Attacking SDN Infrastructure: Are We Ready for The Next-Gen Networking?

by Changhoon Yoon, Seungsoo Lee
Sept. 14, 2017 1 comment belen_caty sdn

In this briefing, we explore the attack surface of SDN by actually attacking each layer of SDN stack. The SDN stack is generally composed of control plane, control channel and data plane: The control plane implementations, which are commonly known as SDN controllers or Network OS, implementations are commonly developed and distributed as an open-source project. Of those various Network OS implementations, we attack the most prevalent ones, OpenDaylight (ODL) [1] and Open Network Operating System (ONOS) [2]. These Network OS projects are both actively led by major telecommunication and networking companies, and some of the companies have already deployed them to their private cloud or network [3, 4]. For the control channel, we also attack a well-known SDN protocol [5], OpenFlow. In the case of the data plane, we test some OpenFlow-enabled switch device products from major vendors, such as HP and Pica8.

Steven Ulm 8 months ago

Not sure that we are ready at the moment for the next gen as even the current generation brings up big problems to us...