Evaluating the security of software defined network controllers

Abstract

Software defined networking is a new and upcoming computer network architecture that promises to significantly improve user and application controls on their networks. Because it is so new, the security of software defined networks is still in question. The objective of this report is to evaluate security measures in software defined networks. In particular we will focus on security assessment of the controller, as the central software in SDN. In order to evaluate significantly security in SDN controllers, we performed the following steps: First we used several vulnerability assessment and penetration testing tools to be able to find possible weaknesses in SDN controller. Then based on the results from the first step, we conducted a significant analysis of the discovered vulnerabilities. We also investigated using exploit methods and tools to see how discovered vulnerabilities can be exposed and extended to conduct actual attacks. Lastly, we analyzed exploitation results in order to find possible ways to make the software defined network more secure. As the most popular open source controller, we used OpenDayLight controller in our experiments.

This document is currently not available here.

Share

COinS
 

Evaluating the security of software defined network controllers

Software defined networking is a new and upcoming computer network architecture that promises to significantly improve user and application controls on their networks. Because it is so new, the security of software defined networks is still in question. The objective of this report is to evaluate security measures in software defined networks. In particular we will focus on security assessment of the controller, as the central software in SDN. In order to evaluate significantly security in SDN controllers, we performed the following steps: First we used several vulnerability assessment and penetration testing tools to be able to find possible weaknesses in SDN controller. Then based on the results from the first step, we conducted a significant analysis of the discovered vulnerabilities. We also investigated using exploit methods and tools to see how discovered vulnerabilities can be exposed and extended to conduct actual attacks. Lastly, we analyzed exploitation results in order to find possible ways to make the software defined network more secure. As the most popular open source controller, we used OpenDayLight controller in our experiments.