Abstract

A new networking paradigm called software-defined networking, or SDN, gives a controller and its applications the capacity to see the whole network and to design it in a flexible way. This allows for new developments in network protocols and applications. Many SDN applications depend on the logically centralized control plane of SDN to offer the complete network visibility, which is one of its main benefits. The literature offers a novel attack vector peculiar to SDN that substantially undermine this basis. Our novel attacks have some spirit in common with spoofing attacks in legacy networks (like the ARP poisoning attack), but they vary greatly in that they take use of certain vulnerabilities that arise from the way contemporary SDN functions differently from legacy networks. The knowledge about virtual machines, which is a crucial building piece for both topology-aware SDN applications and core SDN components, may be effectively poisoned by successful assaults.