Activities per year
Abstract
Programmable network data planes are paving the way for networking innovations, with the ability to perform complex, stateful tasks defined in high-level languages such as P4. The enhanced capabilities of programmable data plane devices has made verification of their runtime behaviour, usingestablished methods such as probe packets, impossible to scale beyond probabilistic detection. This has created a potential opportunity for an attacker, with access to a compromised device, to subtly alter its forwarding program to mishandle only a small subset of packets, evading probabilistic detection. In practice, such subtle binary instrumentation attacks require extensiveknowledge of the forwarding program, yet it is unclear whether a static analysis of compiled P4 programs to obtain this knowledge can be fast and accurate enough for an on-device attack scenario. In this work, we investigate this possibility by implementing a static analysis of P4 programs compiled to BPF bytecode. This analysis gathers sufficient information for the attacker to identify appropriate (reliably correct) edits to the program. We found that, due to predictable compiler behaviours, our analysis remains accurate even when several program behaviours are abstracted away. Our evaluation of the analysis requirements shows that, from a defensive perspective, there is scope for selectively manipulating those instructions in P4-BPF programs that are critical to attack-focused analysis in order to increase its difficulty, without increasing the number of program instructions.
| Original language | English |
|---|---|
| Title of host publication | Proceedings of the 8th IEEE International Conference on Network Softwarization, NetSoft 2022 |
| Place of Publication | Milan |
| Publisher | Institute of Electrical and Electronics Engineers Inc. |
| ISBN (Electronic) | 9781665406949 |
| ISBN (Print) | 9781665406956 |
| DOIs | |
| Publication status | Published - 03 Aug 2022 |
| Event | IEEE International Conference on Network Softwarization 2022 - Milan, Italy Duration: 27 Jun 2022 → 01 Jul 2022 https://netsoft2022.ieee-netsoft.org/ |
Publication series
| Name | International Conference on Network Softwarization (NetSoft): Proceedings |
|---|---|
| Publisher | IEEE |
| ISSN (Print) | 2693-9770 |
| ISSN (Electronic) | 2693-9789 |
Conference
| Conference | IEEE International Conference on Network Softwarization 2022 |
|---|---|
| Abbreviated title | NetSoft |
| Country/Territory | Italy |
| City | Milan |
| Period | 27/06/2022 → 01/07/2022 |
| Internet address |
Fingerprint
Dive into the research topics of 'Investigating the vulnerability of programmable data planes to static analysis-guided attacks'. Together they form a unique fingerprint.Activities
- 1 Invited talk
-
Programmable Network Security: Challenges and Opportunities
Scott-Hayward, S. (Invited speaker)
02 Dec 2022Activity: Talk or presentation types › Invited talk
Student theses
-
Mitigating data plane device compromise in programmable networks
Black, C. (Author), Scott-Hayward, S. (Supervisor) & Sezer, S. (Supervisor), Jul 2023Student thesis: Doctoral Thesis › Doctor of Philosophy
File
Research output
- 1 Citations
- 2 Conference contribution
-
Adversarial exploitation of P4 data planes
Black, C. & Scott-Hayward, S., 30 Jun 2021, Proceedings of the IFIP/IEEE International Symposium on Integrated Network Management. Institute of Electrical and Electronics Engineers Inc., 7 p.Research output: Chapter in Book/Report/Conference proceeding › Conference contribution
Open AccessFile -
A survey on the verification of adversarial data planes in software-defined networks
Black, C. & Scott-Hayward, S., 28 Apr 2021, Proceedings of the ACM International Workshop on Software Defined Networks & Network Function Virtualization Security, SDN-NFV Sec 2021. Association for Computing Machinery, p. 3-10Research output: Chapter in Book/Report/Conference proceeding › Conference contribution
Open AccessFile7 Citations (Scopus)279 Downloads (Pure)