Abstract
Current solutions for detecting compromised switches in software-defined network (SDN) usually rely on the monitoring of the network traffic or conformance of the packets traversing through them and the rules defined by the controllers. Although satisfying, those solutions cannot detect a switch that has been compromised if it is not acting maliciously at the moment of the traffic monitoring as sleeper agents, which can pose as a national security risk when defense networks are the targets. An architecture capable of auditing the memory of switches in software-defined networks is proposed as a solution to detect compromised switches even when they are not acting maliciously and only leave micro-traces of its activities. This auditing should be able to verify the conformity between what is in the memory and the flow rules set by the controllers without overusing the system resources. A trusted execution environment is also proposed to improve the security of the auditing processes.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Nunes, B.A.A., Mendonca, M., Nguyen, X., Obraczka, K., Turletti, T.: A survey of software-defined networking: past, present, and future of programmable networks. IEEE Commun. Surv. Tutor. 16(3), 1617–1634, (2014). (Third Quarter).https://doi.org/10.1109/SURV.2014.012214.00180
Nadeau, T.D., Gray, W.K., SDN - Software Defined Networks: O’Reilly (2013). ISBN: 1449342426
Van Trung, P., Huong, T.T., Van Tuyen, D., Duc, D.M., Thanh, N.H., Marshall, A.: A multi-criteria-based DDoS-attack prevention solution using software defined networking. In: 2015 International Conference on Advanced Technologies for Communications (ATC), pp. 308-313. Ho Chi Minh City (2015). https://doi.org/10.1109/ATC.2015.7388340
Zhou, H., et al.: SDN-RDCD: a real-time and reliable method for detecting compromised SDN devices. IEEE/ACM Trans. Netw. 26(5), 2048–2061 (2018). https://doi.org/10.1109/TNET.2018.2859483
Dabbagh, M., Hamdaoui, B., Guizani, M., Rayes, A.: Software-defined networking security: pros and cons. IEEE Commun. Mag. 53(6), 73–79 (2015). https://doi.org/10.1109/MCOM.2015.7120048
Price, D.: A guide to cyber intelligence. J. US Intell. Stud. 21(1) (2014–2015)
Robterson, J., Riley, M.: The big hack: how China used a tiny chip to infiltrate U.S. companies. Bloomberg Businessweek, 4 Oct 2018
Intel Corporation, Intel Software Guard Extensions (Intel SGX), Website, Accessed December 14 2018
Open Networking Foundation, OpenFlow Switch Specification, Version 1.5.1 (Protocol version 0x06), 26 March 2015
Newman, L.H.: Spectre-Like Flaw Undermines Intel Processors’ Most Secure Element. Wired, 14 Aug 2018
Pereira, L., et al.: Using Intel SGX to enforce auditing of running software in insecure environments. In: The 10th IEEE International Conference on Cloud Computing Technology and Science (2018)
Gelberger, A., Yemini, N., Giladi, R.: Performance analysis of software-defined networking (SDN). In: IEEE 21st International Symposium on Modelling, Analysis and Simulation of Computer and Telecommunication Systems, San Francisco, CA 2013, pp. 389–393 (2013). https://doi.org/10.1109/MASCOTS.2013.58
Costa, R.S., Pigatto, D.F., Fonseca, K.V.O., Rosa, M.O.: Securing Video on Demand Content with SGX: A Decryption Performance Evaluation in Client-Side, Simposio Brasileiro em Segurança da Informação e de Sistemas Computacionais (SBSeg), [S.l.], pp. 127–140 (2018)
Acknowledgements
This research work explores possible applications for TEE and secure and scalable cloud applications as part of the EU-BR SecureCloud project. The project has been receiving funds granted from the 3rd EU-BR Coordinated Call (Brazilian Ministry of Science, Technology and Innovation, MCTIC/RNP, BR grant agreements 2550, 2549, 2553, 2552 and 2568) and European Union Horizon 2020 programme—EU Grant Agreement 690111). The project is also supported by the Swiss State Secretariat for Education, Research and Innovation (SERI). This research work also explores possible security solutions for forensics applications under the CAPES Pró-Forenses Project 025/2014.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Augusto da Luz Lemos, F., Alexandre de Faria, R., Jose Abatti, P., Pereira Fonseca, M.S., Ono Fonseca, K.V. (2020). Memory Auditing for Detection of Compromised Switches in Software-Defined Networks Using Trusted Execution Environment. In: Rocha, Á., Pereira, R. (eds) Developments and Advances in Defense and Security. Smart Innovation, Systems and Technologies, vol 152. Springer, Singapore. https://doi.org/10.1007/978-981-13-9155-2_7
Download citation
DOI: https://doi.org/10.1007/978-981-13-9155-2_7
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-13-9154-5
Online ISBN: 978-981-13-9155-2
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)