Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
SDN Final Report
Search
adr
June 21, 2019
Technology
0
450
SDN Final Report
adr
June 21, 2019
Tweet
Share
More Decks by adr
See All by adr
Skrull Like A King: 從重兵看守的天眼防線殺出重圍
aaaddress1
3
1.5k
Rebuild The Heaven's Gate: from 32 bit Hell back to Heaven Wonderland
aaaddress1
0
1.1k
重建天堂之門:從 32bit 地獄一路打回天堂聖地
aaaddress1
0
420
Reversing In Wonderland: Neural Network Based Malware Detection Techniques
aaaddress1
2
720
CYBERSEC: 唉唷,你的簽章根本沒在驗啦。
aaaddress1
1
4k
SITCON: Playing Win32 Like a K!NG ;)
aaaddress1
2
1.2k
NTUST [2019]: Windows Reversing
aaaddress1
0
1.1k
Duplicate Paths Attack: Get Elevated Privilege from Forged Identities
aaaddress1
0
1.6k
Computer Security 資安實務: Windows Reversing [Dark Art]
aaaddress1
8
1.8k
Other Decks in Technology
See All in Technology
移行できそうでやりきれなかった 10年超えのシステムを葬るための戦略
ryu955
2
520
ソフトウェア開発現代史: なぜ日本のソフトウェア開発は「滝」なのか?製造業の成功体験とのギャップ #jassttokyo
takabow
2
1.6k
一人QA時代が終わり、 QAチームが立ち上がった話
ma_cho29
0
290
年末調整プロダクトの内部品質改善活動について
kaomi_wombat
0
210
ルートユーザーの活用と管理を徹底的に深掘る
yuobayashi
6
730
Keynote - KCD Brazil - Platform Engineering on K8s (portuguese)
salaboy
0
130
SpannerとAurora DSQLの同時実行制御の違いに想いを馳せる
masakikato5
0
570
製造業の会計システムをDDDで開発した話
caddi_eng
3
980
LINE Notify互換のボットを作った話
kenichirokimura
0
180
数百台のオンプレミスのサーバーをEKSに移行した話
yukiteraoka
0
680
ソフトウェアプロジェクトの成功率が上がらない原因-「社会価値を考える」ということ-
ytanaka5569
0
130
KCD Brazil '25: Enabling Developers with Dapr & Backstage
salaboy
1
130
Featured
See All Featured
The Illustrated Children's Guide to Kubernetes
chrisshort
48
49k
10 Git Anti Patterns You Should be Aware of
lemiorhan
PRO
656
60k
A designer walks into a library…
pauljervisheath
205
24k
Embracing the Ebb and Flow
colly
85
4.6k
Building Your Own Lightsaber
phodgson
104
6.3k
Thoughts on Productivity
jonyablonski
69
4.5k
Improving Core Web Vitals using Speculation Rules API
sergeychernyshev
12
610
Code Reviewing Like a Champion
maltzj
522
39k
Building Better People: How to give real-time feedback that sticks.
wjessup
367
19k
Building Flexible Design Systems
yeseniaperezcruz
328
38k
Building Applications with DynamoDB
mza
94
6.3k
Keith and Marios Guide to Fast Websites
keithpitt
411
22k
Transcript
SDN-Based Intrusion Prevention System Software-Defined Networking and Function Virtualization
>_SDN? Host A ... Switch A Service Flow Table Host
B Host C Host N Switch B Service Flow Table
>_SDN Host A ... Switch A Service Flow Table Host
B Host C Host N Switch B Service Flow Table Controller Service Ctrl Srv
>_SDN? Host A ... Switch A Service Flow Table Host
B Host C Host N Switch B Service Flow Table External Network Controller Service Ctrl Srv
>_Issue Host A ... Switch A Service Flow Table Host
B Host C Host N Switch B Service Flow Table Controller Service Ctrl Srv Hacking Behavior Packets Packets DDoS, Telnet/SSH Brutforce, Ransomware, etc.
>_Issue Host A ... Switch A Service Flow Table Host
B Host C Host N Switch B Service Flow Table Controller Service Ctrl Srv Hacking Behavior Packets Packets DDoS, Telnet/SSH Brutforce, Ransomware, etc.
>_Issue Host A ... Switch A Service Flow Table Host
B Host C Host N Switch B Service Flow Table Controller Service Ctrl Srv Hacking Behavior Packets Packets DDoS, Telnet/SSH Brutforce, Ransomware, etc.
>_Issue Host A ... Switch A Service Flow Table Manager
Host C Emploee Switch B Service Flow Table Controller Service Ctrl Srv Hacking Behavior Packets Packets DDoS, Telnet/SSH Brutforce, Ransomware, etc. $>/bin/sh Bingo! Get Shell.
>_IDS Host A Switch Service Flow Table Host B Host
C IDS Srv Packets Packets Packets Intrusion Detection System
>_ Host A Switch Service Flow Table Host B Host
C IDS Srv Packets Packets Packets IDS Intrusion Detection System Tcpdump
>_IDS Host A Switch Service Flow Table Host B Host
C IDS Srv Intrusion Detection System Hacked Bruteforce credentials (Telnet/SSH/RDP/AD) SMTP (Email) Godmode
>_IDS Host A Switch Service Flow Table Host B Host
C IDS Srv Intrusion Detection System Hacked Bruteforce credentials (Telnet/SSH/RDP/AD) SMTP (Email) Godmode Marked As Pwned Devices
>_SDN Host A Switch A Service Flow Table Host B
Hacked Controller Service Ctrl Srv IDS Srv Scouting Updating Flow
>_SDN Host A Switch A Service Flow Table Host B
Hacked Controller Service Ctrl Srv IDS Srv Isolating Hacked Host
>_SDN Host A Switch A Service Flow Table Host B
Hacked Controller Service Ctrl Srv IDS Srv Isolating Hacked Host
>_SDN? Host A ... Switch A Service Flow Table Host
B Host C Host N Switch B Service Flow Table Controller Service Ctrl Srv IDS Srv IDS Srv
Demo
SDN-Based Intrusion Prevention System Thanks.