{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,10]],"date-time":"2026-01-10T03:54:04Z","timestamp":1768017244119,"version":"3.49.0"},"publisher-location":"New York, NY, USA","reference-count":74,"publisher":"ACM","license":[{"start":{"date-parts":[[2025,12,9]],"date-time":"2025-12-09T00:00:00Z","timestamp":1765238400000},"content-version":"vor","delay-in-days":372,"URL":"http:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"U.S. Army Combat Capabilities Development Command Army Research Laboratory","award":["W911NF-13-2-0045"],"award-info":[{"award-number":["W911NF-13-2-0045"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,12,2]]},"DOI":"10.1145\/3658644.3690345","type":"proceedings-article","created":{"date-parts":[[2024,12,9]],"date-time":"2024-12-09T12:19:20Z","timestamp":1733746760000},"page":"3704-3718","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":8,"title":["Manipulating OpenFlow Link Discovery Packet Forwarding for Topology Poisoning"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-9595-770X","authenticated-orcid":false,"given":"Mingming","family":"Chen","sequence":"first","affiliation":[{"name":"The Pennsylvania State University, University Park, PA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-1295-4461","authenticated-orcid":false,"given":"Thomas","family":"La Porta","sequence":"additional","affiliation":[{"name":"The Pennsylvania State University, University Park, PA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4915-1286","authenticated-orcid":false,"given":"Teryl","family":"Taylor","sequence":"additional","affiliation":[{"name":"IBM Research, Yorktown Heights, NY, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5143-8318","authenticated-orcid":false,"given":"Frederico","family":"Araujo","sequence":"additional","affiliation":[{"name":"IBM Research, Yorktown Heights, NY, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4964-1170","authenticated-orcid":false,"given":"Trent","family":"Jaeger","sequence":"additional","affiliation":[{"name":"University of California, Riverside, Riverside, CA, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2024,12,9]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"https:\/\/ryu-sdn.org\/","author":"Build","year":"2011","unstructured":"Build sdn agilely. https:\/\/ryu-sdn.org\/, 2011. Accessed on 2023-06--19."},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2018.2839348"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1109\/IWCMC55113.2022.9825045"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2015.2474118"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2022.3229899"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/1866898.1866905"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1109\/LCN.2015.7366363"},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-98989-1_23"},{"key":"e_1_3_2_1_9_1","unstructured":"Liviu ARSENE. Apic vulnerability in cisco's sdn controller allows unauthenticated remote root access. https:\/\/www.bitdefender.com\/blog\/hotforsecurity\/apicvulnerability-in-ciscos-sdn-controller-allows-unauthenticated-remote-rootaccess\/ 2015."},{"key":"e_1_3_2_1_10_1","volume-title":"Onos network discovery. https:\/\/wiki.onosproject. org\/display\/ONOS\/NetworkDiscovery","author":"Ayaka Koshibe ShaoyongWu","year":"2016","unstructured":"ShaoyongWu Ayaka Koshibe. Onos network discovery. https:\/\/wiki.onosproject. org\/display\/ONOS\/NetworkDiscovery, 2016. Accessed on 2023-05--25."},{"key":"e_1_3_2_1_11_1","volume-title":"Nguyen Thi Mai Trang, and Guy Pujolle. softdp: Secure and efficient topology discovery protocol for sdn. arXiv preprint arXiv:1705.04527","author":"Azzouni Abdelhadi","year":"2017","unstructured":"Abdelhadi Azzouni, Raouf Boutaba, Nguyen Thi Mai Trang, and Guy Pujolle. softdp: Secure and efficient topology discovery protocol for sdn. arXiv preprint arXiv:1705.04527, 2017."},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.12720\/jcm.15.8.596-606"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.disc.2012.04.014"},{"key":"e_1_3_2_1_14_1","volume-title":"Stable-baselines3 docs - reliable reinforcement learning implementations. https:\/\/stable-baselines3.readthedocs.io\/en\/master\/","author":"Stable","year":"2022","unstructured":"Stable Baselines3. Stable-baselines3 docs - reliable reinforcement learning implementations. https:\/\/stable-baselines3.readthedocs.io\/en\/master\/, 2022."},{"key":"e_1_3_2_1_15_1","volume-title":"Provenance for software-defined networking (sdn). https:\/\/github.com\/bujcich\/PicoSDN\/tree\/main","author":"Ujcich Samuel Jero","year":"2021","unstructured":"Samuel Jero Benjamin E. Ujcich. Provenance for software-defined networking (sdn). https:\/\/github.com\/bujcich\/PicoSDN\/tree\/main, 2021."},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2020.23040"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1109\/MILCOM.2016.7795481"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1109\/TNSM.2018.2889842"},{"key":"e_1_3_2_1_19_1","volume-title":"Manipulating OpenFlow link discovery packet forwarding for topology poisoning. https:\/\/zenodo.org\/doi\/10.5281\/zenodo.12786197","author":"Chen Mingming","year":"2024","unstructured":"Mingming Chen. Manipulating OpenFlow link discovery packet forwarding for topology poisoning. https:\/\/zenodo.org\/doi\/10.5281\/zenodo.12786197, 2024."},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.48550\/arXiv.2408.16940"},{"key":"e_1_3_2_1_21_1","unstructured":"Cisco. Open source used in cisco application policy infrastructure controller (apic) 1.2(1). https:\/\/www.cisco.com\/c\/dam\/en\/us\/td\/docs\/switches\/datacenter\/ aci\/apic\/sw\/1-x\/3rd-party\/Cisco_ACI_Open_Source_1_1_3_v1_0.pdf."},{"key":"e_1_3_2_1_22_1","volume-title":"Link layer discovery protocol and mib v2.0. https:\/\/www.ieee802.org\/1\/files\/public\/docs2002\/lldp-protocol-02.pdf","author":"Congdon Paul","year":"2002","unstructured":"Paul Congdon. Link layer discovery protocol and mib v2.0. https:\/\/www.ieee802.org\/1\/files\/public\/docs2002\/lldp-protocol-02.pdf, 2002. Accessed on 2023-06--21."},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2015.23064"},{"key":"e_1_3_2_1_24_1","unstructured":"Linux Foundation. Open vswitch manual. https:\/\/www.openvswitch.org\/support\/dist-docs\/ovs-ofctl.8.html."},{"key":"e_1_3_2_1_25_1","unstructured":"Linux Foundation. Opendaylight. https:\/\/www.opendaylight.org\/."},{"key":"e_1_3_2_1_26_1","first-page":"1","volume-title":"Threat analysis for the sdn architecture","author":"Foundation Open Networking","year":"2016","unstructured":"Open Networking Foundation. Threat analysis for the sdn architecture. pages 1--21, 2016."},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.26599\/TST.2021.9010077"},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/3560810.3564265"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2015.23283"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2018.2814738"},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.jpdc.2020.09.006"},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2020.107119"},{"key":"e_1_3_2_1_33_1","unstructured":"Juniper. Junos space datasheet. https:\/\/www.juniper.net\/us\/en\/products\/sdnand-orchestration\/junos-space-datasheet.html."},{"key":"e_1_3_2_1_34_1","first-page":"99","volume-title":"10th USENIX Symposium on Networked Systems Design and Implementation (NSDI 13)","author":"Kazemian Peyman","year":"2013","unstructured":"Peyman Kazemian, Michael Chang, Hongyi Zeng, George Varghese, Nick McKeown, and Scott Whyte. Real time network policy checking using header space analysis. In 10th USENIX Symposium on Networked Systems Design and Implementation (NSDI 13), pages 99--111, 2013."},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2016.2597193"},{"key":"e_1_3_2_1_36_1","first-page":"15","volume-title":"10th USENIX Symposium on Networked Systems Design and Implementation (NSDI 13)","author":"Khurshid Ahmed","year":"2013","unstructured":"Ahmed Khurshid, Xuan Zou, Wenxuan Zhou, Matthew Caesar, and P. Brighten Godfrey. VeriFlow: Verifying Network-Wide invariants in real time. In 10th USENIX Symposium on Networked Systems Design and Implementation (NSDI 13), pages 15--27, Lombard, IL, April 2013. USENIX Association."},{"key":"e_1_3_2_1_37_1","first-page":"4463","volume-title":"32nd USENIX Security Symposium (USENIX Security 23)","author":"Kim Jiwon","year":"2023","unstructured":"Jiwon Kim, Benjamin E Ujcich, and Dave Jing Tian. Intender: Fuzzing {Intent-Based} networking with {Intent-State} transition guidance. In 32nd USENIX Security Symposium (USENIX Security 23), pages 4463--4480, 2023."},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.1109\/JPROC.2014.2371999"},{"key":"e_1_3_2_1_39_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICNP.2018.00031"},{"key":"e_1_3_2_1_40_1","first-page":"1985","article-title":"Universal networks for hardware-efficient supercomputing","author":"Leiserson Charles E.","unstructured":"Charles E. Leiserson. Fat-trees: Universal networks for hardware-efficient supercomputing. IEEE Transactions on Computers, C-34(10), 1985.","journal-title":"IEEE Transactions on Computers"},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICC.2014.6883400"},{"key":"e_1_3_2_1_42_1","first-page":"052067","volume-title":"Journal of Physics: Conference Series","volume":"1187","author":"Li Tong","unstructured":"Tong Li, Jinqiang Chen, and Hongyong Fu. Application scenarios based on sdn: an overview. In Journal of Physics: Conference Series, volume 1187, page 052067. IOP Publishing, 2019."},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1007\/s40860-022-00171-8"},{"key":"e_1_3_2_1_44_1","doi-asserted-by":"publisher","DOI":"10.1145\/2620728.2620750"},{"key":"e_1_3_2_1_45_1","volume-title":"The pox network software platform. https:\/\/github.com\/ noxrepo\/pox","author":"Murphy Colin Scott","year":"2013","unstructured":"Colin Scott Murphy. The pox network software platform. https:\/\/github.com\/ noxrepo\/pox, 2013. Accessed on 2023-06--19."},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2018.12.014"},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1002\/dac.3781"},{"key":"e_1_3_2_1_48_1","volume-title":"Samsung expands its lineup of sdn solutions. https:\/\/news. samsung.com\/global\/samsung-expands-its-lineup-of-sdn-solutions","author":"Newsroom Samsung","year":"2021","unstructured":"Samsung Newsroom. Samsung expands its lineup of sdn solutions. https:\/\/news. samsung.com\/global\/samsung-expands-its-lineup-of-sdn-solutions, 2021."},{"key":"e_1_3_2_1_49_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICOIN.2017.7899515"},{"key":"e_1_3_2_1_50_1","unstructured":"University of Adelaide. Topology zoo. http:\/\/www.topology-zoo.org\/dataset. html."},{"key":"e_1_3_2_1_51_1","doi-asserted-by":"publisher","DOI":"10.1007\/s13174-010-0003-x"},{"key":"e_1_3_2_1_52_1","first-page":"188","volume-title":"Conference on robot learning","author":"Pertsch Karl","year":"2021","unstructured":"Karl Pertsch, Youngwoon Lee, and Joseph Lim. Accelerating reinforcement learning with learned skill priors. In Conference on robot learning, pages 188--204. PMLR, 2021."},{"key":"e_1_3_2_1_53_1","doi-asserted-by":"publisher","DOI":"10.1145\/2342441.2342466"},{"key":"e_1_3_2_1_54_1","first-page":"401","volume-title":"An intensive security architecture with multi-controller for sdn. In 2016 ieee conference on computer communications workshops (infocom wkshps)","author":"Qi Chao","year":"2016","unstructured":"Chao Qi, JiangxingWu, Hongchao Hu, Guozhen Cheng,Wenyan Liu, Jianjian Ai, and Chao Yang. An intensive security architecture with multi-controller for sdn. In 2016 ieee conference on computer communications workshops (infocom wkshps), pages 401--402. IEEE, 2016."},{"key":"e_1_3_2_1_55_1","volume-title":"Floodlight sdn openflow controller. https:\/\/github.com\/floodlight\/floodlight","author":"Qing Wang Ryan Izard","year":"2016","unstructured":"Ryan Izard Qing Wang, Geddings Barrineau. Floodlight sdn openflow controller. https:\/\/github.com\/floodlight\/floodlight, 2016. Accessed on 2023-06--19."},{"key":"e_1_3_2_1_56_1","doi-asserted-by":"publisher","DOI":"10.1145\/3229616.3229620"},{"key":"e_1_3_2_1_57_1","volume-title":"Artificial intelligence: a modern approach. Malaysia","author":"Russell Stuart J","year":"2016","unstructured":"Stuart J Russell and Peter Norvig. Artificial intelligence: a modern approach. Malaysia; Pearson Education Limited? 2016."},{"key":"e_1_3_2_1_58_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-22277-2_14"},{"key":"e_1_3_2_1_59_1","doi-asserted-by":"publisher","DOI":"10.1109\/NCA.2018.8548074"},{"key":"e_1_3_2_1_60_1","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2018.00047"},{"key":"e_1_3_2_1_61_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICCCN.2017.8038435"},{"key":"e_1_3_2_1_62_1","volume-title":"Proceedings of the 2010 internet network management conference on Research on enterprise networking","volume":"3","author":"Tootoonchian Amin","year":"2010","unstructured":"Amin Tootoonchian and Yashar Ganjali. Hyperflow: A distributed control plane for openflow. In Proceedings of the 2010 internet network management conference on Research on enterprise networking, volume 3, 2010."},{"key":"e_1_3_2_1_63_1","unstructured":"ONF TS-009. Openflowswitch specification version 1.3.2. https:\/\/opennetworking. org\/wp-content\/uploads\/2014\/10\/openflow-spec-v1.3.2.pdf."},{"key":"e_1_3_2_1_64_1","doi-asserted-by":"publisher","DOI":"10.1002\/spy2.21"},{"key":"e_1_3_2_1_65_1","doi-asserted-by":"publisher","DOI":"10.1109\/ICC.2017.7997249"},{"key":"e_1_3_2_1_66_1","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243759"},{"key":"e_1_3_2_1_67_1","first-page":"3183","volume-title":"30th USENIX Security Symposium (USENIX Security 21)","author":"Ujcich Benjamin E","year":"2021","unstructured":"Benjamin E Ujcich, Samuel Jero, Richard Skowyra, Adam Bates, William H Sanders, and Hamed Okhravi. Causal analysis for {Software-Defined} networking attacks. In 30th USENIX Security Symposium (USENIX Security 21), pages 3183--3200, 2021."},{"key":"e_1_3_2_1_68_1","doi-asserted-by":"publisher","DOI":"10.3390\/app11156999"},{"key":"e_1_3_2_1_69_1","unstructured":"Alan Weissberger. Comcast: Onf trellis software is in production together with l2\/l3 white box switches. https:\/\/techblog.comsoc.org\/2019\/09\/14\/comcast-putsonf-trellis-software-into-production\/."},{"key":"e_1_3_2_1_70_1","unstructured":"Tracy Yang. Picos 4.4.4 configuration guide (special release): Ecmp select group. https:\/\/pica8-fs.atlassian.net\/wiki\/spaces\/PicOS4443beta\/pages\/ 115898390\/EcmpSelectGroup."},{"key":"e_1_3_2_1_71_1","unstructured":"Tracy Yang. Picos 4.4.4 configuration guide (special release): ovs-ofctl add-flow . https:\/\/pica8-fs.atlassian.net\/wiki\/spaces\/PicOS4443beta\/pages\/115900326\/ovs-ofctladd-flowbridgeflow."},{"key":"e_1_3_2_1_72_1","first-page":"17","volume-title":"BlackHat-USA-2016","author":"Yoon Ch","year":"2016","unstructured":"Ch Yoon and S Lee. Attacking sdn infrastructure: Are we ready for the next-gen networking? BlackHat-USA-2016, pages 17--18, 2016."},{"key":"e_1_3_2_1_73_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.jnca.2017.11.015"},{"key":"e_1_3_2_1_74_1","volume-title":"Sdn-rdcd: A real-time and reliable method for detecting compromised sdn devices","author":"Zhou Haifeng","year":"2048","unstructured":"Haifeng Zhou, Chunming Wu, Chengyu Yang, Pengfei Wang, Qi Yang, Zhouhao Lu, and Qiumei Cheng. Sdn-rdcd: A real-time and reliable method for detecting compromised sdn devices. IEEE\/ACM transactions on networking, 26(5):2048--2061, 2018."}],"event":{"name":"CCS '24: ACM SIGSAC Conference on Computer and Communications Security","location":"Salt Lake City UT USA","acronym":"CCS '24","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3658644.3690345","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3658644.3690345","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3658644.3690345","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,22]],"date-time":"2025-08-22T06:09:57Z","timestamp":1755842997000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3658644.3690345"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,12,2]]},"references-count":74,"alternative-id":["10.1145\/3658644.3690345","10.1145\/3658644"],"URL":"https:\/\/doi.org\/10.1145\/3658644.3690345","relation":{},"subject":[],"published":{"date-parts":[[2024,12,2]]},"assertion":[{"value":"2024-12-09","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}