SDN Security Evaluation Framework: DELTA

2016-12-19T05:38:42
ID N0WHERE:144058
Type n0where
Reporter N0where
Modified 2016-12-19T05:38:42

Description

DELTA is a penetration testing framework that regenerates known attack scenarios for diverse test cases. This framework also provides the capability of discovering unknown security problems in SDN by employing a fuzzing technique.

  • Agent-Manager is the control tower. It takes full control over all the agents deployed to the target SDN network.
  • Application-Agent is a legitimate SDN application that conducts attack procedures and is controller-dependent. The known malicious functions are implemented as application-agent functions.
  • Channel-Agent is deployed between the controller and the OpenFlow-enabled switch. The agent sniffs and modifies the unencrypted control messages. It is controller-independent.
  • Host-Agent behaves as if it was a legitimate host participating in the target SDN network. The agent demonstrates an attack in which a host attempts to compromise the control plane.

Prerequisites

DELTA installation depends on maven and ant build system. In order to build and run DELTA the following are required:

  • An agent manager based on Ubuntu 14.04 LTS 64 bit
    • Ant build system
    • Maven build system
    • Vagrant system
    • JDK 1.7 and 1.8
  • Target Controller (for application agent)
  • Cbench (for channel agent)
  • Mininet 2.1+ (for host agent)
  • (in the case of All-In-One Single Machine) Three virtual machines based on Ubuntu 14.04 LTS 64 bit.
    • VM-1: Target controller + Application agent
    • VM-2: Channel agent
    • VM-3: Host agent

Installing DELTA

DELTA installation depends on maven and ant build system. The mvn command is used to install the agent-manager and the agents. DELTA can support an All-In-One Single Machine environment via virtual machines as well as a real hardware SDN environment.

  • STEP 1. Get the source code of DELTA on the agent manager machine

    $ git clone https://github.com/OpenNetworkingFoundation/DELTA.git

  • STEP 2. Install DELTA dependencies

    $ cd <DELTA>/tools/dev/delta-setup/ $ ./delta-setup-devenv-ubuntu

  • STEP 3. Install DELTA using maven build

    $ cd <DELTA> $ source ./tools/dev/delta-setup/bash_profile $ mvn clean install

  • STEP 4-a. (All-In-One Single Machine) Install three virtual machines using vagrant system

    $ cd <DELTA>/tools/dev/delta-setup/ $ ./delta-setup-vms-ubuntu $ cd vagrant/ $ vagrant up

  • STEP 4-b. (All-In-One Single Machine) Add NAT to VM3 (mininet)

  • In the case of all-in-one single machine, the test environment is automatically setup as below:

SDN Security Evaluation Framework: DELTA Download