Robustness-as-evolvability: building a dynamic control plane with Software-Defined Networking
Lead Research Organisation:
Lancaster University
Department Name: Computing & Communications
Abstract
Highly available information networks are an increasingly essential component of the modern society. Targeted attacks are a key threat to the availability of these networks. These attacks exploit weak components in network infrastructure and attack them, triggering side-effects that harm the ultimate victim. Targeted attacks are carried out using highly distributed attacker networks called botnets comprising between thousands and hundreds of thousands of compromised computers. A key feature is that botnets are programmable allowing the attacker to adapt to evolve and adapt to defences developed by infrastructure providers. However current network infrastructure is largely static and hence cannot adapt to a fast evolving attacker.
To design effective responses, a programmable network infrastructure enabling large-scale cooperation is necessary. Our research will create a new form of secure network infrastructure which detects targeted attacks on itself. It then automatically restructures the infrastructure to maximise attack resilience. Finally, it self-verifies whether global properties of safety and correctness can be assured even though each part of the infrastructure only has a local view of the world.
Our research will examine techniques to collect and merge inferences across distributed vantage points within a network whilst minimising risks to user privacy from data-aggregation using novel privacy techniques. We make a start on addressing the risks introduced by programmability itself, by developing smart assurance techniques that can verify evidence of good intention before the infrastructure is reprogrammed.
We set three fundamental design objectives for our design:
(1) Automated and seamless restructuring of network infrastructure to withstand attacks aimed at strategic targets on the infrastructure.
(2) A measurement system that allows dynamic allocation of resources and fine control over the manner, location, frequency, and intensity of data collected at each monitoring location on the infrastructure.
(3) Assurance of safety and compliance to sound principles of structural resilience when infrastructure is reprogrammed.
Our aim is to develop future network defences based on a smart and evolving network infrastructure.
To design effective responses, a programmable network infrastructure enabling large-scale cooperation is necessary. Our research will create a new form of secure network infrastructure which detects targeted attacks on itself. It then automatically restructures the infrastructure to maximise attack resilience. Finally, it self-verifies whether global properties of safety and correctness can be assured even though each part of the infrastructure only has a local view of the world.
Our research will examine techniques to collect and merge inferences across distributed vantage points within a network whilst minimising risks to user privacy from data-aggregation using novel privacy techniques. We make a start on addressing the risks introduced by programmability itself, by developing smart assurance techniques that can verify evidence of good intention before the infrastructure is reprogrammed.
We set three fundamental design objectives for our design:
(1) Automated and seamless restructuring of network infrastructure to withstand attacks aimed at strategic targets on the infrastructure.
(2) A measurement system that allows dynamic allocation of resources and fine control over the manner, location, frequency, and intensity of data collected at each monitoring location on the infrastructure.
(3) Assurance of safety and compliance to sound principles of structural resilience when infrastructure is reprogrammed.
Our aim is to develop future network defences based on a smart and evolving network infrastructure.
Planned Impact
Our joint research program (with industrial and academic partners) will provide new foundations for a resilient network infrastructure. The medium term beneficiaries of this research will be parties who have a stake in the development of future networking infrastructure, and, in the much longer and wider term, everyone who relies on resilience of the global digital infrastructure.
Our technologies will give private sector companies competitive advantage, by making their SDN-based networking tools provide additional functionality, aimed directly at tackling security issues. Our techniques will give greater confidence in network infrastructure; thus enabling utility companies and government to move more critical infrastructure onto standard backbones.
Software-Defined Networking (SDN) promises massive reduction in costs. The proposed work programme has the potential to demonstrate that not only could SDN switches provide fundamentally better security (by incorporating programmability and hence dynamic algorithms for measurement and response), they might achieve it cheaper than conventional hardware routers.
Our technologies will give private sector companies competitive advantage, by making their SDN-based networking tools provide additional functionality, aimed directly at tackling security issues. Our techniques will give greater confidence in network infrastructure; thus enabling utility companies and government to move more critical infrastructure onto standard backbones.
Software-Defined Networking (SDN) promises massive reduction in costs. The proposed work programme has the potential to demonstrate that not only could SDN switches provide fundamentally better security (by incorporating programmability and hence dynamic algorithms for measurement and response), they might achieve it cheaper than conventional hardware routers.
Organisations
- Lancaster University (Lead Research Organisation)
- Brocade Communications Systems (Collaboration)
- Juniper R&D (Collaboration)
- Juniper Networks (Project Partner)
- DELL (United States) (Project Partner)
- Fortinet (Project Partner)
- InMon Corp (Project Partner)
- Samsung (South Korea) (Project Partner)
- Princeton University (Project Partner)
- Brocade (Project Partner)
Publications
Gardiner J
(2016)
On the Security of Machine Learning in Malware C&C Detection A Survey
in ACM Computing Surveys
Venkatesh B
(2015)
BotSpot: fast graph based identification of structured P2P bots
in Journal of Computer Virology and Hacking Techniques
| Description | In the first phase, the RASE project developed a large-scale (5000 router) testbed to enable the researchers on the team to carry out realistic testing of research prototypes. This testbed could be made available on national scale for the benefit of other researchers. In its second year, the RASE project has made fundamental progress on understanding how software-defined networking can be used to incorporate timing channels within routers. Timing channels can be used to build mechanisms that can be used to attribute attacks to attackers, which has been a long standing problem in computer security. During the previous year, the team invented a new set of attacks targeting all four caching algorithms used by SDN switches. We also developed a potential defense against these attacks. |
| Exploitation Route | The work provides a platform that router manufacturers can use to build attack attribution capabilities into next generation switches. |
| Sectors | Digital/Communication/Information Technologies (including Software),Healthcare,Security and Diplomacy |
| Description | The SDN testbed we have created has been used by several organisations -- University of Bristol, University of Lancaster, Juniper, Brocade, VMWare, Samsung, and Fortinet to develop SDN security testing strategies, test SDN products and carry out research in SDN security. The RASE router-cache-security module produced in this project was considered for productisation by a hardware switch manufacturer. We have also worked hard to raise awareness of SDN security challenges within UK government. As a result of our actions, a specific funding pot to support testbed usage has been created which has been accessed by two universities thus far. |
| First Year Of Impact | 2021 |
| Sector | Digital/Communication/Information Technologies (including Software),Other |
| Impact Types | Policy & public services |
| Title | SDN testbed |
| Description | We have developed a medium-scale research testbed which will form the foundation for our upcoming research efforts as part of this grant. After painstaking efforts, the team has managed to create a functional testbed which allows for realistic evaluation of realistic attacks and defenses on large-scale Software Defined Networks. The testbed allows the creation of 100000 virtual SDN switches and upto a 10000 controllers. A router testbed on this scale is not available nationally within the UK. The testbed allows the creation of a variety of traffic flows of different types and different densities in order to replicate the diversity of real-world traffic. |
| Type Of Material | Improvements to research infrastructure |
| Year Produced | 2017 |
| Provided To Others? | No |
| Impact | We are in the process of putting mechanisms into place to make this facility accessible on a UK wide basis. |
| Description | Brocade partnership |
| Organisation | Brocade Communications Systems |
| Country | United States |
| Sector | Private |
| PI Contribution | We created a new industry collaboration |
| Collaborator Contribution | Commercialisation of research output |
| Impact | As given above |
| Start Year | 2015 |
| Description | Juniper partnership |
| Organisation | Juniper R&D |
| Country | United States |
| Sector | Private |
| PI Contribution | The research team implemented of one of the findings in the project on Juniper's SDN platform. A working demonstration was created. |
| Collaborator Contribution | The partner donated SDN hardware worth £40000 to create the testbed. |
| Impact | A working research prototype was created. The techniques developed within the project are still being refined and will be published in a relevant peer-reviewed venue. |
| Start Year | 2015 |
| Title | Dynamic defenses for targeted attacks on SDN switches |
| Description | We have developed a dynamic router migration capability that enables a switch under attack to seamlessly transfer its load to other switches in the network. |
| Type Of Technology | Software |
| Year Produced | 2015 |
| Impact | A really interesting point about this security component is that it works as a load balancer during peacetime and automatically switches to a defensive stance when under attacks. In other words, it offers a benefit even during peacetime and causes little overheads. |
| Title | RASE Alpha stage prototype for defenses against cache attacks |
| Description | This alpha stage prototype for modified PICA-8 switch that can defend against attacks on the switch's FIFO caching algorithm. |
| Type Of Technology | Software |
| Year Produced | 2017 |
| Impact | This product has been nominated for the second short list by PICA switches, we are very confident that the code will enter production once it comes to beta stage. |
| Description | Controller productisation |
| Form Of Engagement Activity | A talk or presentation |
| Part Of Official Scheme? | No |
| Geographic Reach | International |
| Primary Audience | Industry/Business |
| Results and Impact | 70 people attended the talk at the user partners facility in San Jose which lead to follow up meetings at headquarters with Product Management on commercialisation consideration of the controller component of the RASE project. Discussions are ongoing on the feasibility and the user partner has committed to carrying out a full study on how and when it would be appropriate to incorporate the research output into production. |
| Year(s) Of Engagement Activity | 2016 |
| Description | Half-day workshop on SDN security |
| Form Of Engagement Activity | Participation in an activity, workshop or similar |
| Part Of Official Scheme? | No |
| Geographic Reach | Regional |
| Primary Audience | Undergraduate students |
| Results and Impact | 110 students from high-school to university undergraduates attended a half-day workshop on the importance of secure networks and what it means to program a network as opposed to a computing device. This sparked a lot of interest in the students, and from a survey, 78% reported a higher inclination towards networks and security than before attending the workshop. |
| Year(s) Of Engagement Activity | 2017 |
| Description | Industry-Academic workshop on the development of smart SDN routers |
| Form Of Engagement Activity | Participation in an activity, workshop or similar |
| Part Of Official Scheme? | No |
| Geographic Reach | International |
| Primary Audience | Industry/Business |
| Results and Impact | Leading industry players from UK and EU that are active in the area of SDN attended a workshop at Lancaster university. During the day long event, attended by Fujitsu, Brocade, and Juniper, seven talks on router attacks and defenses were presented. We also demoed the RASE research prototype to the participants. |
| Year(s) Of Engagement Activity | 2017 |
| Description | Workshop on the Security of Software Defined Networks |
| Form Of Engagement Activity | Participation in an activity, workshop or similar |
| Part Of Official Scheme? | No |
| Geographic Reach | National |
| Primary Audience | Industry/Business |
| Results and Impact | We conducted a workshop aimed at highlighting the importance of this vital area. Security is a key requirement to make SDN work. This workshop brought together participants from Government, Industry, and Academia to critically discuss the options available on a topic of vital importance. The audience was impressed by the breadth of the subject matter and the reach |
| Year(s) Of Engagement Activity | 2015 |