Software-defined Networking (SDN) is a new networking paradigm which aims for increasing the flexibility of current network deployments by separating the data from the control plane and by providing programmable interfaces to configure the network. Resulting in a more agile and eased network management and therefore in cost savings, SDN is already deployed in live networks i.e. Google's B4 backbone and NOKIA's cloud infrastructure. Despite these benefits, SDN broadens the attack surface as additional networking devices and protocols are deployed. Due their critical role within the softwarized management of the network, these devices and protocols are high ranked targets for potential attackers and thus require extensive testing and hardening.
In this work, we present FlowFuzz a fuzzing framework for SDN-enabled software and hardware switches. In particular we focus on the OpenFlow protocol which is currently the de facto standard communication protocol between SDN-enabled switches and the central controlling instance. Whereas the framework utilizes the output of conventional tools such as AddressSanitizer for investigating software switches, it also evaluates data obtained from side channels, i.e., processing times and power consumption to identify unique code execution paths within hardware switches to optimize the fuzzing process. Furthermore, we use our framework implementation to perform a first evaluation of the OpenVSwitch and a total of four SDN-enabled hardware switches. We conclude by presenting our findings and outline future extensions of the fuzzing framework.