Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Speaker Deck
PRO
Sign in
Sign up for free
SDN Final Report
adr
June 21, 2019
Technology
0
370
SDN Final Report
adr
June 21, 2019
Tweet
Share
More Decks by adr
See All by adr
Skrull Like A King: 從重兵看守的天眼防線殺出重圍
aaaddress1
3
940
Rebuild The Heaven's Gate: from 32 bit Hell back to Heaven Wonderland
aaaddress1
0
270
重建天堂之門:從 32bit 地獄一路打回天堂聖地
aaaddress1
0
110
Reversing In Wonderland: Neural Network Based Malware Detection Techniques
aaaddress1
2
570
CYBERSEC: 唉唷,你的簽章根本沒在驗啦。
aaaddress1
1
3.1k
SITCON: Playing Win32 Like a K!NG ;)
aaaddress1
2
840
NTUST [2019]: Windows Reversing
aaaddress1
0
850
Duplicate Paths Attack: Get Elevated Privilege from Forged Identities
aaaddress1
0
1.1k
Computer Security 資安實務: Windows Reversing [Dark Art]
aaaddress1
8
1.4k
Other Decks in Technology
See All in Technology
220510 プロセスマイニングを学ぶ PLAY与田さん
comucal
PRO
0
740
エンジニアと気軽に繋がれるプラットフォーム「ハッカー飯」で行った セキュリティ・モニタリングに関する取り組みについて
nobuakikikuchi
0
350
JAWS-UG 朝会 #33 登壇資料
takakuni
0
380
Nutanix_Meetup_20220511
keigotomomatsu
0
150
インフラエンジニアBooks 30分でわかる「Dockerコンテナ開発・環境構築の基本」
cyberblack28
11
6.9k
20220510_簡単にできるコスト異常検出(Cost Anomaly Detection) /jaws-ug-asa-cost-anomaly-detection-20220510
emiki
2
310
YAMLを書くだけで構築できる分散ストレージ
sat
PRO
0
170
Unity Package Managerで自作パッケージを配布する方法
yunoda
0
150
ISUCON で使えるツールを作った
shotakitazawa
0
350
組織でPower Virtual Agentsを導入するために知っておきたいこと
miyakemito
0
1.6k
プロダクトグロースと技術のベースアップを両立させるRettyのアプリ開発スタイル / Achieve Product Growth and Tech Update
imaizume
1
290
Data-Driven Healthcare - Techplay
kotaroito
0
110
Featured
See All Featured
Web Components: a chance to create the future
zenorocha
303
40k
It's Worth the Effort
3n
172
25k
Done Done
chrislema
174
14k
Fantastic passwords and where to find them - at NoRuKo
philnash
25
1.5k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
37
3.2k
The Power of CSS Pseudo Elements
geoffreycrofte
46
3.9k
Rebuilding a faster, lazier Slack
samanthasiow
62
7.2k
Building Applications with DynamoDB
mza
83
4.6k
How GitHub (no longer) Works
holman
296
140k
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
181
15k
Code Review Best Practice
trishagee
41
6.7k
JazzCon 2018 Closing Keynote - Leadership for the Reluctant Leader
reverentgeek
172
8.3k
Transcript
SDN-Based Intrusion Prevention System Software-Defined Networking and Function Virtualization
>_SDN? Host A ... Switch A Service Flow Table Host
B Host C Host N Switch B Service Flow Table
>_SDN Host A ... Switch A Service Flow Table Host
B Host C Host N Switch B Service Flow Table Controller Service Ctrl Srv
>_SDN? Host A ... Switch A Service Flow Table Host
B Host C Host N Switch B Service Flow Table External Network Controller Service Ctrl Srv
>_Issue Host A ... Switch A Service Flow Table Host
B Host C Host N Switch B Service Flow Table Controller Service Ctrl Srv Hacking Behavior Packets Packets DDoS, Telnet/SSH Brutforce, Ransomware, etc.
>_Issue Host A ... Switch A Service Flow Table Host
B Host C Host N Switch B Service Flow Table Controller Service Ctrl Srv Hacking Behavior Packets Packets DDoS, Telnet/SSH Brutforce, Ransomware, etc.
>_Issue Host A ... Switch A Service Flow Table Host
B Host C Host N Switch B Service Flow Table Controller Service Ctrl Srv Hacking Behavior Packets Packets DDoS, Telnet/SSH Brutforce, Ransomware, etc.
>_Issue Host A ... Switch A Service Flow Table Manager
Host C Emploee Switch B Service Flow Table Controller Service Ctrl Srv Hacking Behavior Packets Packets DDoS, Telnet/SSH Brutforce, Ransomware, etc. $>/bin/sh Bingo! Get Shell.
>_IDS Host A Switch Service Flow Table Host B Host
C IDS Srv Packets Packets Packets Intrusion Detection System
>_ Host A Switch Service Flow Table Host B Host
C IDS Srv Packets Packets Packets IDS Intrusion Detection System Tcpdump
>_IDS Host A Switch Service Flow Table Host B Host
C IDS Srv Intrusion Detection System Hacked Bruteforce credentials (Telnet/SSH/RDP/AD) SMTP (Email) Godmode
>_IDS Host A Switch Service Flow Table Host B Host
C IDS Srv Intrusion Detection System Hacked Bruteforce credentials (Telnet/SSH/RDP/AD) SMTP (Email) Godmode Marked As Pwned Devices
>_SDN Host A Switch A Service Flow Table Host B
Hacked Controller Service Ctrl Srv IDS Srv Scouting Updating Flow
>_SDN Host A Switch A Service Flow Table Host B
Hacked Controller Service Ctrl Srv IDS Srv Isolating Hacked Host
>_SDN Host A Switch A Service Flow Table Host B
Hacked Controller Service Ctrl Srv IDS Srv Isolating Hacked Host
>_SDN? Host A ... Switch A Service Flow Table Host
B Host C Host N Switch B Service Flow Table Controller Service Ctrl Srv IDS Srv IDS Srv
Demo
SDN-Based Intrusion Prevention System Thanks.