ISSN: 2182-2069 (printed) / ISSN: 2182-2077 (online)
Detecting Malicious Middleboxes In Service Function Chaining
Service Function Chaining (SFC) has become a new and robust technology in computer networking, and takes advantage of both Software-Defined Networking (SDN) and Network Function Virtualization (NFV). However, SFC simultaneously inherited the vulnerabilities from SDN and NFV, especially the problem of malicious middleboxes. In this paper, we present a scheme that can detect malicious middleboxes in SFC by combining two mechanisms: direct and indirect. The direct mechanism injects a tool into the middleboxes to observe and report the state of each middlebox. In contrast, the indirect mechanism creates a probe service chain, which includes trustful middleboxes, to investigate the operation of other middleboxes in the network. Our experimental results show that the proposed system exhibits low resource consumption while achieving a high detection rate and accuracy. In addition, we demonstrate that the system is able to successfully detect malicious middleboxes in SFC.