LST 2.0: Emulated Container-BasedTestbed for Secure SDN
Abstract
Not all emulated testbeds are suitable for security experimentation. Often security testbeds are restricted to their application context or are based on other technologies which have configurability and security application limitations (e.g. Mininet). While other proposals allow greater configurability, they do not focus on security applications or are not inserted in the context of SDN networks. To address the identified research gap, the Lightweight SDN Testbed (LST 2.0) is proposed. LST 2.0 is a lightweight tool capable of supporting different application contexts both for security and SDN networks programmatically and in real-time through Python. It is possible to monitor the network and collect metrics using Netflow, sFlow, IPFIX, or CICFlowMeter. In addition, pre-built Docker images are available for emulating both benign and malicious network flows.
Keywords:
SDN, Testbed, Emulation, Container, Lightweight, Real Time
References
A. Alashhab, e. a. (2021). Experimenting and evaluating the impact of dos attacks on different sdn controllers. In IEEE 1st International Maghreb Meeting of the Conference on Sciences and Techniques of Automatic Control and Computer Engineering MI-STA. IEEE.
D. Kreutz, e. a. (2015). Software-defined networking: A comprehensive survey. In Proceedings of the IEEE, volume 103. IEEE.
E. Petersen, M. A. (2020). Docksdn: A hybrid container-based sdn emulation tool. In 2020 IEEE Latin-American Conference on Communications (LATINCOM). IEEE.
H. Lashkari, e. a. (2017). Characterization of tor traffic using time based features. In Proceedings of the 3rd International Conference on Information Systems Security and Privacy - ICISSP.
I. Sumantra, S. G. (2020). Ddos attack detection and mitigation in software defined networks. In International Conference on System, Computation, Automation and Networking (ICSCAN). IEEE.
K. Raghunath, P. K. (2018). Towards a secure sdn architecture. In 9th International Conference on Computing, Communication and Networking Technologies (ICCCNT). IEEE.
M. Khan, O. Rehman, I. R. (2020). Lightweight testbed for cybersecurity experiments in scada-based systems. In 020 International Conference on Computing and Information Technology 10 Sep. 2020, volume 1. IEEE, Tabuk, Saudi Arabia.
M. Ring, e. a. (2017). Flowbased benchmark datasets for intrusion detection. In Proceedings of the 16 th European Conference on Cyber Warfare and Security (ECCWS), page 361369. ACPI.
O. Flauzac, E. R. (2019). Is mininet the right solution for an sdn testbed? In IEEE Global Communications Conference (GLOBECOM). IEEE.
P. Maity, e. a. (2020). An effective probabilistic technique for ddos detection in openflow controller. In IEEE Systems Journal, volume 16. IEEE.
R. Chadha, e. a. (2016). Cybervan: A cyber security virtual assured network testbed. In MILCOM 2016 - 2016 IEEE Military Communications Conference. IEEE.
R. Meena, e. a. (2020). Ryu sdn controller testbed for performance testing of source address validation techniques. In 3rd International Conference on Emerging Technologies in Computer Engineering: Machine Learning and Internet of Things (ICETCE). IEEE.
X. Zhang, N. Prabhu, R. T. (2020). Nestednet: A container-based prototyping tool for hierarchical software defined networks. In International Workshop on Rapid System Prototyping (RSP). IEEE.
D. Kreutz, e. a. (2015). Software-defined networking: A comprehensive survey. In Proceedings of the IEEE, volume 103. IEEE.
E. Petersen, M. A. (2020). Docksdn: A hybrid container-based sdn emulation tool. In 2020 IEEE Latin-American Conference on Communications (LATINCOM). IEEE.
H. Lashkari, e. a. (2017). Characterization of tor traffic using time based features. In Proceedings of the 3rd International Conference on Information Systems Security and Privacy - ICISSP.
I. Sumantra, S. G. (2020). Ddos attack detection and mitigation in software defined networks. In International Conference on System, Computation, Automation and Networking (ICSCAN). IEEE.
K. Raghunath, P. K. (2018). Towards a secure sdn architecture. In 9th International Conference on Computing, Communication and Networking Technologies (ICCCNT). IEEE.
M. Khan, O. Rehman, I. R. (2020). Lightweight testbed for cybersecurity experiments in scada-based systems. In 020 International Conference on Computing and Information Technology 10 Sep. 2020, volume 1. IEEE, Tabuk, Saudi Arabia.
M. Ring, e. a. (2017). Flowbased benchmark datasets for intrusion detection. In Proceedings of the 16 th European Conference on Cyber Warfare and Security (ECCWS), page 361369. ACPI.
O. Flauzac, E. R. (2019). Is mininet the right solution for an sdn testbed? In IEEE Global Communications Conference (GLOBECOM). IEEE.
P. Maity, e. a. (2020). An effective probabilistic technique for ddos detection in openflow controller. In IEEE Systems Journal, volume 16. IEEE.
R. Chadha, e. a. (2016). Cybervan: A cyber security virtual assured network testbed. In MILCOM 2016 - 2016 IEEE Military Communications Conference. IEEE.
R. Meena, e. a. (2020). Ryu sdn controller testbed for performance testing of source address validation techniques. In 3rd International Conference on Emerging Technologies in Computer Engineering: Machine Learning and Internet of Things (ICETCE). IEEE.
X. Zhang, N. Prabhu, R. T. (2020). Nestednet: A container-based prototyping tool for hierarchical software defined networks. In International Workshop on Rapid System Prototyping (RSP). IEEE.
Published
2022-09-12
How to Cite
KAIHARA, Alexandre M.; BONDAN, Lucas; GONDIM, João J. C.; RODRIGUES, Gabriel S.; MAROTTA, Marcelo A.; RODRIGUES, Genaína N..
LST 2.0: Emulated Container-BasedTestbed for Secure SDN. In: TOOLS - BRAZILIAN SYMPOSIUM ON CYBERSECURITY (SBSEG), 22. , 2022, Santa Maria.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2022
.
p. 111-118.
DOI: https://doi.org/10.5753/sbseg_estendido.2022.227024.
