Network Programming and Probabilistic Sketching for Securing the Data Plane
Table 7
Attack types supported by the MACM module.
Attack Type
Description
DoS attack on host with IP address 10.0.0.4
To simulate this attack, we crafted a static flow action rule that commands the malicious switch SW6 to forward all traffic received on any of its ingress ports to the IP address 10.0.0.4. The following is an example of a StaticEntryPusher command that simulates this attack: curl − X POST −d,:,:,:,:,:,:http://localhost:8080/wm/staticentrypusher/json
DoS attack on controller
Analogous to the DoS attack on a specific IP, we command SW6 to send all traffic received on any of its ingress ports to the controller.
Interruption of traffic to host with IP address 10.0.0.4
To simulate this attack scenario, we craft a static flow action rule that commands the switch SW6 to drop a portion of the packets destined to host 10.0.0.4. For instance, switch SW6 only drops the packets with destination IP 10.0.0.4 and received on ingress port 1. Packets received on ingress ports 2 and 3 and destined to 10.0.0.4 are forwarded normally.
Blocking traffic destined to host: IP address 10.0.0.4
To simulate this attack, we crafted a rule similar to the one above but which commands the malicious switch SW6 to drop all packets destined to host 10.0.0.4. That is SW6 drops packets destined to 10.0.0.4 received on any of its ingress ports. This is achieved using the StaticEntryPusher commands.
Blocking traffic from host with IP address 10.0.0.3
In this attack scenario the malicious switch SW6 is commanded to drop all packets with source IP 10.0.0.3 received on any of its ingress ports.
Man-in-the-Middle attack via host 10.0.0.2
In this attack scenario, the malicious switch SW6 modifies the destination IP and Ethernet addresses to those of the host 10.0.0.2.
