Upgrade to Pro — share decks privately, control downloads, hide ads and more …

SDN Final Report

adr
June 21, 2019

SDN Final Report

adr

June 21, 2019
Tweet

More Decks by adr

Other Decks in Technology

Transcript

  1. SDN-Based
    Intrusion Prevention System
    Software-Defined Networking and Function Virtualization

    View full-size slide

  2. >_SDN? Host A
    ...
    Switch A
    Service
    Flow Table Host B
    Host C
    Host N
    Switch B
    Service
    Flow Table

    View full-size slide

  3. >_SDN Host A
    ...
    Switch A
    Service
    Flow Table Host B
    Host C
    Host N
    Switch B
    Service
    Flow Table
    Controller
    Service
    Ctrl Srv

    View full-size slide

  4. >_SDN? Host A
    ...
    Switch A
    Service
    Flow Table Host B
    Host C
    Host N
    Switch B
    Service
    Flow Table
    External
    Network
    Controller
    Service
    Ctrl Srv

    View full-size slide

  5. >_Issue Host A
    ...
    Switch A
    Service
    Flow Table Host B
    Host C
    Host N
    Switch B
    Service
    Flow Table
    Controller
    Service
    Ctrl Srv
    Hacking Behavior
    Packets
    Packets
    DDoS, Telnet/SSH Brutforce, Ransomware, etc.

    View full-size slide

  6. >_Issue Host A
    ...
    Switch A
    Service
    Flow Table Host B
    Host C
    Host N
    Switch B
    Service
    Flow Table
    Controller
    Service
    Ctrl Srv
    Hacking Behavior
    Packets
    Packets
    DDoS, Telnet/SSH Brutforce, Ransomware, etc.

    View full-size slide

  7. >_Issue Host A
    ...
    Switch A
    Service
    Flow Table Host B
    Host C
    Host N
    Switch B
    Service
    Flow Table
    Controller
    Service
    Ctrl Srv
    Hacking Behavior
    Packets
    Packets
    DDoS, Telnet/SSH Brutforce, Ransomware, etc.

    View full-size slide

  8. >_Issue Host A
    ...
    Switch A
    Service
    Flow Table Manager
    Host C
    Emploee
    Switch B
    Service
    Flow Table
    Controller
    Service
    Ctrl Srv
    Hacking Behavior
    Packets
    Packets
    DDoS, Telnet/SSH Brutforce, Ransomware, etc.
    $>/bin/sh
    Bingo! Get Shell.

    View full-size slide

  9. >_IDS
    Host A
    Switch
    Service
    Flow Table Host B
    Host C
    IDS Srv
    Packets
    Packets
    Packets
    Intrusion Detection System

    View full-size slide

  10. >_
    Host A
    Switch
    Service
    Flow Table Host B
    Host C
    IDS Srv
    Packets
    Packets
    Packets
    IDS Intrusion Detection System
    Tcpdump

    View full-size slide

  11. >_IDS
    Host A
    Switch
    Service
    Flow Table
    Host B
    Host C
    IDS Srv
    Intrusion Detection System
    Hacked
    Bruteforce credentials
    (Telnet/SSH/RDP/AD)
    SMTP (Email)
    Godmode

    View full-size slide

  12. >_IDS
    Host A
    Switch
    Service
    Flow Table
    Host B
    Host C
    IDS Srv
    Intrusion Detection System
    Hacked
    Bruteforce credentials
    (Telnet/SSH/RDP/AD)
    SMTP (Email)
    Godmode
    Marked As Pwned Devices

    View full-size slide

  13. >_SDN
    Host A
    Switch A
    Service
    Flow Table Host B
    Hacked
    Controller
    Service
    Ctrl Srv
    IDS Srv
    Scouting
    Updating Flow

    View full-size slide

  14. >_SDN
    Host A
    Switch A
    Service
    Flow Table Host B
    Hacked
    Controller
    Service
    Ctrl Srv
    IDS Srv
    Isolating Hacked Host

    View full-size slide

  15. >_SDN
    Host A
    Switch A
    Service
    Flow Table Host B
    Hacked
    Controller
    Service
    Ctrl Srv
    IDS Srv
    Isolating Hacked Host

    View full-size slide

  16. >_SDN? Host A
    ...
    Switch A
    Service
    Flow Table Host B
    Host C
    Host N
    Switch B
    Service
    Flow Table
    Controller
    Service
    Ctrl Srv
    IDS Srv
    IDS Srv

    View full-size slide

  17. SDN-Based
    Intrusion Prevention System
    Thanks.

    View full-size slide