Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/lopezalvar/awesome-sdn-security

Collection of SDN security related resources
https://github.com/lopezalvar/awesome-sdn-security

List: awesome-sdn-security

awesome awesome-list sdn sdn-security security software-defined-network software-defined-networking software-defined-networks

Last synced: 11 days ago
JSON representation

Collection of SDN security related resources

Awesome Lists containing this project

README

        

# Awesome SDN Security [![Awesome](https://cdn.rawgit.com/sindresorhus/awesome/d7305f38d29fed78fa85652e3a63e154dd8e8829/media/badge.svg)](https://github.com/sindresorhus/awesome)

### Table of Contents
- [Papers](#Papers)
- [Presentations](#Presentations)
- [Conference Talks](#Talks)
- [Tools](#Tools)
- [Webs](#Webs)
- [Blog posts](#BlogPosts)
- [Vulnerabilities](#Vulnerabilities)

## SDN Security Papers
+ [Exploiting pitfalls in software-defined networking implementation](https://www.researchgate.net/publication/306064144_Exploiting_pitfalls_in_software-defined_networking_implementation) - by Dylan Smith, Victor Cionca, Sean McSweeny, Donna O'Shea [June 2016]
+ [FRESCO: Modular Composable Security Services for Software-Defined Networks](http://www.csl.sri.com/users/vinod/papers/fresco.pdf) - by Seugwon Shin, Phillip Porras, Vinod Yegneswaran, Martin Fong, Guofei Gu, Mabry Tyson [February 2013]
+ [Outsmarting Network Security with SDN Teleportation](https://www.net.t-labs.tu-berlin.de/~stefan/eurosp17.pdf) by Kashyap Thimmaraju, Liron Schiff, Stefan Schmid [April 2017]
+ [SDN-Guard: DoS Attacks Mitigation in SDN Networks](https://ieeexplore.ieee.org/abstract/document/7776605/) by Lobna Dridi, Mohamed Faten Zhani [2016 5th IEEE International Conference on Cloud Networking (Cloudnet)]
+ [Software-Defined Networking (SDN) and Distributed Denial of Service (DDoS) Attacks in Cloud Computing Environments: A Survey, Some Research Issues, and Challenges](https://ieeexplore.ieee.org/abstract/document/7289347/) by Qiao Yan, F. Richard Yu, Qingxiang Gong [IEEE Communications Surveys & Tutorials ( Volume: 18, Issue: 1, Firstquarter 2016 )]
+ [SDN-enabled Traffic Engineering and Advanced Blackholing at IXPs](http://conferences.sigcomm.org/sosr/2017/papers/sosr17-demo-blackholing.pdf) by Christoph Dietzel, Gianni Antichi, Ignacio Castro, Eder L Fernandes, Marco Chiesa, Daniel Kopp [SOSR ’17, April 3–4, 2017, Santa Clara, CA, USA]
+ [SDN Southbound Threats](https://www.sans.org/reading-room/whitepapers/networksecurity/paper/38700) by Mohamed Mahdy [November 20, 2018]
+ [SLDP: A secure and lightweight link discovery protocol for software defined networking](https://www.sciencedirect.com/science/article/abs/pii/S1389128618307916) by Ajay Nehra, Meenakshi Tripathi, Manoj Singh Gaur, Ramesh Babu Battula and Chhagan Lal [Computer Networks
Volume 150, 26 February 2019, Pages 102-116]
+ [A comprehensive survey of security threats and their mitigation techniques for next‐generation SDN controllers](https://onlinelibrary.wiley.com/doi/abs/10.1002/cpe.5300) by Tao Han, Syed Rooh Ullah Jan, Zhiyuan Tan, Muhammad Usman, Mian Ahmad Jan, Rahim Khan, Yongzhao Xu [Concurrency and Computation: Practice and Experience, 17 April 2019]
## SDN Security related presentations
+ [FRESCO: Modular Composable Security Services for Software-Defined Networks](https://es.slideshare.net/rogerjian/fresco-sdn-security-ndss2013-presentation-slides) - [NDSS 2013]
+ [Outsmarting Network Security with SDN Teleportation](https://www.net.t-labs.tu-berlin.de/~stefan/eurosp17slides.pdf) - by Kashyap Thimmaraju, Liron Schiff, Stefan Schmid [IEEE EURo S&P, PARIS, FRANCE April 2017]
+ [Taking Control of SDN-based Cloud Systems via the Data Plane](http://users.sec.t-labs.tu-berlin.de/~hashkash/talks/TakingControlofSDN-basedCloudSystemsviatheDataPlane.pdf) - by Kashyap Thimmaraju, Bhargava Shastry, Tobias Fiebig, Felicitas Hetzelt,
Jean-Pierre Seifert, Anja Feldmann and Stefan Schmid [ACM SOSR 2018, Los Angeles, USA March 2018]
+ [I DPID It My Way! A Covert Timing Channel in Software-Defined Networks](http://users.sec.t-labs.tu-berlin.de/~hashkash/talks/networking18-slides.pdf) - by Robert Krosche, Kashyap Thimmaraju, Liron Schiff and Stefan Schmid [IFIP Networking, Zurich, Switzerland, May 2018] by Ajay Nehra , Meenakshi Tripathi, Manoj Singh Gaur, Ramesh Babu Battula and Chhagan Lal [Computer Networks
Volume 150, 26 February 2019, Pages 102-116]

## SDN Security conference talks
+ [How To Hack SD-WAN And Keep Your Sanity?](https://www.youtube.com/watch?v=bM92UxLnuAs&t=0s&list=PLaIv9WEAzYZPwyGTRZV85NSGaEe3EbJQ9&index=8) by Sergei Gordeichik [Ekoparty, 28 nov. 2018]

## SDN Security Tools
+ [sdnpwn](https://github.com/smythtech/sdnpwn)
+ [DELTA: SDN SECURITY EVALUATION FRAMEWORK](https://github.com/nss-lab/DELTA)

## SDN Security related webs
+ [blog.cyberreboot.org](https://blog.cyberreboot.org/)
+ [Deep Session Learning for Cyber Security](https://blog.cyberreboot.org/deep-session-learning-for-cyber-security-e7c0f6804b81)
+ [TCPDump, and the care and feeding of an intelligent SDN](https://blog.cyberreboot.org/tcpdump-and-the-care-and-feeding-of-an-intelligent-sdn-eca6e7506342)
+ [SDNsecurity.org](http://www.sdnsecurity.org/)
+ [sdnpwn.net](https://sdnpwn.net/)
+ [Data Plane ARP Cache Poisoning](https://sdnpwn.net/2017/09/21/data-plane-arp-cache-poisoning/)

## SDN Security related Blog Posts
+ [An Exploit Chain Against Citrix SD-WAN](https://medium.com/tenable-techblog/an-exploit-chain-against-citrix-sd-wan-709db08fb4ac) by Chris Lyne [Tenable TechBlog, 11 july 2019]

## SDN Security related vulnerabilities
+ **HPE VAN**
+ [HPE VAN SDN Unauthenticated Remote Root Vulnerability](https://korelogic.com/Resources/Advisories/KL-001-2018-008.txt) *25 June 2018*
+ [packetstormsecurity.com](https://packetstormsecurity.com/files/148313/HP-Enterprise-VAN-SDN-Controller-2.7.18.0503-Remote-Root.html) *Python exploit*
+ [exploit-db.com](https://www.exploit-db.com/exploits/44951/) *Python exploit*
+ [exploit-db.com](https://www.exploit-db.com/exploits/44991/) *Metasploit Module*