Security in Software-Defined-Networking: A Survey

With the development of information and networking technologies, conventional network has been unable to meet the demands of practical applications and network users. A new network paradigm called Software-Defined Networking (SDN) was proposed and got public attention. By decoupling the forwarding and control planes and applying specific protocols, SDN greatly reduces the cost of network management. Moreover, SDN empowers network managers to program their networks with high flexibility. However, there are many network security issues with regard to SDN, which should be solved in order to ensure the final success of SDN. In this paper, we undertake an SDN security survey. We focus on analyzing SDN’s security problems and reviewing existing countermeasures. Meanwhile, we identify the future research directions of SDN security.

[1]  Sakir Sezer,et al.  A Survey of Security in Software Defined Networks , 2016, IEEE Communications Surveys & Tutorials.

[2]  Fernando M. V. Ramos,et al.  Software-Defined Networking: A Comprehensive Survey , 2014, Proceedings of the IEEE.

[3]  Ghassan O. Karame,et al.  Access control for SDN controllers , 2014, HotSDN.

[4]  Andrei Vladyko,et al.  A fuzzy logic-based information security management for software-defined networks , 2014, 16th International Conference on Advanced Communication Technology.

[5]  Rodrigo Braga,et al.  Lightweight DDoS flooding attack detection using NOX/OpenFlow , 2010, IEEE Local Computer Network Conference.

[6]  Sanjay Jha,et al.  A Survey of Securing Networks Using Software Defined Networking , 2015, IEEE Transactions on Reliability.

[7]  Chen Liang,et al.  Participatory networking: an API for application control of SDNs , 2013, SIGCOMM.

[8]  Gail-Joon Ahn,et al.  FLOWGUARD: building robust firewalls for software-defined networks , 2014, HotSDN.

[9]  Marc St-Hilaire,et al.  Early detection of DDoS attacks against SDN controllers , 2015, 2015 International Conference on Computing, Networking and Communications (ICNC).

[10]  Mabry Tyson,et al.  FRESCO: Modular Composable Security Services for Software-Defined Networks , 2013, NDSS.

[11]  Mohsen Guizani,et al.  Software-defined networking security: pros and cons , 2015, IEEE Communications Magazine.

[12]  Hyogon Kim,et al.  Controller scheduling for continued SDN operation under DDoS attacks , 2015 .

[13]  Fernando M. V. Ramos,et al.  Towards secure and dependable software-defined networks , 2013, HotSDN '13.

[14]  Sakir Sezer,et al.  OperationCheckpoint: SDN Application Control , 2014, 2014 IEEE 22nd International Conference on Network Protocols.

[15]  Theophilus Benson,et al.  Tolerating SDN Application Failures with LegoSDN , 2014, HotNets.

[16]  Myung-Ki Shin,et al.  Software-defined networking (SDN): A reference architecture and open APIs , 2012, 2012 International Conference on ICT Convergence (ICTC).

[17]  Abdallah Shami,et al.  NFV: state of the art, challenges, and implementation in next generation mobile networks (vEPC) , 2014, IEEE Network.

[18]  Yashar Ganjali,et al.  HyperFlow: A Distributed Control Plane for OpenFlow , 2010, INM/WREN.

[19]  Yustus Eko Oktian,et al.  Mitigating Denial of Service (DoS) attacks in OpenFlow networks , 2014, 2014 International Conference on Information and Communication Technology Convergence (ICTC).

[20]  M. Belyaev,et al.  Towards load balancing in SDN-networks during DDoS-attacks , 2014, 2014 First International Science and Technology Conference (Modern Networking Technologies) (MoNeTeC).

[21]  F. Richard Yu,et al.  Distributed denial of service attacks in software-defined networking with cloud computing , 2015, IEEE Communications Magazine.

[22]  H. Kim,et al.  A SDN-oriented DDoS blocking scheme for botnet-based attacks , 2014, 2014 Sixth International Conference on Ubiquitous and Future Networks (ICUFN).