Order P4-66: Characterizing and mitigating surreptitious programmable network device exploitation

by   Simon Kassing, et al.

Substantial efforts are invested in improving network security, but the threat landscape is rapidly evolving, particularly with the recent interest in programmable network hardware. We explore a new security threat, from an attacker who has gained control of such devices. While it should be obvious that such attackers can trivially cause substantial damage, the challenge and novelty are in doing so while preventing quick diagnosis by the operator. We find that compromised programmable devices can easily degrade networked applications by orders of magnitude, while evading diagnosis by even the most sophisticated network diagnosis methods in deployment. Two key observations yield this result: (a) targeting a small number of packets is often enough to cause disproportionate performance degradation; and (b) new programmable hardware is an effective enabler of careful, selective targeting of packets. Our results also point to recommendations for minimizing the damage from such attacks, ranging from known, easy to implement techniques like encryption and redundant requests, to more complex considerations that would potentially limit some intended uses of programmable hardware. For data center contexts, we also discuss application-aware monitoring and response as a potential mitigation.


page 1

page 2

page 3

page 4


Everything Matters in Programmable Packet Scheduling

Programmable packet scheduling allows the deployment of scheduling algor...

Intelligent Network Layer for Cyber-Physical Systems Security

Cyber-Physical System (CPS) has made a tremendous progress in recent yea...

Charting the Security Landscape of Programmable Dataplanes

Emerging programmable dataplanes will revamp communication networks, all...

Applications of Artificial Intelligence to Network Security

Attacks to networks are becoming more complex and sophisticated every da...

CoRT: A Communication Robustness Testbed for Industrial Control System Components

The number of interconnected devices is growing constantly due to rapid ...

Keystone: An Open Framework for Architecting TEEs

Trusted execution environments (TEEs) are being used in all the devices ...

The Forgotten Threat of Voltage Glitching: A Case Study on Nvidia Tegra X2 SoCs

Voltage fault injection (FI) is a well-known attack technique that can b...

Please sign up or login with your details

Forgot password? Click here to reset