Adversarial Exploitation of P4 Data Planes

Conor Black; Sandra Scott-Hayward

Adversarial Exploitation of P4 Data Planes

Conor Black, Sandra Scott-Hayward

School of Electronics, Electrical Engineering and Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

115 Downloads (Pure)

Abstract

Programmable data planes can support flexible and feature-rich networks. However, the network operator must have confidence that the network data plane correctly implements the specified policies. To address this, data plane testing and verification mechanisms have been proposed, which, in general, trust the data plane devices to behave faithfully. A few current solutions recognise that one or more of the network devices maybe under the control of a malicious adversary but do not address either the enhanced capabilities or motivations of an attacker in a modern P4-programmable data plane. Furthermore, the ability of an attacker to utilise these enhanced capabilities in an exploit has not been investigated. In this paper, we address this knowledge gap by means of a case study in which we assume the role of an attacker in an open-source implementation of a P4-programmable software switch and attempt a range of methods to exploit the program running on that switch. We find that attacks that exploit both the programmability and statefulness of the P4 switch are indeed possible, and discuss the impact of our findings with proposals for future adversarial data plane verification mechanisms to address this new threat model.

Original language	English
Title of host publication	IFIP/IEEE International Symposium on Integrated Network Management (IM 2021): Proceedings
Number of pages	7
Publication status	Published - 30 Jun 2021
Event	IEEE/IFIP International Symposium on Integrated Network Management - Bordeaux, France Duration: 17 May 2021 → …

Publication series

Name	IFIP/IEEE International Symposium on Integrated Network Management: Proceedings
Publisher	IEEE
ISSN (Print)	1573-0077

Conference

Conference	IEEE/IFIP International Symposium on Integrated Network Management
Country/Territory	France
City	Bordeaux
Period	17/05/2021 → …

Access to Document

Adversarial Exploitation of P4 Data Planes
© 2021IFIP. This work is made available online in accordance with the publisher’s policies. Please refer to any applicable terms of use of the publisher.
Accepted author manuscript, 279 KBLicence: Unspecified

https://ieeexplore.ieee.org/document/9464034Licence: Unspecified

Cite this

@inproceedings{5420f2384b4449af841de7eb006f71f1,

title = "Adversarial Exploitation of P4 Data Planes",

abstract = "Programmable data planes can support flexible and feature-rich networks. However, the network operator must have confidence that the network data plane correctly implements the specified policies. To address this, data plane testing and verification mechanisms have been proposed, which, in general, trust the data plane devices to behave faithfully. A few current solutions recognise that one or more of the network devices maybe under the control of a malicious adversary but do not address either the enhanced capabilities or motivations of an attacker in a modern P4-programmable data plane. Furthermore, the ability of an attacker to utilise these enhanced capabilities in an exploit has not been investigated. In this paper, we address this knowledge gap by means of a case study in which we assume the role of an attacker in an open-source implementation of a P4-programmable software switch and attempt a range of methods to exploit the program running on that switch. We find that attacks that exploit both the programmability and statefulness of the P4 switch are indeed possible, and discuss the impact of our findings with proposals for future adversarial data plane verification mechanisms to address this new threat model.",

author = "Conor Black and Sandra Scott-Hayward",

year = "2021",

month = jun,

day = "30",

language = "English",

series = "IFIP/IEEE International Symposium on Integrated Network Management: Proceedings",

publisher = "IEEE",

booktitle = "IFIP/IEEE International Symposium on Integrated Network Management (IM 2021): Proceedings",

note = "IEEE/IFIP International Symposium on Integrated Network Management ; Conference date: 17-05-2021",

}

Black, C & Scott-Hayward, S 2021, Adversarial Exploitation of P4 Data Planes. in IFIP/IEEE International Symposium on Integrated Network Management (IM 2021): Proceedings. IFIP/IEEE International Symposium on Integrated Network Management: Proceedings, IEEE/IFIP International Symposium on Integrated Network Management, Bordeaux, France, 17/05/2021. <https://ieeexplore.ieee.org/document/9464034>

TY - GEN

T1 - Adversarial Exploitation of P4 Data Planes

AU - Black, Conor

AU - Scott-Hayward, Sandra

PY - 2021/6/30

Y1 - 2021/6/30

N2 - Programmable data planes can support flexible and feature-rich networks. However, the network operator must have confidence that the network data plane correctly implements the specified policies. To address this, data plane testing and verification mechanisms have been proposed, which, in general, trust the data plane devices to behave faithfully. A few current solutions recognise that one or more of the network devices maybe under the control of a malicious adversary but do not address either the enhanced capabilities or motivations of an attacker in a modern P4-programmable data plane. Furthermore, the ability of an attacker to utilise these enhanced capabilities in an exploit has not been investigated. In this paper, we address this knowledge gap by means of a case study in which we assume the role of an attacker in an open-source implementation of a P4-programmable software switch and attempt a range of methods to exploit the program running on that switch. We find that attacks that exploit both the programmability and statefulness of the P4 switch are indeed possible, and discuss the impact of our findings with proposals for future adversarial data plane verification mechanisms to address this new threat model.

AB - Programmable data planes can support flexible and feature-rich networks. However, the network operator must have confidence that the network data plane correctly implements the specified policies. To address this, data plane testing and verification mechanisms have been proposed, which, in general, trust the data plane devices to behave faithfully. A few current solutions recognise that one or more of the network devices maybe under the control of a malicious adversary but do not address either the enhanced capabilities or motivations of an attacker in a modern P4-programmable data plane. Furthermore, the ability of an attacker to utilise these enhanced capabilities in an exploit has not been investigated. In this paper, we address this knowledge gap by means of a case study in which we assume the role of an attacker in an open-source implementation of a P4-programmable software switch and attempt a range of methods to exploit the program running on that switch. We find that attacks that exploit both the programmability and statefulness of the P4 switch are indeed possible, and discuss the impact of our findings with proposals for future adversarial data plane verification mechanisms to address this new threat model.

M3 - Conference contribution

T3 - IFIP/IEEE International Symposium on Integrated Network Management: Proceedings

BT - IFIP/IEEE International Symposium on Integrated Network Management (IM 2021): Proceedings

T2 - IEEE/IFIP International Symposium on Integrated Network Management

Y2 - 17 May 2021

ER -

Adversarial Exploitation of P4 Data Planes

Abstract

Publication series

Conference

Access to Document

Fingerprint

Cite this