Skip to content

izipris/iot-zipris

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

70 Commits

exercises/iot_sec_host

exercises/iot_sec_host

 
 

.gitignore

.gitignore

 
 

README.md

README.md

 
 

Repository files navigation

iot-zipris

Overview

Prerequisites

  • Setup a Mininet environment on a VM (see instructions). If you're using Windows on your local machine, consider working with PuTTY & Xming in order to enable xterm usage in Mininet
  • Setup HPE VAN SDN Controller on a separated VM (see videos). Note: use Ubuntu 14.04.
  • For both VMs, in the Network settings, set Adapter 1 as NAT and Adapter 2 as Host-only Adapter.

Setup

  1. Bring up the VMs of Mininet and the SDN controller.
  2. Clone this project to the Mininet VM and browse to the iot-zipris directory.
  3. Bring up Mininet with the project's topology, OF 1.3 switches and the HPE VAN SDN Controller:

sudo mn --custom exercises/iot_sec_host/infrastructure/iot-zipris-topo.py --topo ziprisTopo --controller=remote,ip=<SDN Controller IP> --switch ovsk,protocols=OpenFlow13 --nat

You can execute in the Mininet terminal the command pingall to make sure that the topology established successfully.
Note: for simulating a realistic environment, post the following requests manually to the SDN controller:

  1. Generate a token for the controller using the request in exercises/iot_sec_host/infrastructure/payloads/request_auth.json
  2. Enable port-mirroring in the main router, so traffic from the home network will be mirrored to the 'security SmartNIC': exercises/iot_sec_host/infrastructure/payloads/request_router_port_mirroring.json
  3. Enable DSCP marking on the home network switches: exercises/iot_sec_host/infrastructure/payloads/request_switch_mark_iot_dscp.json

Usage

The project's topology enables the following hosts:

  1. h1 - the security SmartNIC of the ISP
  2. h2 - an IoT device in the home network #1
  3. h4 - a non-IoT device in the home network #1
  4. h5 - a valid destination of h2
  5. h6 - an invalid destination of h2
  6. h7 - an IoT device in the home network #2
  7. h8 - a valid destination of h7
  8. h9 - an invalid destination of h7

After bringing up the project's Mininet topology, use xterm <host name> in order to control the hosts.
On h1, browse iot-zipris/exercises/iot_sec_host and execute python security_switch/listener.py h1 in order to monitor the traffic to h1 and enable packets classification solution.
On the rest of the hosts, browse iot-zipris/exercises/iot_sec_host and execute python receive_qos.py <host name> in order to monitor the traffic.
Now use Mininet terminal in order to send traffic between the hosts and monitor the network's behavior.

About

Tutorial work project about IoT security

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages