Deutsch
 
Hilfe Datenschutzhinweis Impressum
  DetailsucheBrowse

Datensatz

DATENSATZ AKTIONENEXPORT

Freigegeben

Forschungspapier

Consistent SDNs through Network State Fuzzing

MPG-Autoren
/persons/resource/persons225820

Saidi,  Said Jawad
Internet Architecture, MPI for Informatics, Max Planck Society;

/persons/resource/persons211491

Feldmann,  Anja       
Internet Architecture, MPI for Informatics, Max Planck Society;

Externe Ressourcen
Es sind keine externen Ressourcen hinterlegt
Volltexte (beschränkter Zugriff)
Für Ihren IP-Bereich sind aktuell keine Volltexte freigegeben.
Volltexte (frei zugänglich)

arXiv:1904.08977.pdf
(Preprint), 846KB

Ergänzendes Material (frei zugänglich)
Es sind keine frei zugänglichen Ergänzenden Materialien verfügbar
Zitation

Shukla, A., Saidi, S. J., Schmid, S., Canini, M., Zinner, T., & Feldmann, A. (2019). Consistent SDNs through Network State Fuzzing. Retrieved from http://arxiv.org/abs/1904.08977.


Zitierlink: https://hdl.handle.net/21.11116/0000-0003-F027-2
Zusammenfassung
The conventional wisdom is that a software-defined network (SDN) operates
under the premise that the logically centralized control plane has an accurate
representation of the actual data plane state. Nevertheless, bugs,
misconfigurations, faults or attacks can introduce inconsistencies that
undermine correct operation. Previous work in this area, however, lacks a
holistic methodology to tackle this problem and thus, addresses only certain
parts of the problem. Yet, the consistency of the overall system is only as
good as its least consistent part.
Motivated by an analogy of network consistency checking with program testing,
we propose to add active probe-based network state fuzzing to our consistency
check repertoire. Hereby, our system, PAZZ, combines production traffic with
active probes to continuously test if the actual forwarding path and decision
elements (on the data plane) correspond to the expected ones (on the control
plane). Our insight is that active traffic covers the inconsistency cases
beyond the ones identified by passive traffic. PAZZ prototype was built and
evaluated on topologies of varying scale and complexity. Our results show that
PAZZ requires minimal network resources to detect persistent data plane faults
through fuzzing and localize them quickly.