Publicação

Proactive discovery and mitigation of security vulnerabilities leveraged by software-defined networks

Ver documento

Detalhes bibliográficos
Resumo:The proactive detection and mitigation of security vulnerabilities in networks managed by Software-Defined Networking (SDN) is essential to ensure their normal operation. This dissertation presents an automated system that detects vulnerabilities in network devices and mitigates their risk, using open-source tools. The Literature Review identified the need for a proactive approach, using standardized risk indicators and automation to improve vulnerability analysis and mitigation, highlighting the need for solutions that incorporate active vulnerability detection tools. The developed system orchestrates automated vulnerability analysis and mitigation through a Security Orchestration, Automation and Response (SOAR) platform, using a vulnerability scanner and applying a mitigation measure, demonstrating Virtual LAN switching through the SDN controller, isolating vulnerable devices. Tests performed in laboratory and virtual environments showed that the proposed architecture is fast and effective, without causing significant delays in the workflow stages, with the exception of vulnerability scanning, whose complexity implies higher execution times. The increase in resource consumption by the vulnerability scanner, when analyzing multiple devices simultaneously, enables the use of this approach for most use cases. However, optimizations will be necessary for deployment in more dynamic networks. The results prove that the proposed approach is capable of detecting and mitigating vulnerabilities quickly and in an automated way.
Autores principais:Polónio, João Francisco Rosa
Assunto:System vulnerability Detection Mitigation Software defined networks Automated operation Network security Vulnerabilidades Deteção Mitigação Redes definidas por software Automação Segurança de rede
Ano:2024
País:Portugal
Tipo de documento:dissertação de mestrado
Tipo de acesso:acesso aberto
Instituição associada:ISCTE
Idioma:inglês
Origem:Repositório ISCTE
Descrição
Resumo:The proactive detection and mitigation of security vulnerabilities in networks managed by Software-Defined Networking (SDN) is essential to ensure their normal operation. This dissertation presents an automated system that detects vulnerabilities in network devices and mitigates their risk, using open-source tools. The Literature Review identified the need for a proactive approach, using standardized risk indicators and automation to improve vulnerability analysis and mitigation, highlighting the need for solutions that incorporate active vulnerability detection tools. The developed system orchestrates automated vulnerability analysis and mitigation through a Security Orchestration, Automation and Response (SOAR) platform, using a vulnerability scanner and applying a mitigation measure, demonstrating Virtual LAN switching through the SDN controller, isolating vulnerable devices. Tests performed in laboratory and virtual environments showed that the proposed architecture is fast and effective, without causing significant delays in the workflow stages, with the exception of vulnerability scanning, whose complexity implies higher execution times. The increase in resource consumption by the vulnerability scanner, when analyzing multiple devices simultaneously, enables the use of this approach for most use cases. However, optimizations will be necessary for deployment in more dynamic networks. The results prove that the proposed approach is capable of detecting and mitigating vulnerabilities quickly and in an automated way.