Software Defined Networking Security

Recommendations

Info

Netconf CVE-2014-5035 ● ODL Netconf API processes user-supplied XML (also restconf) ● Example vuln code: controller / opendaylight/netconf/netconfutil/src/main/java/org/opendaylight/controller/netconf/util/xml/XmlUtil.java ● Demo...
Topology spoofing via host tracking CVE-2015-1611 ● Most SDN controllers include host tracking, allowing hosts to migrate between different physical locations in the network. ● Host tracking is based on monitoring of Packet-In messages, and does not require any validation, authentication, or authorization. ● An attacker can impersonate a host and make the SDN controller believe it has migrated to a physical network location controlled by the attacker.
Page 1 and 2: Software Defined Networking Securit
Page 3 and 4: Introduction ● Security nerd, rec
Page 5: “SDN is an approach to computer n
Page 10 and 11: SDN Attack Surface ● Traditional
Page 12 and 13: SDN Attack Surface ● SDN controll
Page 14 and 15: Recent SDN vulnerabilities
Page 18 and 19: Topology spoofing via host tracking
Page 20 and 21: Defensive technologies
Page 22 and 23: Security-mode ONOS ● A new featur
Page 24 and 25: Open Source Security Response ● A
Page 26 and 27: Secure engineering best practices
Page 28 and 29: Open Source Secure Engineering
Page 30 and 31: ODL: Current security status
Page 33 and 34: ODL: Secure Engineering ● Great a
Page 35: ODL: Security Vision ● Industry l
Page 38 and 39: Next Steps ● More research into d

Software Defined Networking Security

Create successful ePaper yourself

Delete template?

Save as template?