Post Exploitation in Software-Defined Networking: A Controller's Perspective

Author(s): Tommy Chin
Category: Exploit Research
Duration: 45
Summary: Software-Defined Networking (SDN) is an emerging paradigm to support and optimize virtualization communication systems. Numerous research development approaches utilize SDN as a catalyst to enhance network management between computing systems and to identify common network security attacks. A major concern in the use of SDN is the trust that an administrator places on their security appliances. This talk provides a broad scale view of SDN functionality, and discusses the scenario where an SDN controller is compromised from either an insider threat or an external adverse user, and how a threat actor can execute post exploitation techniques to an SDN environment. Additionally, this talk discusses how a compromised SDN controller can manipulate network communication towards end-users thus, leading to potential data loss.
Lastly, this talk describes the varying differences an offensive user may achieve in an SDN environment in comparison to traditional hardware-based networking devices.

Likes: 0



SDN is gaining in popularity. Looking forward to digging-in on controller compromise.


SDN threats are real...lets own them!


Curious about the interface and capabilities between the virtual and hardware layers.


Software Defined Pwnage?


It'd be interesting to see how to reroute traffic which wouldn't normally pass through the compromised node. Seems like there should be some BGP style attacks here.


Which SDN in particular are you talking about, I wonder?