Rights statement: © ACM, 2021. This is the author's version of the work. It is posted here by permission of ACM for your personal use. Not for redistribution. The definitive version was published in CPSIoTSec '21 http://doi.acm.org/10.1145/3462633.3483979
Accepted author manuscript, 5.11 MB, PDF document
Available under license: CC BY-NC: Creative Commons Attribution-NonCommercial 4.0 International License
Final published version
Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSN › Conference contribution/Paper › peer-review
Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSN › Conference contribution/Paper › peer-review
}
TY - GEN
T1 - Controller-in-the-Middle
T2 - Attacks on Software Defined Networks in Industrial Control Systems
AU - Gardiner, Joe
AU - Eiffert, Adam
AU - Garraghan, Peter
AU - Race, Nicholas
AU - Nagaraja, Shishir
AU - Rashid, Awais
N1 - © ACM, 2021. This is the author's version of the work. It is posted here by permission of ACM for your personal use. Not for redistribution. The definitive version was published in CPSIoTSec '21 http://doi.acm.org/10.1145/3462633.3483979
PY - 2021/11/30
Y1 - 2021/11/30
N2 - Programmable networks are an area of increasing research activity and real-world usage. The most common example of programmable networks is software defined networking (SDN), in which the control and data planes are separated, with switches only acting as forwarding devices, controlled by software in the form of an SDN controller. As well as routing, this controller can perform other network functions such as load balancing and firewalls. There is an increasing amount of work proposing the use of SDN in industrial control systems (ICS) environments. The ability of SDN to dynamically control the network provides many potential benefits, including to security, utilising the dynamic orchestration of security controls. However, the centralisation of network control results in a single point of failure within the system, and thus potentially a major target of attack. An attacker who is capable of controlling the SDN controller gains near full control of the network. In this paper, we describe and analyse this very scenario. We demonstrate a number of simple, yet highly effective, attacks from a compromised SDN controller within an ICS environment which can break the real-time properties of industrial protocols, and potentially interfere with the operation of physical processes.
AB - Programmable networks are an area of increasing research activity and real-world usage. The most common example of programmable networks is software defined networking (SDN), in which the control and data planes are separated, with switches only acting as forwarding devices, controlled by software in the form of an SDN controller. As well as routing, this controller can perform other network functions such as load balancing and firewalls. There is an increasing amount of work proposing the use of SDN in industrial control systems (ICS) environments. The ability of SDN to dynamically control the network provides many potential benefits, including to security, utilising the dynamic orchestration of security controls. However, the centralisation of network control results in a single point of failure within the system, and thus potentially a major target of attack. An attacker who is capable of controlling the SDN controller gains near full control of the network. In this paper, we describe and analyse this very scenario. We demonstrate a number of simple, yet highly effective, attacks from a compromised SDN controller within an ICS environment which can break the real-time properties of industrial protocols, and potentially interfere with the operation of physical processes.
U2 - 10.1145/3462633.3483979
DO - 10.1145/3462633.3483979
M3 - Conference contribution/Paper
T3 - Joint Workshop on CPS & IoT Security and Privacy (CPSIoTSec)
SP - 63
EP - 68
BT - CPSIoTSec '21
PB - ACM
CY - New York
ER -