Zero-Day Vulnerability In Software-Defined Networks: A Quantitative Study

摘要

The increased adoption of Software defined-network (SDN) technology in the telecommunications infrastructure presents a potential for cyber-attack due to the existence of zero-day vulnerability. Due to their unknown characteristics, the zero-day vulnerability is practically challenging to detect or eradicate using traditional antivirus, firewall, or other intrusion detection system. This weakness has become a recurring challenge to the computer scientist, system administrators, functional leaders, organizations, and nation states. The centralized design model for SDN makes the controller the most viable component that facilitates the abstraction of network traffic from user data applications. This quantitative study investigated the 15 zero-day vulnerabilities found during a race condition attack on three SDN controllers. The secondary data were analyzed with the IBM SPSS software to determine the correlation that exists between the three SDN controller and the characteristics of the zero-day vulnerability. The findings of the study provided meaningful answers to the three research questions and hypothesis. The game theory framework provided insight into the empirical evidence obtained between the variables. The results obtained from the study facilitate understanding value-at-risk assessment among telecoms service provider, executive managers, and information security practitioners. The research shows there is a strong correlation between SDN controller and the zero-day vulnerability. The study also indicates that remote access and admin privileges were the primary sources of exploiting the zero-day vulnerability. Further findings mean the disruption of one controller has a damaging effect on SDN network services thereby impacting the quality of services.