Browsing by Author "Andrade, Ricardo Miguel Nunes"
Now showing 1 - 1 of 1
Results Per Page
Sort Options
- Penetration testing of software defined networks through Web applicationsPublication . Andrade, Ricardo Miguel Nunes; Pinho, Pedro Renato Tavares deNetworks have been evolving along the years, but nowadays, the network elements need great capabilities to process big networks, for this case Software Defined Network (SDN) appeared to centralize all the control of the network in one place. There are two types of SDN solutions; the transport and the packet, and both have the same theoretical purpose, which is to abstract the network elements such as routers and switches, from the complexity of the management and control of the network itself. The main difference between both solutions states that; the transport solution has the primary purpose of establishing and provision services within the network while the packet solution is more packetoriented, which implies the use in traditional networks. This work will focus on the security of a real and deployed solution pack containing web applications that are connected to SDN. The solution belongs to Infinera, and this work purpose is to investigate how does SDN responds to various attacks deployed against a web application that directly connects to it. It was used a particular Linux distribution named Kali to execute the tests; were used different tools, and some scripts developed in order to automate the test procedures. A first impression of the results of the tests was that even though security is a very un-explored paradigm when regarding SDN, this solution handled very well the deployed attacks and, therefore, a very secure solution regarding these tests. It was also essential to notice that SDN as independent software, concerning the web application, it was not very affected by thus attacks. Some vulnerabilities were discovered, and for thus, suggested a remediation solution.