Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
133 tokens/sec
GPT-4o
7 tokens/sec
Gemini 2.5 Pro Pro
46 tokens/sec
o3 Pro
4 tokens/sec
GPT-4.1 Pro
38 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

Learning Failure-Inducing Models for Testing Software-Defined Networks (2210.15469v3)

Published 27 Oct 2022 in cs.SE, cs.CR, cs.LG, and cs.NI

Abstract: Software-defined networks (SDN) enable flexible and effective communication systems that are managed by centralized software controllers. However, such a controller can undermine the underlying communication network of an SDN-based system and thus must be carefully tested. When an SDN-based system fails, in order to address such a failure, engineers need to precisely understand the conditions under which it occurs. In this article, we introduce a machine learning-guided fuzzing method, named FuzzSDN, aiming at both (1) generating effective test data leading to failures in SDN-based systems and (2) learning accurate failure-inducing models that characterize conditions under which such system fails. To our knowledge, no existing work simultaneously addresses these two objectives for SDNs. We evaluate FuzzSDN by applying it to systems controlled by two open-source SDN controllers. Further, we compare FuzzSDN with two state-of-the-art methods for fuzzing SDNs and two baselines for learning failure-inducing models. Our results show that (1) compared to the state-of-the-art methods, FuzzSDN generates at least 12 times more failures, within the same time budget, with a controller that is fairly robust to fuzzing and (2) our failure-inducing models have, on average, a precision of 98% and a recall of 86%, significantly outperforming the baselines.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (65)
  1. SwitchV: automated SDN switch validation with P4 models. In Proceedings of the ACM SIGCOMM 2022 Conference. 365–379.
  2. Detecting DDoS Attack on SDN Due to Vulnerabilities in OpenFlow. In Proceedings of the 2019 International Conference on Advances in the Emerging Computing Technologies. 1–6.
  3. Distributed SDN Control: Survey, Taxonomy, and Challenges. IEEE Communications Surveys & Tutorials 20 (2018), 333–354.
  4. ONOS: Towards an Open, Distributed SDN OS. In Proceedings of the 3rd Workshop on Hot topics in Software Defined Networking. 1–6.
  5. Suman Sankar Bhunia and Mohan Gurusamy. 2017. Dynamic attack detection and mitigation in IoT using SDN. In Proceedings of the 27th International Telecommunication Networks and Applications Conference. 1–6.
  6. Network Management Datastore Architecture (NMDA). RFC 8342.
  7. P4: programming protocol-independent packet processors. Computer Communication Review 44, 3 (2014), 87–95.
  8. Robert T. Braden. 1989. Requirements for Internet Hosts - Communication Layers. Information RFC 1122. Internet Engineering Task Force (IETF).
  9. Planning for untangling: Predicting the difficulty of merge conflicts. In Proceedings of the 42nd International Conference on Software Engineering. 801–811.
  10. Learning-Guided Network Fuzzing for Testing Cyber-Physical System Defences. In Proceedings of the 34th IEEE/ACM International Conference on Automated Software Engineering. 962–973.
  11. Security in SDN: A comprehensive survey. Journal of Network and Computer Applications 159 (2020), 1–23.
  12. Handbook of Model Checking. Springer.
  13. William W. Cohen. 1995. Fast Effective Rule Induction. In Proceedings of the 12th International Conference on Machine Learning. 115–123.
  14. A Survey of Man In The Middle Attacks. IEEE Communications Surveys & Tutorials 18, 3 (2016), 2027–2051.
  15. Leonardo de Moura and Nikolaj Bjørner. 2008. Z3: An Efficient SMT Solver. In Proceeding of the 14th International Conference on Tools and Algorithms for the Construction and Analysis of Systems. 337–340.
  16. SPHINX: Detecting Security Attacks in Software-Defined Networks. In Proceedings of the 22nd Network and Distributed System Security Symposium. 1–16.
  17. AIM-SDN: Attacking Information Mismanagement in SDN-datastores. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. 664–676.
  18. Scalable Network Virtualization in Software-Defined Networks. IEEE Internet Computing 17 (2013), 20–27.
  19. Controller-agnostic SDN Debugging. In Proceedings of the 10th ACM International on Conference on emerging Networking Experiments and Technologies, Aruna Seneviratne, Christophe Diot, Jim Kurose, Augustin Chaintreau, and Luigi Rizzo (Eds.). 227–234.
  20. SDN/NFV-enabled satellite communications networks: Opportunities, scenarios and challenges. Journal of Physical Communication 18 (2016), 95–112.
  21. AFL++ : Combining Incremental Steps of Fuzzing Research. In Proceedings of the 14th USENIX Workshop on Offensive Technologies.
  22. Revisiting the Impact of Classification Techniques on the Performance of Defect Prediction Models. In Proceedings of the 37th IEEE/ACM International Conference on Software Engineering. 789–800.
  23. Learn&Fuzz: machine learning for input fuzzing. In Proceedings of the 32nd IEEE/ACM International Conference on Automated Software Engineering. 50–59.
  24. Abstracting failure-inducing inputs. In Proceedings of the 29th ACM SIGSOFT International Symposium on Software Testing and Analysis. ACM, 237–248.
  25. Software-Defined Networking (SDN): Layers and Architecture Terminology. Information RFC 7426. Internet Research Task Force (IRTF).
  26. Forwarding and Control Element Separation (ForCES) Protocol Specification. Information RFC 5810.
  27. Can Offline Testing of Deep Neural Networks Replace Their Online Testing? Empirical Software Engineering 26, 90 (2021), 1–30.
  28. Automated Machine Learning: Methods, Systems, Challenges (1 ed.). Springer.
  29. BEADS: Automated Attack Discovery in OpenFlow-Based SDN Systems. In Proceedings of the 20th International Symposium on Research in Attacks, Intrusions, and Defenses. 311–333.
  30. When does my program do this? learning circumstances of software behavior. In Proceedings of the 28th ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering. 1228–1239.
  31. A network in a laptop: rapid prototyping for software-defined networks. In Proceedings of the 9th ACM SIGCOMM Workshop on Hot Topics in Networks. 1–6.
  32. Network Innovation using OpenFlow: A Survey. IEEE Communications Surveys & Tutorials 16 (2014), 493–512.
  33. A Framework for Policy Inconsistency Detection in Software-Defined Networks. IEEE/ACM Transactions on Networking 30, 3 (2022), 1410–1423.
  34. AudiSDN: Automated Detection of Network Policy Inconsistencies in Software-Defined Networks. In Proceedings of the 39th IEEE Conference on Computer Communications. 1788–1797.
  35. DELTA: A Security Assessment Framework for Software-Defined Networks. In Proceedings of the 24th Network and Distributed System Security Symposium. 1–15.
  36. MSAID: Automated detection of interference in multiple SDN applications. Computer Networks 153 (2019), 49–62.
  37. Joint Placement of Controllers and Gateways in SDN-Enabled 5G-Satellite Integrated Network. IEEE Journal on Selected Areas in Communications 36, 2 (2018), 221–232.
  38. The Art, Science, and Engineering of Fuzzing: A Survey. IEEE Transactions on Software Engineering 47 (2021), 2312–2331. Issue 11.
  39. A NICE Way to Test OpenFlow Applications. In Proceedings of the 9th USENIX Symposium on Networked Systems Design and Implementation. 127–140.
  40. Jelena Mirkovic and Peter Reiher. 2004. A Taxonomy of DDoS Attack and DDoS Defense Mechanisms. SIGCOMM Computer Communication Review 34, 2 (2004), 39––53.
  41. Christoph Molnar. 2022. Interpretable Machine Learning: A Guide for Making Black Box Models Explainable (2 ed.). https://christophm.github.io/interpretable-ml-book
  42. John Moy. 1998. OSPF Version 2. Information RFC 2328. Ascend Communications, Inc.
  43. Predicting network attack patterns in SDN using machine learning approach. In Proceedings of the 2016 IEEE Conference on Network Function Virtualization and Software Defined Networks. 167–172.
  44. [Artifact Repository] Learning Failure-Inducing Models for Testing Software-Defined Networks. https://figshare.com/s/541ddc973352a8ac193e.
  45. Open Networking Foundation. 2015. OpenFlow Switch Specification, Version 1.5.1. Specification ONF TS-025. Open Networking Foundation.
  46. AFLNET: A Greybox Fuzzer for Network Protocols. In Proceedings of the 13th IEEE International Conference on Software Testing, Validation and Verification. 460–465.
  47. David C. Plummer. 1982. An Ethernet Address Resolution Protocol: Or Converting Network Protocol Addresses to 48.bit Ethernet Address for Transmission on Ethernet Hardware. Information. Internet Engineering Task Force (IETF).
  48. Jon Postel. 1980. User Datagram Protocol. Information RFC 768. USC/Information Sciences Institute.
  49. Jon Postel. 1981. Transmission Control Protocol. Information RFC 793. USC/Information Sciences Institute.
  50. Ross Quinlan. 1993. C4.5: Programs for Machine Learning. Morgan Kaufmann Publishers.
  51. Complementing IoT Services Through Software Defined Networking and Edge Computing: A Comprehensive Survey. IEEE Communications Surveys & Tutorials 22, 3 (2020), 1761–1804.
  52. A Border Gateway Protocol 4 (BGP-4). Information RFC 4271. Internet Engineering Task Force (IETF).
  53. Christian Röpke and Thorsten Holz. 2015. SDN Rootkits: Subverting Network Operating Systems of Software-Defined Networks. In Proceedings of the 18th International Symposium on Research in Attacks, Intrusions, and Defenses. 339–356.
  54. RYU Project Team. 2014. RYU SDN Framework (1 ed.). RYU Project Team.
  55. Dynamic adaptation of software-defined networks for IoT systems: A search-based approach. In Proceedings of the 15th IEEE/ACM International Symposium on Software Engineering for Adaptive and Self-Managing Systems. 137–148.
  56. Toward Consistent SDNs: A Case for Network State Fuzzing. IEEE Transactions on Network and Service Management 17, 2 (2020), 668–681.
  57. OpFlex Control Protocol. Internet Draft draft-smith-opflex-03. Internet Engineering Task Force.
  58. Debugging P4 programs with vera. In Proceedings of the 2018 Conference of the ACM Special Interest Group on Data Communication. 518–532.
  59. El-Ghazali Talbi. 2009. Metaheuristics: From design to implementation (1 ed.). John Wiley & Sons.
  60. An Efficient Online Algorithm for Dynamic SDN Controller Assignment in Data Center Networks. IEEE/ACM Transactions on Networking 25 (2017), 2788–2801.
  61. Data mining: practical machine learning tools and techniques (4 ed.). Elsevier.
  62. RE-CHECKER: Towards Secure RESTful Service in Software-Defined Networking. In Proceedings of the 2018 IEEE Conference on Network Function Virtualization and Software Defined Networks. 1–5.
  63. Michał Zalewski. 2016. American Fuzzy Lop — Whitepaper. https://lcamtuf.coredump.cx/afl/technical_details.txt
  64. Peng Zhang. 2017. Towards rule enforcement verification for software defined networks. In Proceedings of the 2017 IEEE Conference on Computer Communications. 1–9.
  65. SeqFuzzer: An Industrial Protocol Fuzzing Framework from a Deep Learning Perspective. In Proceedings of the 12th IEEE Conference on Software Testing, Validation and Verification. 59–67.

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now