DELTA is a penetration testing framework that regenerates known attack scenarios for diverse test cases. This framework also provides the capability of discovering unknown security problems in SDN by employing a fuzzing technique.
- Agent-Manager is the control tower. It takes full control over all the agents deployed to the target SDN network.
- Application-Agent is a legitimate SDN application that conducts attack procedures and is controller-dependent. The known malicious functions are implemented as application-agent functions.
- Channel-Agent is deployed between the controller and the OpenFlow-enabled switch. The agent sniffs and modifies the unencrypted control messages. It is controller-independent.
- Host-Agent behaves as if it was a legitimate host participating in the target SDN network. The agent demonstrates an attack in which a host attempts to compromise the control plane.
In order to build and run DELTA, the following are required:
- An agent manager based on Ubuntu 16.04 LTS 64 bit
- Ant build system
- Maven v3.3.9
- LXC 2.0
- JDK 1.8
- Target Controller (for application agent)
- Floodlight: ~1.2
- ONOS: 1.1, 1.6, 1.9, 1.13.1 (being tested)
- OpenDaylight: ~Oxygen
- Ryu: 4.16
- Cbench (for channel agent)
- Mininet 2.2 (for host agent)
- (in the case of All-In-One Single Machine) Three lxc containers based on Ubuntu 16.04 LTS 64 bit.
- Container-1: Target controller + Application agent
- Container-2: Channel agent
- Container-3: Host agent
DELTA installation depends on maven and ant build system. The mvn command is used to install the agent-manager and the agents. DELTA can support an All-In-One Single Machine environment via containers as well as a real hardware SDN environment.
- STEP 1. Get the source code of DELTA on the agent manager machine
$ git clone https://github.com/seungsoo-lee/DELTA.git - STEP 2. Install DELTA dependencies
$ cd <DELTA>/tools/dev/delta-setup/ $ ./delta-setup-devenv-ubuntu - STEP 3. Install three containers using lxc
$ source ./<DELTA>/tools/dev/delta-setup/bash_profile $ cd <DELTA>/tools/dev/lxc-setup $ ./lxc-dev-install $ sudo vi /etc/default/lxc-net Uncomment "LXC_DHCP_CONFILE=/etc/lxc/dnsmasq.conf" $ sudo service lxc-net restart $ sudo lxc-start -n container-cp -d $ sudo vi /etc/apparmor.d/abstractions/lxc/container-base Uncomment "mount options=(rw, make-rprivate) -> **," $ sudo apparmor_parser -r /etc/apparmor.d/lxc-containers $ cd ~ $ ssh-keygen -t rsa (Press Enter) $ ssh-copy-id -i ~/.ssh/id_rsa.pub $DELTA_CP (ID: ubuntu, PW: ubuntu) $ ssh $DELTA_CP (DELTA_CP) $ sudo visudo In the bottom of the file, type the follow: ubuntu ALL=(ALL) NOPASSWD: ALL (DELTA_CP) $ exit $ cd <DELTA>/tools/dev/lxc-setup $ ./lxc-dev-setup $ ssh-copy-id -i ~/.ssh/id_rsa.pub $DELTA_CH $ ssh-copy-id -i ~/.ssh/id_rsa.pub $DELTA_DP - STEP 4. Install DELTA using maven build
$ cd <DELTA> $ source ./tools/dev/delta-setup/bash_profile $ mvn clean install - The test environment is automatically setup as below:
- The agent-manager automatically reads a configuration file and sets up the test environment based on the file. [/tools/config/manager_default.cfg] contains the All-In-One Single Machine configuration by default.
CONTROLLER_SSH=[account-id]@[agent-controller ipAddr] CHANNEL_SSH=[account-id]@[agent-channel ipAddr] HOST_SSH=[account-id]@[agent-host ipAddr] TARGET_HOST=10.0.0.2 ONOS_ROOT=/home/vagrant/onos-1.6.0 CBENCH_ROOT=/home/vagrant/oflops/cbench/ TARGET_CONTROLLER=Floodlight TARGET_VERSION=0.91 OF_PORT=6633 OF_VER=1.3 MITM_NIC=eth1 CONTROLLER_IP=[agent-controller ipAddr] SWITCH_IP=[agent-host ipAddr],[agent-host ipAddr],[agent-host ipAddr] DUMMY_CONT_IP=[agent-manager ipAddr] DUMMY_CONT_PORT=6633 AM_IP=[agent-manager ipAddr] AM_PORT=3366 Floodlight 1.2
$ cd <DELTA>/tools/dev/app-agent-setup $ ./floodlight-1.2-scp ONOS 1.1 (depreciated)
$ cd <DELTA>/tools/dev/app-agent-setup/onos $ ./onos-1.1.0-scp (on the controller machine) $ ./onos-1.1.0-setup ONOS 1.6, 1.9 or 1.13.1
$ cd <DELTA>/tools/dev/app-agent-setup/onos $ ./delta-setup-onos <onos-version> $ ./delta-scp-onos <onos-version> * Supported ONOS version in the script: 1.6, 1.9, 1.13.1 OpenDaylight Oxygen
$ cd <DELTA>/tools/dev/app-agent-setup $ ./odl-oxygen-scp Ryu 4.16
$ cd <DELTA>/tools/dev/app-agent-setup/ryu $ ./delta-setup-ryu - The app-agent (on the controller container) needs 'agent.cfg' file to connect to the agent-manager.
MANAGER_IP=[agent-manager ipAddr] MANAGER_PORT=3366 - STEP 1. Distribute the executable files to Containers
$ cd <DELTA> $ source ./tools/dev/delta-setup/bash_profile $ ./tools/dev/delta-setup/delta-agents-scp - STEP 2. Execute Agent-Manager first
$ cd <DELTA> $ bin/run-delta <configuration file> (e.g., bin/run-delta config/manager_vm.cfg) DELTA: A Penetration Testing Framework for Software-Defined Networks [pP] - Show all known attacks [cC] - Show configuration info [kK] - Replaying known attack(s) [uU] - Finding an unknown attack [qQ] - Quit Command>_ - STEP 3. Connect Web-based UI (port number is 7070)
- Seungsoo Lee (KAIST)
- Jinwoo Kim (KAIST)
- Seungwon Woo (KAIST)
- Haney Kang (KAIST)
- Jaehan Kim (KAIST)
- Changhoon Yoon (KAIST)
- Sandra Scott-Hayward (Queen's University Belfast)
- Seungwon Shin (KAIST)
- Phil Porras, Vinod Yegneswaran (SRI International)
- Kyuho Hwang, Daewon Jung (National Security Research Institute)
- Atto Research
Send questions or feedback to: lss365@kaist.ac.kr, jinwoo.kim@kaist.ac.kr