TruSDN: Bootstrapping Trust in Cloud Network Infrastructure

Research output: Chapter in Book/Report/Conference proceedingPaper in conference proceedingpeer-review


Software-Defined Networking (SDN) is a novel architectural model for cloud network infrastructure, improving resource utilization, scalability and administration. SDN deployments increasingly rely on virtual switches executing on commodity operating systems with large code bases, which are prime targets for adversaries attacking the network infrastructure. We describe and implement TruSDN , a framework for bootstrapping trust in SDN infrastructure using Intel Software Guard Extensions (SGX), allowing to securely deploy SDN components and protect communication between network endpoints. We introduce ephemeral flow-specific pre-shared keys and propose a novel defense against cuckoo attacks on SGX enclaves. TruSDN is secure under a powerful adversary model, with a minor performance overhead.
Original languageEnglish
Title of host publicationSecurity and Privacy in Communication Networks
Subtitle of host publication12th International Conference, SecureComm 2016, Guangzhou, China, October 10-12, 2016, Proceedings
Number of pages21
ISBN (Electronic)978-3-319-59608-2
ISBN (Print)978-3-319-59607-5
Publication statusPublished - 2016 Oct 10
Externally publishedYes
Event12th International Conference, SecureComm 2016 - Guangzhou, China
Duration: 2016 Oct 102016 Oct 12

Publication series

NameLecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
ISSN (Print)1867-8211
ISSN (Electronic)1867-822X


Conference12th International Conference, SecureComm 2016

Subject classification (UKÄ)

  • Communication Systems


Dive into the research topics of 'TruSDN: Bootstrapping Trust in Cloud Network Infrastructure'. Together they form a unique fingerprint.

Cite this