Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
SDN Final Report
Search
adr
June 21, 2019
Technology
0
440
SDN Final Report
adr
June 21, 2019
Tweet
Share
More Decks by adr
See All by adr
Skrull Like A King: 從重兵看守的天眼防線殺出重圍
aaaddress1
3
1.5k
Rebuild The Heaven's Gate: from 32 bit Hell back to Heaven Wonderland
aaaddress1
0
1.1k
重建天堂之門:從 32bit 地獄一路打回天堂聖地
aaaddress1
0
400
Reversing In Wonderland: Neural Network Based Malware Detection Techniques
aaaddress1
2
710
CYBERSEC: 唉唷,你的簽章根本沒在驗啦。
aaaddress1
1
3.9k
SITCON: Playing Win32 Like a K!NG ;)
aaaddress1
2
1.1k
NTUST [2019]: Windows Reversing
aaaddress1
0
1.1k
Duplicate Paths Attack: Get Elevated Privilege from Forged Identities
aaaddress1
0
1.5k
Computer Security 資安實務: Windows Reversing [Dark Art]
aaaddress1
8
1.7k
Other Decks in Technology
See All in Technology
深層学習と3Dキャプチャ・3Dモデル生成(土木学会応用力学委員会 応用数理・AIセミナー)
pfn
PRO
0
450
AWS re:Invent 2024 recap in 20min / JAWSUG 千葉 2025.1.14
shimy
1
100
Bring Your Own Container: When Containers Turn the Key to EDR Bypass/byoc-avtokyo2024
tkmru
0
840
今年一年で頑張ること / What I will do my best this year
pauli
1
220
embedパッケージを深掘りする / Deep Dive into embed Package in Go
task4233
1
200
Alignment and Autonomy in Cybozu - 300人の開発組織でアラインメントと自律性を両立させるアジャイルな組織運営 / RSGT2025
ama_ch
1
2.3k
AWSサービスアップデート 2024/12 Part3
nrinetcom
PRO
0
140
I could be Wrong!! - Learning from Agile Experts
kawaguti
PRO
8
3.3k
Accessibility Inspectorを活用した アプリのアクセシビリティ向上方法
hinakko
0
170
デジタルアイデンティティ人材育成推進ワーキンググループ 翻訳サブワーキンググループ 活動報告 / 20250114-OIDF-J-EduWG-TranslationSWG
oidfj
0
390
Goで実践するBFP
hiroyaterui
1
120
Docker Desktop で Docker を始めよう
zembutsu
PRO
0
140
Featured
See All Featured
We Have a Design System, Now What?
morganepeng
51
7.3k
Speed Design
sergeychernyshev
25
730
Design and Strategy: How to Deal with People Who Don’t "Get" Design
morganepeng
127
18k
How to train your dragon (web standard)
notwaldorf
89
5.8k
Gamification - CAS2011
davidbonilla
80
5.1k
4 Signs Your Business is Dying
shpigford
182
22k
The Art of Delivering Value - GDevCon NA Keynote
reverentgeek
8
1.2k
Building Adaptive Systems
keathley
38
2.4k
Building Applications with DynamoDB
mza
93
6.2k
Large-scale JavaScript Application Architecture
addyosmani
510
110k
The Pragmatic Product Professional
lauravandoore
32
6.4k
Building Flexible Design Systems
yeseniaperezcruz
328
38k
Transcript
SDN-Based Intrusion Prevention System Software-Defined Networking and Function Virtualization
>_SDN? Host A ... Switch A Service Flow Table Host
B Host C Host N Switch B Service Flow Table
>_SDN Host A ... Switch A Service Flow Table Host
B Host C Host N Switch B Service Flow Table Controller Service Ctrl Srv
>_SDN? Host A ... Switch A Service Flow Table Host
B Host C Host N Switch B Service Flow Table External Network Controller Service Ctrl Srv
>_Issue Host A ... Switch A Service Flow Table Host
B Host C Host N Switch B Service Flow Table Controller Service Ctrl Srv Hacking Behavior Packets Packets DDoS, Telnet/SSH Brutforce, Ransomware, etc.
>_Issue Host A ... Switch A Service Flow Table Host
B Host C Host N Switch B Service Flow Table Controller Service Ctrl Srv Hacking Behavior Packets Packets DDoS, Telnet/SSH Brutforce, Ransomware, etc.
>_Issue Host A ... Switch A Service Flow Table Host
B Host C Host N Switch B Service Flow Table Controller Service Ctrl Srv Hacking Behavior Packets Packets DDoS, Telnet/SSH Brutforce, Ransomware, etc.
>_Issue Host A ... Switch A Service Flow Table Manager
Host C Emploee Switch B Service Flow Table Controller Service Ctrl Srv Hacking Behavior Packets Packets DDoS, Telnet/SSH Brutforce, Ransomware, etc. $>/bin/sh Bingo! Get Shell.
>_IDS Host A Switch Service Flow Table Host B Host
C IDS Srv Packets Packets Packets Intrusion Detection System
>_ Host A Switch Service Flow Table Host B Host
C IDS Srv Packets Packets Packets IDS Intrusion Detection System Tcpdump
>_IDS Host A Switch Service Flow Table Host B Host
C IDS Srv Intrusion Detection System Hacked Bruteforce credentials (Telnet/SSH/RDP/AD) SMTP (Email) Godmode
>_IDS Host A Switch Service Flow Table Host B Host
C IDS Srv Intrusion Detection System Hacked Bruteforce credentials (Telnet/SSH/RDP/AD) SMTP (Email) Godmode Marked As Pwned Devices
>_SDN Host A Switch A Service Flow Table Host B
Hacked Controller Service Ctrl Srv IDS Srv Scouting Updating Flow
>_SDN Host A Switch A Service Flow Table Host B
Hacked Controller Service Ctrl Srv IDS Srv Isolating Hacked Host
>_SDN Host A Switch A Service Flow Table Host B
Hacked Controller Service Ctrl Srv IDS Srv Isolating Hacked Host
>_SDN? Host A ... Switch A Service Flow Table Host
B Host C Host N Switch B Service Flow Table Controller Service Ctrl Srv IDS Srv IDS Srv
Demo
SDN-Based Intrusion Prevention System Thanks.