Skip to main content
SpringerLink
Log in

FSF: Code Coverage-Driven Fuzzing for Software-Defined Networking

  • Conference paper
  • First Online:
Information Security Applications (WISA 2019)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11897))

Included in the following conference series:

  • 977 Accesses

Abstract

A Software-Defined Networking (SDN) controller plays a key role for assuring the security and robustness of its underlying network system. Previous studies focus on eliciting bugs in such SDN controller via penetration testing or fuzzing without considering code coverage feedback from a target controller under testing. We propose FSF, a code coverage-driven SDN fuzzer. We designed and implemented a fuzzing algorithm to take into account coverage differences incurred by mutated OpenFlow (OF) messages. FSF demonstrated its superiority in increasing the code coverage of a target controller and generated unique 146 tests that trigger bugs in the latest version of Floodlight, a well-known open-source SDN controller.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Floodlight. http://www.projectfloodlight.org/floodlight

  2. JaCoCo: Java code coverage library. https://www.jacoco.org/jacoco/

  3. Openflow switch specification: Version 1.3.1. https://www.opennetworking.org/wp-content/uploads/2013/04/openflow-spec-v1.3.1.pdf

  4. Basta, A., Kellerer, W., Hoffmann, M., Morper, H.J., Hoffmann, K.: Applying NFV and SDN to LTE mobile core gateways, the functions placement problem. In: Proceedings of the Workshop on All Things Cellular: Operations, Applications and Challenges, pp. 33–38 (2014)

    Google Scholar 

  5. Benton, K., Camp, L.J., Small, C.: Openflow vulnerability assessment. In: Proceedings of the ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, pp. 151–152 (2013)

    Google Scholar 

  6. Bertaux, L., et al.: Software defined networking and virtualization for broadband satellite networks. IEEE Commun. Mag. 53(3), 54–60 (2015)

    Article  Google Scholar 

  7. Cha, S.K., Woo, M., Brumley, D.: Program-adaptive mutational fuzzing. In: Proceedings of the IEEE Symposium on Security and Privacy, pp. 725–741 (2015)

    Google Scholar 

  8. Cohen, D.M., Dalal, S.R., Parelius, J., Patton, G.C.: The combinatorial design approach to automatic test generation. IEEE Softw. 13(5), 83–88 (1996)

    Article  Google Scholar 

  9. Dixit, V.H., Doupé, A., Shoshitaishvili, Y., Zhao, Z., Ahn, G.J.: AIM-SDN: attacking information mismanagement in SDN-datastores. In: Proceedings of the ACM Conference on Computer and Communications Security, pp. 664–676 (2018)

    Google Scholar 

  10. Durner, R., Kellerer, W.: The cost of security in the SDN control plane. In: Proceedings of the ACM CoNEXT Student Workshop (2015)

    Google Scholar 

  11. Flauzac, O., González, C., Hachani, A., Nolot, F.: SDN based architecture for IoT and improvement of the security. In: Proceedings of the IEEE International Conference on Advanced Information Networking and Applications Workshops, pp. 688–693 (2015)

    Google Scholar 

  12. Hocevar, S.: zzuf. https://github.com/samhocevar/zzuf

  13. Holler, C., Herzig, K., Zeller, A.: Fuzzing with code fragments. In: Proceedings of the USENIX Security Symposium, pp. 445–458 (2012)

    Google Scholar 

  14. Householder, A.D., Foote, J.M.: Probability-based parameter selection for black-box fuzz testing. Technical report, CMU/SEI-2012-TN-019, CERT (2012)

    Google Scholar 

  15. Jero, S., Bu, X., Nita-Rotaru, C., Okhravi, H., Skowyra, R., Fahmy, S.: BEADS: automated attack discovery in openflow-based SDN systems. In: Dacier, M., Bailey, M., Polychronakis, M., Antonakakis, M. (eds.) RAID 2017. LNCS, vol. 10453, pp. 311–333. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-66332-6_14

    Chapter  Google Scholar 

  16. Kazemian, P., Chang, M., Zeng, H., Varghese, G., McKeown, N., Whyte, S.: Real time network policy checking using header space analysis. In: Proceedings of the USENIX Symposium on Networked Systems Design and Implementation, pp. 99–111 (2013)

    Google Scholar 

  17. Klöti, R., Kotronis, V., Smith, P.: Openflow: a security analysis. In: Proceedings of the IEEE International Conference on Network Protocols, pp. 1–6 (2016)

    Google Scholar 

  18. Kreutz, D., Ramos, F., Verissimo, P.: Towards secure and dependable software-defined networks. In: Proceedings of the ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, pp. 55–60 (2013)

    Google Scholar 

  19. Kreutz, D., Ramos, F.M., Verissimo, P., Rothenberg, C.E., Azodolmolky, S., Uhlig, S.: Software-defined networking: a comprehensive survey. Proc. IEEE 103(1), 14–76 (2015)

    Article  Google Scholar 

  20. Lee, S., Yoon, C., Lee, C., Shin, S., Yegneswaran, V., Porras, P.A.: DELTA: a security assessment framework for software-defined networks. In: Proceedings of the Network and Distributed System Security Symposium (2017)

    Google Scholar 

  21. Lei, X., Huang, J., Hong, S., Zhang, J., Gu, G.: Attacking the brain: races in the SDN control plane. In: Proceedings of the USENIX Security Symposium, pp. 451–468 (2017)

    Google Scholar 

  22. Miller, B.P., Fredriksen, L., So, B.: An empirical study of the reliability of UNIX utilities. Commun. ACM 33(12), 32–44 (1990)

    Article  Google Scholar 

  23. Ojo, M., Adami, D., Giordano, S.: A SDN-IoT architecture with NFV implementation. In: Proceedings of the IEEE Globecom Workshops, pp. 1–6 (2016)

    Google Scholar 

  24. Pickett, G.: Abusing software defined networks. In: Proceedings of the Black Hat EU (2014)

    Google Scholar 

  25. Pickett, G.: Staying persistent in software defined networks. Black Hat Briefings (2015)

    Google Scholar 

  26. Porras, P., Shin, S., Yegneswaran, V., Fong, M., Tyson, M., Gu, G.: A security enforcement kernel for openflow networks. In: Proceedings of the ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, pp. 121–126 (2012)

    Google Scholar 

  27. Rawat, S., Jain, V., Kumar, A., Cojocar, L., Giuffrida, C., Bos, H.: VUzzer: application-aware evolutionary fuzzing. In: Proceedings of the Network and Distributed System Security Symposium (2017)

    Google Scholar 

  28. Rebert, A., Cha, S.K., Avgerinos, T., Foote, J., Warren, D., Grieco, G., Brumley, D.: Optimizing seed selection for fuzzing. In: Proceedings of the USENIX Security Symposium, pp. 861–875 (2014)

    Google Scholar 

  29. Rückert, J., Bifulco, R., Rizwan-Ul-Haq, M., Kolbe, H.J., Hausheer, D.: Flexible traffic management in broadband access networks using software defined networking. In: Proceedings of the IEEE Network Operations and Management Symposium, pp. 1–8 (2014)

    Google Scholar 

  30. Scott, C., et al.: Troubleshooting blackbox SDN control software with minimal causal sequences. ACM SIGCOMM Comput. Commun. Rev. 44(4), 395–406 (2015)

    Article  Google Scholar 

  31. Trivisonno, R., Guerzoni, R., Vaishnavi, I., Soldani, D.: SDN-based 5G mobile networks: architecture, functions, procedures and backward compatibility. Trans. Emerg. Telecommun. Technol. 26(1), 82–92 (2015)

    Article  Google Scholar 

  32. Yoon, C., et al.: Flow wars: systemizing the attack surface and defenses in software-defined networks. IEEE/ACM Trans. Netw. 25(6), 3514–3530 (2017)

    Article  Google Scholar 

  33. Zalewski, M.: American Fuzzy Lop. http://lcamtuf.coredump.cx/afl/

  34. Zeller, A.: Yesterday, my program worked. Today, it does not. Why? In: Proceedings of the ACM SIGSOFT Software Engineering Notes, pp. 253–267 (1999)

    Google Scholar 

Download references

Acknowledgements

We thank anonymous reviewers for their helpful feedback. This work was supported by Institute for Information & communications Technology Promotion (IITP) grant funded by the Korea government (MSIT) (No.2018-0-00254, SDN security technology development).

Author information

Authors and Affiliations

  1. KAIST, Daejeon, Korea

    Hyuntae Kim, Seongil Wi, Hyunjoo Lee & Sooel Son

Authors
  1. Hyuntae Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Seongil Wi
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Hyunjoo Lee
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Sooel Son
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Sooel Son .

Editor information

Editors and Affiliations

  1. Soonchunhyang University, Asan, Korea (Republic of)

    Ilsun You

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Kim, H., Wi, S., Lee, H., Son, S. (2020). FSF: Code Coverage-Driven Fuzzing for Software-Defined Networking. In: You, I. (eds) Information Security Applications. WISA 2019. Lecture Notes in Computer Science(), vol 11897. Springer, Cham. https://doi.org/10.1007/978-3-030-39303-8_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-39303-8_4

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-39302-1

  • Online ISBN: 978-3-030-39303-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation