performance and security evaluation of sdn networks in
play

Performance and Security Evaluation of SDN Networks in OMNeT++/INET - PowerPoint PPT Presentation

Dec 06, 2023 •147 likes •386 views

Performance and Security Evaluation of SDN Networks in OMNeT++/INET Marco Tiloca, Alexandra Stagkopoulou, Gianluca Dini Software Defined Networking - Overview Key concepts Separation of Control plane and Data plane Centralized SDN

  1. Performance and Security Evaluation of SDN Networks in OMNeT++/INET Marco Tiloca, Alexandra Stagkopoulou, Gianluca Dini

  2. Software Defined Networking - Overview Key concepts • Separation of Control plane and Data plane – Centralized SDN controller and simple Switches – Control plane • Management of routes and network traffic – Establishment of routes and flows – Data plane • Forwarding of network packets – Based on flows and packet-matching rules – OpenFlow as de-facto standard • Control messages and APIs for controllers and switches – Interoperability among different platforms and vendors – 15 September 2016, Brno OMNeT++ Summit 2016 2

  3. Software Defined Networking - Overview 15 September 2016, Brno OMNeT++ Summit 2016 3

  4. Need for evaluation tools Quantitative assessment of SDN systems • At design time (before deployment!) – Avoid practically infeasible analytical models – Network and communication performance • Typical performance indicators (throughput, delay, …) – Traffic models and quality of service – SDN-based monitoring systems • Specialized applications running on the SDN controller – Anomaly detection and enforcement of mitigation policies – Evaluate accuracy, reactiveness and effectiveness – Cyber/physical security attacks • Effects and impact on the network and applications – Attack ranking based on effect severity – 15 September 2016, Brno OMNeT++ Summit 2016 4

  5. Our simulation tool Goal: design a simulation tool for SDN network • Enable quantitative evaluation of performance and security – Intended for network designers and researchers – Built on top of INET/OMNeT++ • Support for SDN units and OpenFlow – Support for evaluation of cyber/physical attacks – Work in progress – Source code available at [1] – This tool does NOT: • Discover new attacks and vulnerabilities – Evaluate feasibility and success rate of security attacks – [1] https://github.com/marco-tiloca-sics/INET_SDN_dev 15 September 2016, Brno OMNeT++ Summit 2016 5

  6. INET support for SDN Some software modules previously developed [2] • Basic SDN Controller and switch nodes – Basic OpenFlow messages (exchange and processing) – Basic packet-matching with installed flows (based on MAC address only) – We have further added • OpenFlow messages for flow management and update – OpenFlow messages for statistic collection (basic OpenFlow method) – Arbitrary complex packet-matching with installed flows – Future extensions • Advanced methods for statistic collection (e.g. sFlow ) – Modules supporting well-known Controller applications – [2] D. Klein and M. Jarschel, An OpenFlow extension for the OMNeT++ INET framework ”, 6th International ICST Conference on Simulation Tools and Techniques (SimuTools ’ 13), pp. 322 – 329, March 2013 15 September 2016, Brno OMNeT++ Summit 2016 6

  7. SDN controller Host running specific SDN services • Controller application • Flow establishment – Installation /update of flows on switches – Statistic collection from switches – Enforcement of traffic policies – … – Monitoring system • Yet another dedicated application – Traffic monitoring and anomaly detection – SDN controller node Anomaly mitigation and neutralization – (more details soon…) – 15 September 2016, Brno OMNeT++ Summit 2016 7

  8. SDN switch Control plane Data plane • • Traditional-host stack Collection of minimal stacks – – Interaction with the SDN controller Packet matching and forwarding – – Switch node 15 September 2016, Brno OMNeT++ Summit 2016 8

  9. SDN-based monitoring systems Step 1 – Statistic collection from switches • Basic OpenFlow method based on polling interval – Alternative fine-grained methods e.g. sFlow (future work) – Step 2 – Statistic analysis • Dedicated application on the SDN controller – Detection of anomalous traffic distribution (e.g. entropy-based) – Detection of anomalous traffic volumes to/from network nodes – Step 3 – Anomaly mitigation • Flow installation/update on switches – Isolation of anomalous/malevolent traffic – Basic methods implemented as a proof-of-concept • 15 September 2016, Brno OMNeT++ Summit 2016 9

  10. Evaluation of security attacks Attack effects are simulated • Attacks are assumed to be successfully performed – There is no reproduction of their actual execution – Only final effects are reproduced at runtime – Quantitative evaluation • Assess effects and impact on networks and applications – Observe changes in performance indicators – Consider an attack-free case as comparative baseline – Core concepts first introduced in [3] • Attack Specification Language and Attack Simulation Engine – Current adaptation to SDN architectures and scenarios – Enable attacks where switches are victims or exploited units – [3] M. Tiloca, F. Racciatti and G. Dini, Simulative Evaluation of Se-curity Attacks in Networked Critical Infrastructures , The 2nd International Workshop on Reliability and Security Aspects for Critical Infrastructure Protection (ReSA4CI), Lecture Notes in Computer Science LNCS 9338. Springer, pp. 314 – 323, September 2015 15 September 2016, Brno OMNeT++ Summit 2016 10

  11. Core concept #1 - Attack Specification Language The user describes attacks to be evaluated • Attacks are described in terms of their final effects – No need to describe how attacks are actually executed – Attack format • List of atomic events to be injected at runtime – Events modeled by high-level primitive functions – Node primitives • Intended for physical attacks – End targets are network nodes – Message primitives • Intended for cyber attacks – End targets are network packets – 15 September 2016, Brno OMNeT++ Summit 2016 11

  12. Core concept #1 - Attack Specification Language Node primitives Physical attacks • One node primitive each – destroy() move() Message primitives Cyber attacks • List of message primitives drop() create() – Packet fields addressed by a dot notation clone() retrieve() – Either conditional or unconditional change() send() put() – from T nodes = <list of nodes> do { Conditional cyber attacks • filter (<condition>) <list of events> Occur if a condition is verified as true – } Unconditional cyber attacks from T every P do { • <list of events> Occur periodically, from a specified time – } 15 September 2016, Brno OMNeT++ Summit 2016 12

  13. Core concept #2 - Attack Simulation Engine Additional INET modules • Global Event Processor – Local Event Processor (1 per network node) – Injection and processing of attack events at runtime – Local Event Processor • Gate by-pass between each pair of layers in the stack – Intercept, chance and inject packets at different layers – Transparent to the network nodes – Global Event Processor • Connected with all the Local Event Processors – Enable complex attacks involving more nodes (e.g. wormhole) – 15 September 2016, Brno OMNeT++ Summit 2016 13

  14. Core concept #2 - Attack Simulation Engine Adaptation to generic hosts and SDN Controllers 15 September 2016, Brno OMNeT++ Summit 2016 14

  15. Core concept #2 - Attack Simulation Engine Adaptation to SDN switches (work in progress) 15 September 2016, Brno OMNeT++ Summit 2016 15

  16. Reproduction of attack effects 1. The user: USER Describes the attacks with the specification language – Attack description Converts the description into XML (Python interpreter) – Runs a new simulation importing the XML attack file – 2. The Attack Simulation Engine: INET Parses the XML attack file – Injection of attack events Builds attack lists and starts attack timers – Injects the specified attack events at runtime – 3. Collection and analysis of results USER Attack-free scenario as comparison baseline – Analysis of results Attack ranking and selection of countermeasures – 15 September 2016, Brno OMNeT++ Summit 2016 16

  17. Reproduction of attack effects We have NOT: • Modified event scheduling/handling in INET – Modified applications or communication protocols – The user is NOT required to: • Implement actual adversaries and attack executions – Modify applications and communication protocols – Implement or customize INET components – The user considers as starting points: • The network scenario, applications and protocols – The applications and service running on the SDN controller – The security attacks to be evaluated – 15 September 2016, Brno OMNeT++ Summit 2016 17

  18. Example scenario Communication patterns • C1  S1 10 pkt/s – C2  S2 5 pkt/s – C3  S2 3.33 pkt/s – C4  S3 5 pkt/s – Flow management policies • Periodic expiration (every 30 s) – Periodic statistic collection – Privacy by design – Anomaly detection Denial of Service attack • • Entropy-based w/ fixed threshold Start at t = 90 s – – Bounded TX/RX rates per node C3 sends additional packets to S2 – – Attack injection rate R – 15 September 2016, Brno OMNeT++ Summit 2016 18

  19. Denial of Service - Results Different attack injection rates • The stronger the attack, the more packets received by the victim – Well-tuned monitoring system: attack always detected at t = 120 s – 15 September 2016, Brno OMNeT++ Summit 2016 19

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Performance Evaluation of Performance Evaluation of Security- -Aware Routing Protocols Aware

Performance Evaluation of Performance Evaluation of Security- -Aware Routing Protocols Aware

Performance Evaluation of Performance Evaluation of Security- -Aware Routing Protocols Aware Routing Protocols Security for Clustered Mobile Ad Hoc for Clustered Mobile Ad Hoc Networks Networks Gregory S. Yovanof - - Kerem Kerem Ericsi

1.16k views • 26 slides
The JMT Simulator for The JMT Simulator for Performance Evaluation of Performance Evaluation of

The JMT Simulator for The JMT Simulator for Performance Evaluation of Performance Evaluation of

Politecnico di Milano - DEI Milan, Italy The JMT Simulator for The JMT Simulator for Performance Evaluation of Performance Evaluation of Non-Product-Form Queueing Networks Non-Product-Form Queueing Networks Marco Bertoli, Giuliano Casale,

475 views • 32 slides
What is a performance evaluation? Performance Management v. Performance Evaluation Evaluation

What is a performance evaluation? Performance Management v. Performance Evaluation Evaluation

3/16/2015 Employee Performance Evaluations and Their Importance Presented by Summer Randall March 18, 2015 What is a performance evaluation? Performance Management v. Performance Evaluation Evaluation Management One time event Ongoing

175 views • 6 slides
Performance Evaluation and Improvement of Broadcasting Algorithms in Ad Hoc Networks Hao Zhang

Performance Evaluation and Improvement of Broadcasting Algorithms in Ad Hoc Networks Hao Zhang

Performance Evaluation and Improvement of Broadcasting Algorithms in Ad Hoc Networks Hao Zhang and Zhong Ping Jiang ECE Department Polytechnic University, New York 1 Ad Hoc Networks No base station, self-organized Energy and bandwidth

364 views • 21 slides
Performance Evaluation of 3G CDMA Networks with Antenna Arrays IEEE 4th Workshop on Applications

Performance Evaluation of 3G CDMA Networks with Antenna Arrays IEEE 4th Workshop on Applications

Jul. 2003 1 Performance Evaluation of 3G CDMA Networks with Antenna Arrays IEEE 4th Workshop on Applications and Services in Wireless Networks Dr. D. J. Shyy The MITRE Corporation Jin Yu and Dr. Yu-Dong Yao Stevens Institute of Technology

436 views • 22 slides
Njira DFAP Final Performance Njira DFAP Final Performance Evaluation Presentation Evaluation

Njira DFAP Final Performance Njira DFAP Final Performance Evaluation Presentation Evaluation

Njira DFAP Final Performance Njira DFAP Final Performance Evaluation Presentation Evaluation Presentation TANGO International Meet our Presenters Lori Du Trieuille, BHA Malawi Team Leader, USAID/ BHA Steve Sibande, Food Security Monitoring

417 views • 39 slides
IT Security Evaluation Why do we need security evaluation To provide a basis for specifying

IT Security Evaluation Why do we need security evaluation To provide a basis for specifying

IT Security Evaluation Why do we need security evaluation To provide a basis for specifying security expectations To verify that a computer product/system fulfills the requirements imposed on it To establish a metric for the degree

535 views • 19 slides
Title goes here Tools for Performance Evaluation Timing and performance evaluation has been

Title goes here Tools for Performance Evaluation Timing and performance evaluation has been

Title goes here Tools for Performance Evaluation Timing and performance evaluation has been an art Experiences and Lessons Learned Resolution of the clock with a Portable Interface to Issues about cache effects Hardware Performance

594 views • 5 slides
Evaluation of Amplification attacks in large-scale networks to improve detection performance

Evaluation of Amplification attacks in large-scale networks to improve detection performance

Chair of Network Architectures and Services Department of Informatics Technical University of Munich Evaluation of Amplification attacks in large-scale networks to improve detection performance Michael Kpferl Interdisciplinary Project Final

517 views • 49 slides
APPLYING BCMP MULTI-CLASS QUEUEING NETWORKS FOR THE PERFORMANCE EVALUATION OF HIERARCHICAL AND

APPLYING BCMP MULTI-CLASS QUEUEING NETWORKS FOR THE PERFORMANCE EVALUATION OF HIERARCHICAL AND

APPLYING BCMP MULTI-CLASS QUEUEING NETWORKS FOR THE PERFORMANCE EVALUATION OF HIERARCHICAL AND MODULAR SOFTWARE SYSTEMS Simonetta Balsamo Gian-Luca Dei Rossi Andrea Marin Dipartimento di Informatica Universit` a Ca Foscari, Venezia

298 views • 15 slides
Telematics 2 &amp; Performance Evaluation Chapter 4 Introduction to Performance Evaluation

Telematics 2 &amp; Performance Evaluation Chapter 4 Introduction to Performance Evaluation

Telematics 2 &amp; Performance Evaluation Chapter 4 Introduction to Performance Evaluation Telematics 2 / Performance Evaluation (WS 17/18): 04 PE Introduction 1 Overview q Goals of Performance Evaluation q Basic Notions: System and Model

317 views • 27 slides
A ns2-based simulation framework for performance evaluation of overlay networks Michele Amoretti

A ns2-based simulation framework for performance evaluation of overlay networks Michele Amoretti

A ns2-based simulation framework for performance evaluation of overlay networks Michele Amoretti Mauro Andreolini Francesco Zanichelli Riccardo Lancellotti Universit di Parma Universit di Modena e Reggio Emilia FIRB Web-Minds, Genova

623 views • 16 slides
Diffusion approximation as a tool in computer networks performance evaluation CNT 2500 Tadeusz

Diffusion approximation as a tool in computer networks performance evaluation CNT 2500 Tadeusz

Diffusion approximation as a tool in computer networks performance evaluation CNT 2500 Tadeusz Czachrski tadek@iitis.pl https://www.iitis.pl/en/person/tczachorski Institute of Theoretical and Applied Informatics of Polish Academy of

880 views • 54 slides
Discrete-Event Simulation and Performance Evaluation 01204525 Wireless Sensor Networks and

Discrete-Event Simulation and Performance Evaluation 01204525 Wireless Sensor Networks and

Discrete-Event Simulation and Performance Evaluation 01204525 Wireless Sensor Networks and Internet of Things Chaiporn Ja Jaikaeo (c (chaiporn.j@ku.ac.th) Department of f Computer Engineering Kasetsart University Materials taken from

988 views • 25 slides
Why do we need security evaluation To provide a basis for specifying security expectations

Why do we need security evaluation To provide a basis for specifying security expectations

Why do we need security evaluation To provide a basis for specifying security expectations IT Security Evaluation To verify that a computer product/system fulfills the requirements imposed on it To establish a metric for the degree

70 views • 4 slides
End to End Delay Performance Evaluation for VoIP in the LTE Network Dai, Hongxin

End to End Delay Performance Evaluation for VoIP in the LTE Network Dai, Hongxin

ENSC 427 COMMUNICATION NETWORKS SPRING 2013 Final Project Presentation End to End Delay Performance Evaluation for VoIP in the LTE Network Dai, Hongxin danield @ sfu.ca Ishita, Farah fishita @ sfu.ca Lo, Hao Hua

530 views • 24 slides
Routing in packet-switching networks Circuit switching vs. Packet switching Most of WANs based on

Routing in packet-switching networks Circuit switching vs. Packet switching Most of WANs based on

Routing in packet-switching networks Circuit switching vs. Packet switching Most of WANs based on circuit or packet switching Circuit switching designed for voice Resources dedicated to a particular call Much of the time a data connection is

358 views • 14 slides
The Future of Network Flow Monitoring Prague Embedded Systems Workshop (PESW 2019) Friday 28 th

The Future of Network Flow Monitoring Prague Embedded Systems Workshop (PESW 2019) Friday 28 th

The Future of Network Flow Monitoring Prague Embedded Systems Workshop (PESW 2019) Friday 28 th June, 2019 Petr Velan Flow Monitoring Introduction Internet Flow monitoring is widely used for: Accounting Probe TAP Security (IDS, forensics)

367 views • 20 slides
ATO Journey IMechE - May 2019 Mainline ATO over ETCS development CR1238 - ATO B3 R2 TEN-T

ATO Journey IMechE - May 2019 Mainline ATO over ETCS development CR1238 - ATO B3 R2 TEN-T

The Mainline ATO Journey IMechE - May 2019 Mainline ATO over ETCS development CR1238 - ATO B3 R2 TEN-T PROGRAMME 2011- 2014 2 ATO Development Projects S2R IP2 Advanced Traffic Management and Control system NGTC Learning from CBTC

165 views • 16 slides
Enabling GPU-as-a-Service Providers with Red Hat OpenShift @jeremyeder Senior Principal Software

Enabling GPU-as-a-Service Providers with Red Hat OpenShift @jeremyeder Senior Principal Software

Enabling GPU-as-a-Service Providers with Red Hat OpenShift @jeremyeder Senior Principal Software Engineer, Red Hat March, 2018 1 JEREMY EDER - RED HAT PERFORMANCE ENGINEERING Agenda OpenShift Cluster Overview Infrastructure

1.1k views • 25 slides
S9709 Dynamic Sharing of f GPUs and IO IO in in a PCIe Network Hkon Kvale Stensland Senior

S9709 Dynamic Sharing of f GPUs and IO IO in in a PCIe Network Hkon Kvale Stensland Senior

S9709 Dynamic Sharing of f GPUs and IO IO in in a PCIe Network Hkon Kvale Stensland Senior Research Scientist / Associate Professor Simula Research Laboratory / University of Oslo Outline Motivation PCIe Overview

645 views • 36 slides
Maple: Simplifying SDN Programming Using Algorithmic Policies Andreas Voellmy Junchang Wang

Maple: Simplifying SDN Programming Using Algorithmic Policies Andreas Voellmy Junchang Wang

Maple: Simplifying SDN Programming Using Algorithmic Policies Andreas Voellmy Junchang Wang Y. Richard Yang Bryan Ford Paul Hudak Presented by Eldad Rubinstein November 21, 2013 Introduction Looking for an abstraction for

559 views • 23 slides
Hays County CRIMINAL JUSTICE SYSTEM UPDATE AND JAIL FACILITY ASSESSMENT FINAL REPORT PRESENTATION

Hays County CRIMINAL JUSTICE SYSTEM UPDATE AND JAIL FACILITY ASSESSMENT FINAL REPORT PRESENTATION

1 Hays County CRIMINAL JUSTICE SYSTEM UPDATE AND JAIL FACILITY ASSESSMENT FINAL REPORT PRESENTATION TUESDAY, MARCH 22, 2016 The GMJ Team 2 Judge Carl R. Griffith, Supervising Partner Natacha Pelez-Wagner, Project Manager Suzanne

767 views • 75 slides
Welcome Parents of the Class of 2025 to Woodridge Middle School! Mrs. Shannon Umfleet, Principal

Welcome Parents of the Class of 2025 to Woodridge Middle School! Mrs. Shannon Umfleet, Principal

Welcome Parents of the Class of 2025 to Woodridge Middle School! Mrs. Shannon Umfleet, Principal Mrs. Elizabeth Green, Administrative Intern Thank You! New Gym Added Classrooms Upgraded Security Elevator Middle school students need

168 views • 15 slides

More recommend