Exploiting temporal vulnerabilities for unauthorized access in intent-based networking
October 14, 2024
Conference Paper
Author:
Published in:
ACM Conf. on Computer and Communications Security, CCS '24, 14-18 October 2024.
R&D Area:
R&D Group:
Exploiting temporal vulnerabilities for unauthorized access in intent-based networking
Summary
Intent-based networking (IBN) enables network administrators to express high-level goals and network policies without needing to specify low-level forwarding configurations, topologies, or protocols. Administrators can define intents that capture the overall behavior they want from the network, and an IBN controller compiles such intents into low-level configurations that get installed in the network and implement the desired behavior. We discovered that current IBN specifications and implementations do not specify that flow rule installation orderings should be enforced, which leads to temporal vulnerabilities where, for a limited time, attackers can exploit indeterminate connectivity behavior to gain unauthorized network access. In this paper, we analyze the causes of such temporal vulnerabilities and their security impacts with a representative case study via the ONOS IBN implementation.We devise the Phantom Link attack and demonstrate a working exploit to highlight the security impacts. To defend against such attacks, we propose Spotlight, a detection method that can alert a system administrator of risky intent updates prone to exploitable temporal vulnerabilities. Spotlight is effective in identifying risky updates using realistic network topologies and policies. We show that Spotlight can detect risky updates in a mean time of 0.65 seconds for topologies of over 1,300 nodes.