Monitoring plays a fundamental role in cur … Monitoring plays a fundamental role in current network deployments, supporting
diverse activities such as traffic engineering, anomaly detection, and performance diagnosis.
The Software Defined Networks - a new paradigm in networking - has become
an enabler for precise monitoring. In SDN the control plane is separated from the forwarding
plane, leading to the logical centralization of the network control in a controller
that runs in a (cluster of) server(s). For this purpose, a layer of communication is added
between the controller and devices, something traditionally done through the OpenFlow
protocol. This communication protocol allows the controller to have remote access to the
forwarding tables of network switches. With the advent of SDN an array of advanced
monitoring primitives has emerged, exploring the centralized vantage point offered by
the controller. Such primitives should be resilient from the ground-up, ensuring a correct
view under attack. In this work we intend to demonstrate that security should be a first
class citizen when building SDN network monitoring frameworks. To justify this need,
we perform a threat assessment on common monitoring techniques and demonstrate experimentally
that they are vulnerable to attacks, including relatively unsophisticated ones.
This indicates that further work is needed in this area and, with that aim, we include an
initial discussion on possible solutions for secure monitoring. We discuss the impact of
these attacks on physical systems, more precisely we use a Smart Grid as a study case.
Smart Grids differ from the traditional electric system by having an intelligent monitoring
capability and network control. As a Smart Grid is a critical system, we discuss several
solutions to make the monitoring system secure. ions to make the monitoring system secure.