Analysis of Denial-of-Service Attack Vectors in Software-Defined Networks

Anthony A. Portante

Abstract

Software Defined Networking is a new emerging technology that is quickly gaining popularity amongst the largest corporations. However, this new networking paradigm has a centralized point of failure at the controller. With this choke point, it is imperative that it be designed with security at the forefront. This research aims to shed light on one of the possible ways that having a centralized point of failure in the network can provide malicious attackers an avenue to disrupt an entire enterprise network. Two experiments are performed. The first experiment confirms a discovered vulnerability in a hardware switch. The second, to see if generating fake malicious software switches on the network is enough to inflate the Java Virtual Machine Heap to capacity and cause the controller to crash.