DELTA is a penetration testing framework that regenerates known attack scenarios for diverse test cases. This framework also provides the capability of discovering unknown security problems in SDN by employing a fuzzing technique.
- Agent-Manager is the control tower. It takes full control over all the agents deployed to the target SDN network.
- Application-Agent is a legitimate SDN application that conducts attack procedures and is controller-dependent. The known malicious functions are implemented as application-agent functions.
- Channel-Agent is deployed between the controller and the OpenFlow-enabled switch. The agent sniffs and modifies the unencrypted control messages. It is controller-independent.
- Host-Agent behaves as if it was a legitimate host participating in the target SDN network. The agent demonstrates an attack in which a host attempts to compromise the control plane.
Also Read whatweb – Tool to Discover Security Vulnerabilities With Your Web Application
Its installation depends on maven and ant build system. The mvn command is used to install the agent-manager and the agents. It can support an All-In-One Single Machine environment via containers as well as a real hardware SDN environment.
- STEP 1. Get the source code of DELTA on the agent manager machine
$ git clone https://github.com/OpenNetworkingFoundation/DELTA.git
- STEP 2. Install DELTA dependencies
$ cd <DELTA>/tools/dev/delta-setup/ $ ./delta-setup-devenv-ubuntu
- STEP 3. Install three containers using lxc
$ source ./<DELTA>/tools/dev/delta-setup/bash_profile $ cd <DELTA>/tools/dev/lxc-setup $ ./lxc-create $ sudo vi /etc/default/lxc-net Uncomment "LXC_DHCP_CONFILE=/etc/lxc/dnsmasq.conf" $ sudo service lxc-net restart $ sudo lxc-start -n container-cp -d $ sudo vi /etc/apparmor.d/abstractions/lxc/container-base Uncomment "mount options=(rw, make-rprivate) -> **," $ sudo apparmor_parser -r /etc/apparmor.d/lxc-containers $ cd ~ $ ssh-keygen -t rsa (Press Enter) $ ssh-copy-id -i ~/.ssh/id_rsa.pub $DELTA_CP (ID: ubuntu, PW: ubuntu) $ ssh $DELTA_CP (DELTA_CP) $ sudo visudo In the bottom of the file, type the follow: ubuntu ALL=(ALL) NOPASSWD: ALL (DELTA_CP) $ exit $ cd <DELTA>/tools/dev/lxc-setup $ ./lxc-setup $ ssh-copy-id -i ~/.ssh/id_rsa.pub $DELTA_CH $ ssh-copy-id -i ~/.ssh/id_rsa.pub $DELTA_DP
- In the case of all-in-one single machine, the test environment is automatically setup as below:
- STEP 1. Distribute the executable files to Containers
$ cd <DELTA> $ source ./tools/dev/delta-setup/bash_profile $ ./tools/dev/delta-setup/delta-agents-scp
- STEP 2. Execute Agent-Manager first
$ cd <DELTA> $ bin/run-delta tools/config/<configuration file> # e.g., manager_vm.cfg DELTA: A Penetration Testing Framework for Software-Defined Networks [pP] - Show all known attacks [cC] - Show configuration info [kK] - Replaying known attack(s) [uU] - Finding an unknown attack [qQ] - Quit Command>_
- STEP 3. Connect Web-based UI (port number is 7070)
- Seungsoo Lee (KAIST)
- Jinwoo Kim (KAIST)
- Seungwon Woo (KAIST)
- Changhoon Yoon (KAIST)
- Sandra Scott-Hayward (Queen’s University Belfast)
- Seungwon Shin (KAIST)