Date of Award
3-26-2015
Document Type
Thesis
Degree Name
Master of Science
Department
Department of Electrical and Computer Engineering
First Advisor
Barry E. Mullins, PhD.
Abstract
SDN transforms a network from a calcified collection of hardware into a logically centralized and programmable method of interconnectivity. Changing the networking paradigm shifts a networks security posture. Changes visible to a host connected to the network include small latency differences between a traditional network environment and an SDN environment. This thesis aims to reliably distinguish SDN environments from traditional environments by observing latency behavior. Additionally, this thesis determines whether latency information contributes to the unique fingerprint of SDN controllers. Identifying the controller software gives an adversary information contributing to a network attack. An SDN and traditional network environment consisting of two hosts, one switch, and one controller are created. Within both environments, packet RTT values are compared between SDN and traditional environments to determine if both sets differ. Latency analysis is used to observe features of an SDN controller. Collected features contribute to a table of information used to uniquely fingerprint an SDN controller. Results show that packet RTTs within a traditional network environment significantly (p-value less than 1:0 10(-15)) differ from SDN environments. The predicted controller inactivity timeout within the simulated environment differs from the true timeout by a mean value of 0.44956 seconds. The emulated environment shows that the observed inactivity timeout depends on the network switch implementation of the controllers set value, leading to incorrect observed timeouts. Within the SDN environment, the host is not able to directly communicate with the SDN controller, leading to an inability to collect the number of features needed to uniquely identify the SDN controller.
AFIT Designator
AFIT-ENG-MS-15-M-067
DTIC Accession Number
ADA615336
Recommended Citation
Zeitlin, Zachary J., "Fingerprinting Software Defined Networks and Controllers" (2015). Theses and Dissertations. 73.
https://scholar.afit.edu/etd/73