Sdn Security: A Survey

IEEE Communications Surveys & Tutorials, 2016

The proposition of increased innovation in network applications and reduced cost for network operators has won over the networking world to the vision of Software-Defined Networking (SDN). With the excitement of holistic visibility across the network and the ability to program network devices, developers have rushed to present a range of new SDN-compliant hardware, software and services. However, amidst this frenzy of activity, one key element has only recently entered the debate: Network Security. In this article, security in SDN is surveyed presenting both the research community and industry advances in this area. The challenges to securing the network from the persistent attacker are discussed and the holistic approach to the security architecture that is required for SDN is described. Future research directions that will be key to providing network security in SDN are identified.

IEEE Communications Magazine, 2015

Software-Defined Networking (SDN) is a new networking paradigm that decouples the forwarding and control planestraditionally being coupled with one another-while adopting a logically centralized architecture aiming to increase network agility and programability. While many efforts are currently being made to standardize this emerging paradigm, careful attentions need to be paid to security at this early design stage too, rather than waiting until the technology becomes mature, thereby potentially avoiding previous pitfalls made when designing the Internet in the 80's. This article focuses on the security aspects of SDN networks. We begin by discussing the new security pros that SDN brings and by showing how some of the long-lasting issues in network security can be addressed by exploiting SDN capabilities. Then, we describe the new security threats that SDN is faced with and discuss possible techniques that can be used to prevent and mitigate such threats.

IAEME PUBLICATION, 2016

Software Defined Networking (SDN) is the latest paradigm shift in the domain of enterprise networking with clear & distinct advantages over classical view of networking. Many models and architectures are being proposed to take advantage of the inherent advantages. The academia and industry is excited about the possibilities of innovations. Although the advantages are obvious, there have been concerns raised about the security of SDN. In this paper we have highlighted the various challenges that are faced by academia and industry while implementing SDN in carrier and enterprise markets. We have identified security concerns in SDN and have tried to apply classical and modern security primitives to this new paradigm. We realize that the security primitives have to be embedded at the protocol and architecture levels for a smooth and seamless solution. This paper presents a review on security challenges of SDN.

Networks of the Future, 2017

The future networks are expected to lead a hyper-connected society with the promise of high social and economic value. The goal is to solve today's network problems and provide satisfactory security. Thus, the future networks require a flexible infrastructure that is secure against cyberattacks. Software defined networking (SDN) can be considered as one of the building blocks of upcoming networking technologies. In this chapter, first, the limitations of today's networks are presented. Then, solutions to secure the networks with SDN components are given. This concept is referred to as "SDN for Security." While SDN facilitates securing networks in general, it introduces additional challenges, mainly, the vulnerabilities of the SDN components such as the controller have to be addressed. Security for SDN aims at securing SDN assets and is discussed in the sequel. After reading this chapter, readers will obtain a comprehensive overview of the limitations of traditional networks, such as how SDN overcomes those limitations and the security issues thereof.

International Journal of Applied Mathematics, Electronics and Computers, 2016

The number of devices connected to the Internet is increasing, data centers are growing continuously and computer networks are getting more complex. Traditional network management approach is becoming more difficult and insufficient. Software-Defined Networks (SDN) is a new generation networking approach which is expected to take place of the traditional computer networks. SDN architecture provides effective management of the large and complex networks. Although SDN have benefits from the network security perspective, it also brings new attack vectors. We believe that the network security problems in SDN architecture need more advanced solutions. In this work, a survey on the SDN security problems is presented, challenges are discussed. In this context, security threats and attack surfaces in SDN are described, the significant SDN security solution examples in the literature are given.

International Journal of Computer Networks and Applications (IJCNA), 2022

In the current digitalized world, everything is interconnected and accessible from everywhere. Although traditional networks are widely adopted, their management is complicated. Therefore, they are not effective in providing services to the future Internet like a wide range of accessibility, high bandwidth, management, and security. On the other hand, Traditional network architecture relies on manual configurations of proprietary devices that are error-prone and inefficient to utilize the network devices properly. Softwaredefined Networking (SDN) has drawn massive changes in the traditional network paradigm by decoupling the network operations from the physical hardware and encouraging network control to be logically centralized. It provides network programmability and improves security by enabling a global view of the entire network and issues handled effectively by the centralized controller. As a result, SDN allows networks to monitor the traffic and detect vulnerabilities more effectively. It also simplifies the deployment of new services with more flexibility at a faster pace. On the other hand, the decoupling of control and the data planes introduces security threats such as Distributed Denial of Service (DDoS) attacks, Man in the Middle attacks, Saturation attacks, etc. As a result, SDN has attracted a lot of interest from both academics and industry. In this paper, we study security vulnerabilities on layers of SDN, the security frameworks that protect each layer, and many security methodologies for network-wide security.

International Journal of Reconfigurable and Embedded Systems (IJRES)

In software-defined networking (SDN), network traffic is managed by software controllers or application programming interfaces (APIs) rather than hardware components. It differs from traditional networks, which use switches and routers to control traffic. Using SDN, you can create and control virtual networks or traditional hardware networks. Furthermore, OpenFlow allows network administrators to control exact network behavior through centralized control of packet forwarding. For these reasons, SDN has advantages over certain security issues, unlike traditional networks. However, most of the existing vulnerabilities and security threats in the traditional network also impact the SDN network. This document presents the attacks targeting the SDN network and the solutions that protect against these attacks. In addition, we introduce a variety of SDN security controls, such as intrusion detection systems (IDS)/intrusion prevention system (IPS), and firewalls. Towards the end, we outline...

AIP Conference Proceedings

Software Defined Networking (SDN) is new paradigms type of networking that is a programmable network and overcomes the challenges like, network scalability and management of the traditional networks. While programmable network is growing, the security challenges are increasing for different applications. Software Defined Networking manages control planes and data planes separately, where the controller at control planes decides the path at run time and data plane forwards the packets based on controller's decisions. The applications of software are increasing day by day including in communication traffic in SDN, and therefore different applications of different industries and societies faces various challenges related to it. This paper examines the software defined programmable network and view the challenges due to security issues of programmable networking. Finally, this paper discussed with its security impacts and gives concluding remarks.

International Journal of Applied Metaheuristic Computing

Software defined networking (SDN), a new attempt in addressing the existing challenges in the legacy network architecture, is lime-lighted due to its simplified approach in managing the networks and its capability of programmability. In progressing with software defined networks implementation, security remains a high priority focus. The advantage of SDN itself opens a wide ground in posing new security threats and challenges. Focusing on the security of the SDN is a prime factor as it reflects on the growth of SDN technology implementation. This article focuses on the various existing security solutions available for SDN and the real challenge in securing the SDN providing the researchers a paved platform to work on further securing the networks. This article is designed with an introduction on SDN, its architecture, the available security solutions for the network, the leveraging threats and type of attack possibilities in SDN. This article concludes with the requirements of secur...

IEEE Access

Software-Defined networking (SDN) is a networking paradigm to enable dynamic, flexible, and programmatically efficient configuration of networks to revolutionize network control and management via separation of the control plane and data plane. The SDN technology has evolved in response to the demands from large data centers toward all types of networks, from IoT, enterprise, to ISP networks. On the one hand, SDN has provided solutions for high-demand resources, managing unpredictable data traffic patterns, and rapid network reconfiguration. It is further used to enhance network virtualization and security. On the other hand, SDN is still subject to many traditional network security threats. It also introduces new security vulnerabilities, primarily due to its logically centralized control plane infrastructure and functions. In this paper, we conduct a comprehensive survey on the core functionality of SDN from the perspective of secure communication infrastructure at different scales. A specific focus is put forward to address the challenges in securing SDN-based communications, with efforts taken up to address them. We further categorize the appropriate solutions for specific threats at each layer of SDN infrastructures. Lastly, security implications and future research trends are highlighted to provide insights for future research.