DELTA: SDN SECURITY EVALUATION FRAMEWORK

What is DELTA?

DELTA is a penetration testing framework that regenerates known attack scenarios for diverse test cases. This framework also provides the capability of discovering unknown security problems in SDN by employing a fuzzing technique.

• Agent-Manager is the control tower. It takes full control over all the agents deployed to the target SDN network.
• Application-Agent is a legitimate SDN application that conducts attack procedures and is controller-dependent. The known malicious functions are implemented as application-agent functions.
• Channel-Agent is deployed between the controller and the OpenFlow-enabled switch. The agent sniffs and modifies the unencrypted control messages. It is controller-independent.
• Host-Agent behaves as if it was a legitimate host participating in the target SDN network. The agent demonstrates an attack in which a host attempts to compromise the control plane.

Prerequisites

In order to build and run DELTA, the following are required:

• An agent manager based on Ubuntu 16.04 LTS 64 bit
  • Ant build system
  • Maven v3.3.9
  • LXC 2.0
  • JDK 1.8
• Target Controller (for application agent)
  • Floodlight: ~1.2
  • ONOS: 1.1, 1.6, 1.9, 1.13.1 (being tested)
  • OpenDaylight: ~Oxygen
  • Ryu: 4.16
• Cbench (for channel agent)
• Mininet 2.2 (for host agent)
• (in the case of All-In-One Single Machine) Three lxc containers based on Ubuntu 16.04 LTS 64 bit.
  • Container-1: Target controller + Application agent
  • Container-2: Channel agent
  • Container-3: Host agent

Installing DELTA

DELTA installation depends on maven and ant build system. The mvn command is used to install the agent-manager and the agents. DELTA can support an All-In-One Single Machine environment via containers as well as a real hardware SDN environment.

• STEP 1. Get the source code of DELTA on the agent manager machine

$ git clone https://github.com/seungsoo-lee/DELTA.git

• STEP 2. Install DELTA dependencies

$ cd <DELTA>/tools/dev/delta-setup/
$ ./delta-setup-devenv-ubuntu

• STEP 3. Install three containers using lxc

$ source ./<DELTA>/tools/dev/delta-setup/bash_profile
$ cd <DELTA>/tools/dev/lxc-setup
$ ./lxc-dev-install

$ sudo vi /etc/default/lxc-net
Uncomment "LXC_DHCP_CONFILE=/etc/lxc/dnsmasq.conf"
$ sudo service lxc-net restart
$ sudo lxc-start -n container-cp -d

$ sudo vi /etc/apparmor.d/abstractions/lxc/container-base
Uncomment "mount options=(rw, make-rprivate) -> **,"
$ sudo apparmor_parser -r /etc/apparmor.d/lxc-containers

$ cd ~
$ ssh-keygen -t rsa
(Press Enter)
$ ssh-copy-id -i ~/.ssh/id_rsa.pub $DELTA_CP
(ID: ubuntu, PW: ubuntu)

$ ssh $DELTA_CP
(DELTA_CP) $ sudo visudo
In the bottom of the file, type the follow:
ubuntu ALL=(ALL) NOPASSWD: ALL
(DELTA_CP) $ exit

$ cd <DELTA>/tools/dev/lxc-setup
$ ./lxc-dev-setup
$ ssh-copy-id -i ~/.ssh/id_rsa.pub $DELTA_CH
$ ssh-copy-id -i ~/.ssh/id_rsa.pub $DELTA_DP

• STEP 4. Install DELTA using maven build

$ cd <DELTA>
$ source ./tools/dev/delta-setup/bash_profile
$ mvn clean install

• The test environment is automatically setup as below:

Configuring your own experiments

• The agent-manager automatically reads a configuration file and sets up the test environment based on the file. [/tools/config/manager_default.cfg] contains the All-In-One Single Machine configuration by default.

  CONTROLLER_SSH=[account-id]@[agent-controller ipAddr]
  CHANNEL_SSH=[account-id]@[agent-channel ipAddr]
  HOST_SSH=[account-id]@[agent-host ipAddr]
  TARGET_HOST=10.0.0.2
  ONOS_ROOT=/home/vagrant/onos-1.6.0
  CBENCH_ROOT=/home/vagrant/oflops/cbench/
  TARGET_CONTROLLER=Floodlight
  TARGET_VERSION=0.91
  OF_PORT=6633
  OF_VER=1.3
  MITM_NIC=eth1
  CONTROLLER_IP=[agent-controller ipAddr]
  SWITCH_IP=[agent-host ipAddr],[agent-host ipAddr],[agent-host ipAddr]
  DUMMY_CONT_IP=[agent-manager ipAddr]
  DUMMY_CONT_PORT=6633
  AM_IP=[agent-manager ipAddr]
  AM_PORT=3366

  Floodlight 1.2

  $ cd <DELTA>/tools/dev/app-agent-setup
  $ ./floodlight-1.2-scp

  ONOS 1.1 (depreciated)

  $ cd <DELTA>/tools/dev/app-agent-setup/onos
  $ ./onos-1.1.0-scp
  (on the controller machine) $ ./onos-1.1.0-setup

  ONOS 1.6, 1.9 or 1.13.1

  
  $ cd <DELTA>/tools/dev/app-agent-setup/onos
  $ ./delta-setup-onos <onos-version>
  $ ./delta-scp-onos <onos-version>

• Supported ONOS version in the script: 1.6, 1.9, 1.13.1

  > OpenDaylight Oxygen

  $ cd /tools/dev/app-agent-setup $ ./odl-oxygen-scp

  > Ryu 4.16

  $ cd /tools/dev/app-agent-setup/ryu $ ./delta-setup-ryu

• The app-agent (on the controller container) needs 'agent.cfg' file to connect to the agent-manager.

  MANAGER_IP=[agent-manager ipAddr]
  MANAGER_PORT=3366

Running DELTA

• STEP 1. Distribute the executable files to Containers

$ cd <DELTA>
$ source ./tools/dev/delta-setup/bash_profile
$ ./tools/dev/delta-setup/delta-agents-scp

• STEP 2. Execute Agent-Manager first

  
  $ cd <DELTA>
  $ bin/run-delta <configuration file>
  (e.g., bin/run-delta config/manager_vm.cfg)
  
  DELTA: A Penetration Testing Framework for Software-Defined Networks
  
  [pP]   - Show all known attacks
  [cC]   - Show configuration info
  [kK]   - Replaying known attack(s)
  [uU]   - Finding an unknown attack
  [qQ]   - Quit

Command>_

+ STEP 3. Connect Web-based UI (port number is 7070)
![WEB](images/delta_webui.png)

## Main Contributors
+ Seungsoo Lee (KAIST)
+ Jinwoo Kim (KAIST)
+ Seungwon Woo (KAIST)
+ Haney Kang (KAIST)
+ Jaehan Kim (KAIST)
+ Changhoon Yoon (KAIST)
+ Sandra Scott-Hayward (Queen's University Belfast)
+ Seungwon Shin (KAIST)

## Collaborators
+ Phil Porras, Vinod Yegneswaran (SRI International) 
+ Kyuho Hwang, Daewon Jung (National Security Research Institute)
+ [Atto Research](http://www.atto-research.com/index.php/en/home/)
+ ![collabo](images/delta_collabo.png)

## Questions?
Send questions or feedback to: lss365@kaist.ac.kr, jinwoo.kim@kaist.ac.kr