A survey on the verification of adversarial data planes in software-defined networks

Research output: Chapter in Book/Report/Conference proceedingConference contribution

173 Downloads (Pure)

Abstract

As network policies are becoming increasingly nuanced and complex, so too are the mechanisms required to ensure that the network is functioning as intended. In particular, since the dawn of software-defined networking and the shift towards high-level descriptions of intended network policy, traditional tools such as ping and traceroute have been insufficient to test that complex data plane configurations have been correctly implemented. As a result, novel data plane verification solutions have been proposed that use formal methods to ensure that network policies are adhered to and that the data plane is free of bugs. While the number of these verification solutions continues to grow, only a few are equipped to verify the data plane when a malicious adversary is present. As research continues to expand the remit of data plane functionality, these solutions may become key to securing an increasingly valuable attack target. In this survey, we review the work that has been dedicated to preventing and detecting attacks on data planes in software-defined networks and discuss some of the unsolved problems in this field that must be addressed in future adversarial verification solutions.

Original languageEnglish
Title of host publicationProceedings of the ACM International Workshop on Software Defined Networks & Network Function Virtualization Security, SDN-NFV Sec 2021
PublisherACM
Pages3-10
ISBN (Print)9781450383189
DOIs
Publication statusPublished - 28 Apr 2021
EventACM International Workshop on Software Defined Networks & Network Function Virtualization Security 2021 - Virtual, United States
Duration: 28 Apr 202128 Apr 2021
https://dl.acm.org/doi/proceedings/10.1145/3445968

Workshop

WorkshopACM International Workshop on Software Defined Networks & Network Function Virtualization Security 2021
Abbreviated titleSDN-NFV Sec 2021
Country/TerritoryUnited States
Period28/04/202128/04/2021
Internet address

Fingerprint

Dive into the research topics of 'A survey on the verification of adversarial data planes in software-defined networks'. Together they form a unique fingerprint.

Cite this