SHARE
Delta

DELTA is a penetration testing framework that regenerates known attack scenarios for diverse test cases. This framework also provides the capability of discovering unknown security problems in SDN by employing a fuzzing technique.

  1. Agent-Manager is the control tower. It takes full control over all the agents deployed to the target SDN network.
  2. Application-Agent is a legitimate SDN application that conducts attack procedures and is controller-dependent. The known malicious functions are implemented as application-agent functions.
  3. Channel-Agent is deployed between the controller and the OpenFlow-enabled switch. The agent sniffs and modifies the unencrypted control messages. It is controller-independent.
  4. Host-Agent behaves as if it was a legitimate host participating in the target SDN network. The agent demonstrates an attack in which a host attempts to compromise the control plane.

Also Read whatweb – Tool to Discover Security Vulnerabilities With Your Web Application

Installing DELTA

Its installation depends on maven and ant build system. The mvn command is used to install the agent-manager and the agents. It can support an All-In-One Single Machine environment via containers as well as a real hardware SDN environment.

  • STEP 1. Get the source code of DELTA on the agent manager machine
$ git clone https://github.com/OpenNetworkingFoundation/DELTA.git
  • STEP 2. Install DELTA dependencies
$ cd <DELTA>/tools/dev/delta-setup/
$ ./delta-setup-devenv-ubuntu
  • STEP 3. Install three containers using lxc
$ source ./<DELTA>/tools/dev/delta-setup/bash_profile
$ cd <DELTA>/tools/dev/lxc-setup
$ ./lxc-create

$ sudo vi /etc/default/lxc-net
Uncomment "LXC_DHCP_CONFILE=/etc/lxc/dnsmasq.conf"
$ sudo service lxc-net restart
$ sudo lxc-start -n container-cp -d

$ sudo vi /etc/apparmor.d/abstractions/lxc/container-base
Uncomment "mount options=(rw, make-rprivate) -> **,"
$ sudo apparmor_parser -r /etc/apparmor.d/lxc-containers

$ cd ~
$ ssh-keygen -t rsa
(Press Enter)
$ ssh-copy-id -i ~/.ssh/id_rsa.pub $DELTA_CP
(ID: ubuntu, PW: ubuntu)

$ ssh $DELTA_CP
(DELTA_CP) $ sudo visudo
In the bottom of the file, type the follow:
ubuntu ALL=(ALL) NOPASSWD: ALL
(DELTA_CP) $ exit

$ cd <DELTA>/tools/dev/lxc-setup
$ ./lxc-setup
$ ssh-copy-id -i ~/.ssh/id_rsa.pub $DELTA_CH
$ ssh-copy-id -i ~/.ssh/id_rsa.pub $DELTA_DP

  • In the case of all-in-one single machine, the test environment is automatically setup as below:

Running DELTA

  • STEP 1. Distribute the executable files to Containers
$ cd <DELTA>
$ source ./tools/dev/delta-setup/bash_profile
$ ./tools/dev/delta-setup/delta-agents-scp
  • STEP 2. Execute Agent-Manager first
$ cd <DELTA>
$ bin/run-delta tools/config/<configuration file> # e.g., manager_vm.cfg

 DELTA: A Penetration Testing Framework for Software-Defined Networks

 [pP]	- Show all known attacks
 [cC]	- Show configuration info
 [kK]	- Replaying known attack(s)
 [uU]	- Finding an unknown attack
 [qQ]	- Quit

Command>_
  • STEP 3. Connect Web-based UI (port number is 7070)

Main Contributors

  • Seungsoo Lee (KAIST)
  • Jinwoo Kim (KAIST)
  • Seungwon Woo (KAIST)
  • Changhoon Yoon (KAIST)
  • Sandra Scott-Hayward (Queen’s University Belfast)
  • Seungwon Shin (KAIST)