Delta is a new SDN security evaluation framework with two main functions:
(1) It can automatically instantiate attack cases against SDN elements across diverse environments, and
(2) it can assist in uncovering unknown security problems within an SDN deployment.
Delta has evolved from two previous projects. Project Florence was a security testing framework to implement a set of test cases for validating the security features of OpenFlow-based switch and controller implementations. The Florence project originated with the Open Networking Foundation Security WG. The suite of security test cases developed within Florence form a basis for the security assessment in Delta. The second project contributing to Delta is POSEIDON. POSEIDON was developed at Korea Advanced Institute of Science and Technology (KAIST) as an automated penetration testing framework. The extensible testing framework of POSEIDON combined with the security requirements based test suite of Florence produce the strong SDN security evaluation framework of Delta.
Motivated by security penetration testing (or pen-testing) tools in the traditional network security domain, Delta represents the first pen-testing tool for SDN environments. It is envisaged that this tool will be used for security conformance benchmarking of SDN devices.
In addition, the testing tool incorporates a specialized fuzzing module to exploit opportunities for discovering unknown security flaws in SDNs.
If you are interested in contributing to Delta, please send an email with your name, company/affiliation, and your interest to firstname.lastname@example.org.
Seungsoo Lee, Sandra Scott-Hayward, Seungwon Shin, Changhoon Yoon, Jinwoo Kim
Open Source SDN/Apache 2.0