Análisis de vulnerabilidades Insider contra ataques de Denegación de Servicio (DoS) en Redes Definidas por Software.

Abstract

The objective of this research work consisted in the analysis of vulnerabilities of DoS denial of service attacks in software-defined networks (SDN), for which a simulated network was implemented in the GNS3 VM software, with several devices: Opendaylight controller, open switches, clients, DHCP and servers. DNS. HTTP. VolP and FTP. For the analysis of vulnerabilities, it was decided to use the OCTAVE methodology, comprised in three stages; first: identification of assets and threats of the organization, second: vulnerability scanning and third: implementation of the contingency plan. For the development of phase two, the Obsolete Open vas was used to help select (alias in the network, as well as its affected features and devices, after that they were classified to determine those that affect availability, such as version and HTTP service type, brute-force login in HTTP with default credentials, determine the ICMP dialing time After completing this step, the Denial of Service Ships were executed: HTTP, DHCP and DNS, to exhaust the resources used by the system, and be able to demonstrate the behavior of the network, based on the indicators: bandwidth and latency. It concludes that in the case of the bandwidth before the attack, the impact was not more than 34% effective, but later they even showed values of 71% and 84%, while the latency before the threat were less than 1.5 milliseconds and then it rises to 4,779 milliseconds, which means that there is over processing. At the same time, a guide of good practices was developed, where a decrease in vulnerabilities was observed. It is recommended to change credentials to the controller to prevent unauthorized entries and also create exact flow rules for each action.