic SDNs Experiment


Experiment description

The project focuses on renovating the internet by extending the applicability of the SDN paradigm to open networks. The flexible data plane and the logically centralized control plane of SDN make it a competitive architecture for offering a large number of heterogeneous data sources or services. The separation and centralization of networking functionalities in the control layer of the architecture offers the prospect of new opportunities for performance optimization, dependability, as well as green resource management.

However, the SDN paradigm was born mainly for optimizing network traffic management mostly in enterprises, private data centers, and networks. For this reason, extending this paradigm to wide-area open networks poses a number of concerns, among which security is the utmost.

This project will advance the state of the art in flow management in an SDN-based distributed data/service system under performance-critical scenarios, which may be related to ongoing attacks or to network failures, perceived by the end hosts as performance losses or degradation. The project will then focus on the network vulnerabilities and defence best practices. It will consider implementing techniques for increasing an SDN network’s robustness, and capability to promptly react to ongoing attacks and performance-critical events.

The project addresses the following topics of the fourth NGIAtlantic call:

  • b.1) Strengthening the trustworthiness and resilience of the internet,
  • b.4) Open Internet architecture renovation.

The experimental study conducted by this project will serve two purposes. The first is to highlight vulnerabilities of current SDN implementation, with the realization of a real experiment where some switches of an SDN architecture will be targeted by a cache pollution attack, with the objective of slowing down the network and causing legitimate flows to request a controller intervention for setting up their flow rules at switches.

Considering the vulnerabilities evidenced above, the second purpose is to implement and evaluate various defence techniques.

We will consider novel cache replacement policies, specifically tailored to ensure robustness against the aforementioned attacks. We will also consider dynamic resource provisioning policies, where vulnerable areas of the network will be first detected by means of either passive or active end-to-end
measurements, then reinforced by means of the addition of new nodes and links, which creates alternative paths for load balancing, and attack neutralization.

The results of the project will lead to dynamic and responsive control of the system performance and to the capability to determine flow routing policies whose potentialities extend beyond security and vulnerability issues. In fact, the results of the project offer novel opportunities for enabling energy-saving policies in large data centers. Therefore the project activities will also extend the research on green internet design.

 

Impacts :

Impact 1: Enhanced EU – US cooperation in Next Generation Internet, including policy cooperation.
This project clearly sets out to target shared values of the EU and US, such as openness, dependability,
and security.
It proposes a thorough study that aims at extending the use of the Software-Defined Networking paradigm beyond its current use mostly in private, enterprise networks. The project addresses the following topics of the fourth NGIAtlantic call:

  • b.1) Strengthening the trustworthiness and resilience of the internet,
  • b.4) Open Internet architecture renovation.

It does so by implementing techniques for increasing an SDN network’s robustness, and capability to promptly react to intentional attacks or to network failures possibly due to natural phenomena, or disasters.

Impact 2: Reinforced collaboration and increased synergies between the Next Generation Internet and the Tomorrow's Internet programmes.
The NGI and Tomorrow’s Internet initiatives aim at reshaping the internet to face important challenges to respond to fundamental needs of trust, security, dependability, and energy-efficient internet. With the purpose of creating a trustworthy paradigm where a controller is in charge of optimizing the network reaction to external attacks or to upcoming performance issues, the project brings together researchers from both EU and US to share knowledge, build common goals and pave the path to new common research and experiments.

Impact 3: Developing interoperable solutions and joint demonstrators, contributions to standards.
The experimental study conducted by this project will serve two purposes. The first is to highlight vulnerabilities of current SDN implementation, with the realization of a real experiment where some switches of an SDN architecture will be targeted by a cache pollution attack, with the objective of slowing down the network and causing legitimate flows to request a controller intervention for setting up their flow rules at switches.
Considering the vulnerabilities evidenced above, the second purpose is to implement and evaluate various defense techniques. We will consider novel cache replacement policies, specifically tailored to ensure robustness against the aforementioned attacks. We will also consider dynamic resource provisioning policies, where vulnerable areas of the network will be first detected by means of either passive or active end-to-end measurements, then reinforced by means of the addition of new nodes and links, which creates alternative paths for load balancing, and attack neutralization.

Impact 4: An EU - US ecosystem of top researchers, hi-tech start-ups / SMEs and Internet-related communities collaborating on the evolution of the Internet
According to the NGIatlantic program, the project will foster the development of joint research and related experiments which build upon previous work performed both jointly and individually by the two partners of the project consortium.
The consortium will devote most of its efforts to the development of a common experimental testbed that will create opportunities for partners in the EU and US to carry on additional research grounding on the results of the project.

 

Results :

With the proposed experiments, we want to contribute to the improvement of the efficiency and the resilience of software-defined networks.

The first batch of experiments prove that end to end measurements are sensitive to the state of the cache of the switches. They show how the round trip time of a packet is highly dependent on the outcome of the flow rule retrieval from the switches’ tables, i.e., if the switch generated a miss or a hit.

A second batch of experiments were driven on the mininet simulator to test efficient rule installation policies. We implemented two strategies, all at once and one-by-one. Our experiments highlight how the all at once strategy requires less time, as ideally only one switch on the path produces a miss, but other cache misses may occur because of flow rule installation asynchrony among switches.  This phenomenon can be avoided by including an artificial delay to allow all switches to synchronise. These experiments allowed us to understand and propose a best practice for rule installation.

The third batch of experiments shows how end-to-end monitoring can be useful to detect delays happening within a node, and reactively respond to them by making requests on the controller. The communication between the monitors and the controller does not use the OpenFlow protocol, as it makes use of a dedicated VLAN, that does not involve the network nodes (switches). Therefore it does not inject traffic in the controller’s southbound channel. We propose a differently strategy from those in existing work for flow redirection, as our method is able to localize delays due to cache-pollution attacks.

Future Plan :

The project characterized key vulnerabilities of SDNs. It demonstrated how DoS and cache pollution attacks can be used to overwhelm the data and control planes of the network. This project presents a monitoring system and a routing mechanism for SDNs; that can detect and react to DoS, cache pollution attacks and in general to performance anomalies. These kinds of attacks are hard to detect for a controller, which is unable to tell apart malicious and legitimate traffic. It experiences very high congestion because of the many frequent requests for rule installation by the network switch under attack. With our experimental campaign, mostly carried out on a real test-bed, we propose a resilient proactive defence mechanism that exploits end-to-end monitoring based on stochastic network tomography. This is able to detect unexpected delays and provide the necessary information to the controller to reroute legitimate traffic in a resilient manner.

This project has brought out several interesting aspects that we plan to investigate in the next months as future work. The two teams are currently working on the design and analysis of different rule update strategies. Our goal is to understand the possible solutions that a controller can implement to keep the network up-to-date while minimizing the miss ratio and latency due to switch-controller communication and rule installation. This project also gave us the opportunity to become familiar with real implementations of SDNs. It is our plan to take advantage of this new experience and to invest in designing  solutions for green SDNs, where ports and switches can be turned off or set in sleep mode to save energy while guaranteeing QoS. Our prototype can greatly support our work by providing real energy consumption measurements that can be beneficial to the whole SDN community.

Key results

  • An implementation of a network tomography-based monitoring system on a small SDN architecture.

  • Accepted paper: Viviana Arrigoni, Novella Bartolini, Annalisa Massini, and Federico Trombetti. A Bayesian approach to network monitoring for progressive failure localization. IEEE/ACM Transactions on Networking, 2022

  • Accepted paper: V. Arrigoni, M. Prata, N. Bartolini, "Tomography-based progressive network recovery and critical service restoration after massive failures", to appear in IEEE Proceedings of the International Conference on Computer Communications (IEEE INFOCOM 2023)

Expected TRL at experiment completition :

4

NGI related Topic :

Strengthening Trustworthiness and Resilience Of the Internet

Call Reference :

4

The 30-months project NGIatlantic.eu will push the Next Generation Internet a step further by providing cascade funding to EU-based researchers and innovators in carrying out Next Generation Internet related experiments in collaboration with US research teams.




contact action add button