Publicação
Proactive discovery and mitigation of security vulnerabilities leveraged by software-defined networks
| Resumo: | The proactive detection and mitigation of security vulnerabilities in networks managed by Software-Defined Networking (SDN) is essential to ensure their normal operation. This dissertation presents an automated system that detects vulnerabilities in network devices and mitigates their risk, using open-source tools. The Literature Review identified the need for a proactive approach, using standardized risk indicators and automation to improve vulnerability analysis and mitigation, highlighting the need for solutions that incorporate active vulnerability detection tools. The developed system orchestrates automated vulnerability analysis and mitigation through a Security Orchestration, Automation and Response (SOAR) platform, using a vulnerability scanner and applying a mitigation measure, demonstrating Virtual LAN switching through the SDN controller, isolating vulnerable devices. Tests performed in laboratory and virtual environments showed that the proposed architecture is fast and effective, without causing significant delays in the workflow stages, with the exception of vulnerability scanning, whose complexity implies higher execution times. The increase in resource consumption by the vulnerability scanner, when analyzing multiple devices simultaneously, enables the use of this approach for most use cases. However, optimizations will be necessary for deployment in more dynamic networks. The results prove that the proposed approach is capable of detecting and mitigating vulnerabilities quickly and in an automated way. |
|---|---|
| Autores principais: | Polónio, João Francisco Rosa |
| Assunto: | System vulnerability Detection Mitigation Software defined networks Automated operation Network security Vulnerabilidades Deteção Mitigação Redes definidas por software Automação Segurança de rede |
| Ano: | 2024 |
| País: | Portugal |
| Tipo de documento: | dissertação de mestrado |
| Tipo de acesso: | acesso aberto |
| Instituição associada: | ISCTE |
| Idioma: | inglês |
| Origem: | Repositório ISCTE |
| Resumo: | The proactive detection and mitigation of security vulnerabilities in networks managed by Software-Defined Networking (SDN) is essential to ensure their normal operation. This dissertation presents an automated system that detects vulnerabilities in network devices and mitigates their risk, using open-source tools. The Literature Review identified the need for a proactive approach, using standardized risk indicators and automation to improve vulnerability analysis and mitigation, highlighting the need for solutions that incorporate active vulnerability detection tools. The developed system orchestrates automated vulnerability analysis and mitigation through a Security Orchestration, Automation and Response (SOAR) platform, using a vulnerability scanner and applying a mitigation measure, demonstrating Virtual LAN switching through the SDN controller, isolating vulnerable devices. Tests performed in laboratory and virtual environments showed that the proposed architecture is fast and effective, without causing significant delays in the workflow stages, with the exception of vulnerability scanning, whose complexity implies higher execution times. The increase in resource consumption by the vulnerability scanner, when analyzing multiple devices simultaneously, enables the use of this approach for most use cases. However, optimizations will be necessary for deployment in more dynamic networks. The results prove that the proposed approach is capable of detecting and mitigating vulnerabilities quickly and in an automated way. |
|---|