Capitalizing on SDN-based SCADA systems: An anti-eavesdropping case-study

“…Each of these planes and their interfaces are liable to di erent types of attacks. Much work has focused on security of the controlling unit of the control plane, and the OpenFlow specifying switches for data transmission between the control plane and the data plane [2,4,5,14,19]. Some of these security issues are not SDN speci c and some are.…”

“…Eavesdropping attacks are one of the most common and important network attacks because they are relatively easy to implement and their e ects can escalate to more severe attacks such as Denialof-service, side-channel-attacks, and black-holes. There have been relatively few studies on eavesdropping attacks and data leakages in SDN [4,8,14]. One focuses on exploiting the over ow vulnerability of the SDN's ow table to derive meta data about packet forwarding [14].…”

“…One focuses on exploiting the over ow vulnerability of the SDN's ow table to derive meta data about packet forwarding [14]. The others address mitigation and detection of leakages during the data transmission in SDN [4,8]. Although eavesdropping attacks do not occur exclusively in SDN, existing solutions in traditional networks are not necessary appropriate for SDN.…”

“…Because of high overhead, one approach to address eavesdropping attack is by applying cryptographic network protocols such as SSH. However, such an approach has limitations especially when the network is large and complex [4].…”

“…This paper addresses the issue of how to cope with eavesdropping attacks in the SDN data plane by using multiple routing paths (e.g., [4]) to reduce the severity of data leakage. While this existing approach, referred to as a multipath approach, appears to be considerably e ective, our simple analysis uncovers that without a proper strategy of data communication, it can still lead to 100% of data exposure.…”

Alleviating eavesdropping attacks in software-defined networking data plane

“…Each of these planes and their interfaces are liable to di erent types of attacks. Much work has focused on security of the controlling unit of the control plane, and the OpenFlow specifying switches for data transmission between the control plane and the data plane [2,4,5,14,19]. Some of these security issues are not SDN speci c and some are.…”

“…Eavesdropping attacks are one of the most common and important network attacks because they are relatively easy to implement and their e ects can escalate to more severe attacks such as Denialof-service, side-channel-attacks, and black-holes. There have been relatively few studies on eavesdropping attacks and data leakages in SDN [4,8,14]. One focuses on exploiting the over ow vulnerability of the SDN's ow table to derive meta data about packet forwarding [14].…”

“…One focuses on exploiting the over ow vulnerability of the SDN's ow table to derive meta data about packet forwarding [14]. The others address mitigation and detection of leakages during the data transmission in SDN [4,8]. Although eavesdropping attacks do not occur exclusively in SDN, existing solutions in traditional networks are not necessary appropriate for SDN.…”

“…Because of high overhead, one approach to address eavesdropping attack is by applying cryptographic network protocols such as SSH. However, such an approach has limitations especially when the network is large and complex [4].…”

“…This paper addresses the issue of how to cope with eavesdropping attacks in the SDN data plane by using multiple routing paths (e.g., [4]) to reduce the severity of data leakage. While this existing approach, referred to as a multipath approach, appears to be considerably e ective, our simple analysis uncovers that without a proper strategy of data communication, it can still lead to 100% of data exposure.…”

Alleviating eavesdropping attacks in software-defined networking data plane

WSN Security Mechanisms for CPS

Low delay network attributes randomization to proactively mitigate reconnaissance attacks in industrial control systems