Outsmarting Network Security with SDN Teleportation · •Vital for national security. Backdoors,...

17
Outsmarting Network Security with SDN Teleportation KASHYAP THIMMARAJU (TU BERLIN, GERMANY) LIRON SCHIFF (GUARDICORE LABS, ISRAEL) STEFAN SCHMID (AALBORG UNIVERSITY, DENMARK) IEEE EURO S&P, PARIS, FRANCE APRIL 2017

Transcript of Outsmarting Network Security with SDN Teleportation · •Vital for national security. Backdoors,...

Page 1: Outsmarting Network Security with SDN Teleportation · •Vital for national security. Backdoors, exploits and 0days in Networking Equipment. Backdoors in SDN equipment •Does that

Outsmarting Network Security with SDN Teleportation

KASHYAP THIMMARAJU (TU BERLIN, GERMANY)

LIRON SCHIFF (GUARDICORE LABS, ISRAEL)

STEFAN SCHMID (AALBORG UNIVERSITY, DENMARK)

IEEE EURO S&P, PARIS, FRANCEAPRIL 2017

Page 2: Outsmarting Network Security with SDN Teleportation · •Vital for national security. Backdoors, exploits and 0days in Networking Equipment. Backdoors in SDN equipment •Does that

Networking Equipment is Critical• It forms a technological foundation for communication

• It contributes to the economy

• Vital for national security

Page 3: Outsmarting Network Security with SDN Teleportation · •Vital for national security. Backdoors, exploits and 0days in Networking Equipment. Backdoors in SDN equipment •Does that

Backdoors, exploits and 0days in Networking Equipment

Page 4: Outsmarting Network Security with SDN Teleportation · •Vital for national security. Backdoors, exploits and 0days in Networking Equipment. Backdoors in SDN equipment •Does that

Backdoors in SDN equipment• Does that introduce new attacks?

• Can we detect backdoor activity?

Page 5: Outsmarting Network Security with SDN Teleportation · •Vital for national security. Backdoors, exploits and 0days in Networking Equipment. Backdoors in SDN equipment •Does that

Software Defined Networking (SDN)is a networking paradigm

● Separated planes● Centralized model

Data plane

Control plane

Switch

Controller

Page 6: Outsmarting Network Security with SDN Teleportation · •Vital for national security. Backdoors, exploits and 0days in Networking Equipment. Backdoors in SDN equipment •Does that

SDN Teleportation:An attack previously not possible

Traditional Networks

Software Defined Networks

Teleportation

Data plane

Control plane

Controlplane

Page 7: Outsmarting Network Security with SDN Teleportation · •Vital for national security. Backdoors, exploits and 0days in Networking Equipment. Backdoors in SDN equipment •Does that

SDN Teleportation poses several threats● Bypass security mechanisms

● Attack coordination

● Exfiltration

● Eavesdrop

Page 8: Outsmarting Network Security with SDN Teleportation · •Vital for national security. Backdoors, exploits and 0days in Networking Equipment. Backdoors in SDN equipment •Does that

The Teleportation Model

1)Switch to Controller

2)Controller to Switches

3)Destination Processing

Switch

Controller

(1) (2)

0110... (3)

Switch

Page 9: Outsmarting Network Security with SDN Teleportation · •Vital for national security. Backdoors, exploits and 0days in Networking Equipment. Backdoors in SDN equipment •Does that

Teleportation Techniques• Out-of-band Forwarding

• Flow (re-)configurations

• Switch Identification

Page 10: Outsmarting Network Security with SDN Teleportation · •Vital for national security. Backdoors, exploits and 0days in Networking Equipment. Backdoors in SDN equipment •Does that

Out-of-band Forwarding Teleportation● Complete packets from one

switch are teleported to

another switch

Packet-in

Packet-Out

Page 11: Outsmarting Network Security with SDN Teleportation · •Vital for national security. Backdoors, exploits and 0days in Networking Equipment. Backdoors in SDN equipment •Does that

Flow (Re-)Configuration Teleportation● Exploit the controllers

centralized control to

reconfigure the network

when a host moves across

the networkPack

et-in

Flow-add Packet-in

Flow-addFlow-delete

Page 12: Outsmarting Network Security with SDN Teleportation · •Vital for national security. Backdoors, exploits and 0days in Networking Equipment. Backdoors in SDN equipment •Does that

Switch Identification Teleportation● Impersonate the

Datapath-ID to

communicate

information Hello

Features-request Features-request

Features-reply

(DPID

=1) Features-reply (DPID=1)

Hello

Page 13: Outsmarting Network Security with SDN Teleportation · •Vital for national security. Backdoors, exploits and 0days in Networking Equipment. Backdoors in SDN equipment •Does that

Attacks using Teleportation● Bypass firewalls, IDS and IPS

● Exfiltration

● Man-in-the-middle

● Rendezvous/Attack coordination

Page 14: Outsmarting Network Security with SDN Teleportation · •Vital for national security. Backdoors, exploits and 0days in Networking Equipment. Backdoors in SDN equipment •Does that

Teleportation Bandwidth

Page 15: Outsmarting Network Security with SDN Teleportation · •Vital for national security. Backdoors, exploits and 0days in Networking Equipment. Backdoors in SDN equipment •Does that

Countermeasures● Packet-in-Packet-Out Watcher

● Audit-Trails and Accountability

● Enhanced IDS with Waypoint Enforcement

Page 16: Outsmarting Network Security with SDN Teleportation · •Vital for national security. Backdoors, exploits and 0days in Networking Equipment. Backdoors in SDN equipment •Does that

Conclusions● Introduced a conceptually novel SDN attack

● Teleportation enables several attacks

● Teleportation has high quality and throughput

● Suggested Teleportation countermeasures

Page 17: Outsmarting Network Security with SDN Teleportation · •Vital for national security. Backdoors, exploits and 0days in Networking Equipment. Backdoors in SDN equipment •Does that

Questions


IOS Backdoors Attack Points Surveillance Mechanisms

IOS Backdoors Attack Points Surveillance Mechanisms

CEH Module 08: Trojans and Backdoors

CEH Module 08: Trojans and Backdoors

Trojan backdoors

Trojan backdoors

When you don't have 0days: client-side exploitation for the masses

When you don't have 0days: client-side exploitation for the masses

Backdoors PHP y ofuscación

Backdoors PHP y ofuscación

Modul 7 Trojan, Backdoors,RootKit

Modul 7 Trojan, Backdoors,RootKit

Trojans and backdoors

Trojans and backdoors

Backdoors Et Rootkits Avancees

Backdoors Et Rootkits Avancees

Backdoors: Definition, Deniability and Detection

Backdoors: Definition, Deniability and Detection

How to discover 1352 Wordpress plugin 0days in one hour (not really)

How to discover 1352 Wordpress plugin 0days in one hour (not really)

Oracle Backdoors

Oracle Backdoors

Building Defensive Architectures Using Backdoors

Building Defensive Architectures Using Backdoors

Shell Trojan Generators / Droppers / Backdoors Notes

Shell Trojan Generators / Droppers / Backdoors Notes

CEH - Module 6 : Trojans and Backdoors

CEH - Module 6 : Trojans and Backdoors

CryptoSystem Backdoors - Steve Gibson

CryptoSystem Backdoors - Steve Gibson

StHack 2014 - Raoul Chiesa The evolution of 0days market

StHack 2014 - Raoul Chiesa The evolution of 0days market

Ataques com Backdoors

Ataques com Backdoors

1 Backdoors and Trojans. ECE 4112 - Internetwork Security 2 Agenda Overview Netcat Trojans/Backdoors.

1 Backdoors and Trojans. ECE 4112 - Internetwork Security 2 Agenda Overview Netcat Trojans/Backdoors.

Backdoors in Crypto - BU

Backdoors in Crypto - BU

Troyanos y Backdoors

Troyanos y Backdoors