Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
SDN Final Report
Search
adr
June 21, 2019
Technology
0
450
SDN Final Report
adr
June 21, 2019
Tweet
Share
More Decks by adr
See All by adr
Skrull Like A King: 從重兵看守的天眼防線殺出重圍
aaaddress1
3
1.5k
Rebuild The Heaven's Gate: from 32 bit Hell back to Heaven Wonderland
aaaddress1
0
1.1k
重建天堂之門:從 32bit 地獄一路打回天堂聖地
aaaddress1
0
410
Reversing In Wonderland: Neural Network Based Malware Detection Techniques
aaaddress1
2
710
CYBERSEC: 唉唷,你的簽章根本沒在驗啦。
aaaddress1
1
3.9k
SITCON: Playing Win32 Like a K!NG ;)
aaaddress1
2
1.1k
NTUST [2019]: Windows Reversing
aaaddress1
0
1.1k
Duplicate Paths Attack: Get Elevated Privilege from Forged Identities
aaaddress1
0
1.6k
Computer Security 資安實務: Windows Reversing [Dark Art]
aaaddress1
8
1.7k
Other Decks in Technology
See All in Technology
入門 PEAK Threat Hunting @SECCON
odorusatoshi
0
170
Amazon Aurora のバージョンアップ手法について
smt7174
2
160
Fraxinus00tw assembly manual
fukumay
0
130
ABWG2024採択者が語るエンジニアとしての自分自身の見つけ方〜発信して、つながって、世界を広げていく〜
maimyyym
1
190
ディスプレイ広告(Yahoo!広告・LINE広告)におけるバックエンド開発
lycorptech_jp
PRO
0
440
Share my, our lessons from the road to re:Invent
naospon
0
150
アジャイルな開発チームでテスト戦略の話は誰がする? / Who Talks About Test Strategy?
ak1210
1
650
Amazon Q Developerの無料利用枠を使い倒してHello worldを表示させよう!
nrinetcom
PRO
2
120
日経のデータベース事業とElasticsearch
hinatades
PRO
0
250
LINEギフトにおけるバックエンド開発
lycorptech_jp
PRO
0
350
データベースの負荷を紐解く/untangle-the-database-load
emiki
2
530
実は強い 非ViTな画像認識モデル
tattaka
3
1.3k
Featured
See All Featured
Let's Do A Bunch of Simple Stuff to Make Websites Faster
chriscoyier
507
140k
Being A Developer After 40
akosma
89
590k
Designing on Purpose - Digital PM Summit 2013
jponch
117
7.1k
Practical Orchestrator
shlominoach
186
10k
Bash Introduction
62gerente
611
210k
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
rmw
33
2.8k
Evolution of real-time – Irina Nazarova, EuRuKo, 2024
irinanazarova
6
570
Producing Creativity
orderedlist
PRO
344
40k
Agile that works and the tools we love
rasmusluckow
328
21k
The World Runs on Bad Software
bkeepers
PRO
67
11k
Reflections from 52 weeks, 52 projects
jeffersonlam
348
20k
Code Review Best Practice
trishagee
67
18k
Transcript
SDN-Based Intrusion Prevention System Software-Defined Networking and Function Virtualization
>_SDN? Host A ... Switch A Service Flow Table Host
B Host C Host N Switch B Service Flow Table
>_SDN Host A ... Switch A Service Flow Table Host
B Host C Host N Switch B Service Flow Table Controller Service Ctrl Srv
>_SDN? Host A ... Switch A Service Flow Table Host
B Host C Host N Switch B Service Flow Table External Network Controller Service Ctrl Srv
>_Issue Host A ... Switch A Service Flow Table Host
B Host C Host N Switch B Service Flow Table Controller Service Ctrl Srv Hacking Behavior Packets Packets DDoS, Telnet/SSH Brutforce, Ransomware, etc.
>_Issue Host A ... Switch A Service Flow Table Host
B Host C Host N Switch B Service Flow Table Controller Service Ctrl Srv Hacking Behavior Packets Packets DDoS, Telnet/SSH Brutforce, Ransomware, etc.
>_Issue Host A ... Switch A Service Flow Table Host
B Host C Host N Switch B Service Flow Table Controller Service Ctrl Srv Hacking Behavior Packets Packets DDoS, Telnet/SSH Brutforce, Ransomware, etc.
>_Issue Host A ... Switch A Service Flow Table Manager
Host C Emploee Switch B Service Flow Table Controller Service Ctrl Srv Hacking Behavior Packets Packets DDoS, Telnet/SSH Brutforce, Ransomware, etc. $>/bin/sh Bingo! Get Shell.
>_IDS Host A Switch Service Flow Table Host B Host
C IDS Srv Packets Packets Packets Intrusion Detection System
>_ Host A Switch Service Flow Table Host B Host
C IDS Srv Packets Packets Packets IDS Intrusion Detection System Tcpdump
>_IDS Host A Switch Service Flow Table Host B Host
C IDS Srv Intrusion Detection System Hacked Bruteforce credentials (Telnet/SSH/RDP/AD) SMTP (Email) Godmode
>_IDS Host A Switch Service Flow Table Host B Host
C IDS Srv Intrusion Detection System Hacked Bruteforce credentials (Telnet/SSH/RDP/AD) SMTP (Email) Godmode Marked As Pwned Devices
>_SDN Host A Switch A Service Flow Table Host B
Hacked Controller Service Ctrl Srv IDS Srv Scouting Updating Flow
>_SDN Host A Switch A Service Flow Table Host B
Hacked Controller Service Ctrl Srv IDS Srv Isolating Hacked Host
>_SDN Host A Switch A Service Flow Table Host B
Hacked Controller Service Ctrl Srv IDS Srv Isolating Hacked Host
>_SDN? Host A ... Switch A Service Flow Table Host
B Host C Host N Switch B Service Flow Table Controller Service Ctrl Srv IDS Srv IDS Srv
Demo
SDN-Based Intrusion Prevention System Thanks.