Posts

Showing posts from December, 2018

SDN Penetration Testing (PART 3) : Flow-Rule Flooding Attack Using DELTA

Image
Introduction: The key concept of SDN lies in the decoupling of the data plane and the control plane. In SDN, the switches are free from rigid routing computation and can be focused on packet forwarding. The centralized controller now is in charge of the routing rule computation and assignment. Since the switches become highly primitive, the assigned routing rules from the controller are expected to be precise. Currently, OpenFlow is the most widely used control link protocol owing to its fine-grained routing rules (i.e. flow entries) and abundant flow statistics. To support OpenFlow protocol better, the switches have to use ternary content addressable memory (TCAM) to store flow entries. TCAMs are associate caching memories where data can be accessed by performing a query for the content itself and the memory retrieves the address. They are different from the CAM memories in performance capabilities since the TCAM can search the entire content in a single clock-cycle. However...

SDN Penetration Testing (PART2) : Setting up the attack scenario

Image
Introduction : In this article we used DELTA framework for SDN penetration testing. See Part1 on how to set it up. One of the major benefits of SDN environnements is control logic centralization and network programmability which create new threats that did not exist before and give more chances to other attacks that were hard to execute before, for instance DoS attacks that were stopped from affecting the entire network in a distributed control plane implementation. In this document, we will introduce a detailed explanation of DoS attack that targets data plane switches or/and SDN controllers via OpenFlow message PACKET_IN . Setting up the scenario This document’s material is done in consideration of OpenFlow 1.3 specifications so we’re going to differentiate between some notions to specifically describe the circumstances for the execution of our attack scenario. OpenFlow Communications: OpenFlow is an open and standardized protocol for southbound co...

SDN Penetration Testing (PART1) : A Step-by-Step Guide for Setting Up DELTA Framework

Image
Introduction: This is a detailed step-by-step guide for setting up DELTA Framework for SDN security evaluation purposes. Developped by : Seungsoo Lee (KAIST) Jinwoo Kim (KAIST) Seungwon Woo (KAIST) Changhoon Yoon (KAIST) Sandra Scott-Hayward (Queen's University Belfast) Seungwon Shin (KAIST) Github repository: https://github.com/OpenNetworkingFoundation/DELTA PS: The authors have already provided a guide for installing this framework but in this article I will take you through all the steps and problems I faced during this process. Environnement: DELTA is a SDN-Aware penetration testing framework that regenerates known attack scenarios for diverse test cases. This framework also provides the capability of discovering unknown security problems in SDN by employing a fuzzing technique. Agent-Manger is the control tower. It takes full control over all the agents deployed to the target SDN network. Application-Agent is a legitimate SDN appl...