Skip to main content
SpringerLink
Log in

Survey of Security in Software-Defined Network

  • Conference paper
  • First Online:
Advanced Information Technology, Services and Systems (AIT2S 2017)

Part of the book series: Lecture Notes in Networks and Systems ((LNNS,volume 25))

Abstract

The requirements of cloud computing are putting the traditional networks in tension which influence the quality of the services provided by cloud computing. Therefore, the application of software defined-network (SDN) within cloud computing reinforces the dynamicity and flexibility of cloud. Recently, SDN is the trend in networking and virtualized networks, where, SDN separate the network control plane from the data plane, which leads the management of the network routing from decentered architecture to centered architecture. Despite the advantages of merging the SDN paradigm within the cloud environment, the security issues still in the surface. This paper presents a survey on the security issues in software-defined networking and the challenges faced by admins and providers in order to guarantee a secure environment with a resume about the proposed solution.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Referernces

  1. Khalil, I.M., Khreishah, A., Azeem, M.: Cloud computing security: A survey. Computers 3(1), 1–35 (2014)

    Article  Google Scholar 

  2. Gong, Y., Huang, W., Wang, W., Lei, Y.: A survey on software defined networking and its applications. Front. Comput. Sci. 9(6), 827–845 (2015)

    Article  Google Scholar 

  3. Cisco Inc.: Software-defined networking: why we like it and how we are building on it, White Paper (2013)

    Google Scholar 

  4. McKeown, N., Anderson, T., Balakrishnan, H., Parulkar, G., Peterson, L., Rexford, J., Turner, J.: OpenFlow: enabling innovation in campus networks. ACM SIGCOMM Comput. Commun. Rev. 38(2), 69–74 (2008)

    Article  Google Scholar 

  5. Ahmad, I., Nama, S., Ylianttila, M., Gurtov, A.: Security in software defined networks: A survey. IEEE Commun. Surv. Tutorials 17(4), 2317–2346 (2015)

    Article  Google Scholar 

  6. Rawat, D.B., Reddy, S.R.: Software defined networking architecture, security and energy efficiency: A survey. IEEE Commun. Surv. Tutorials 19(1), 1–22 (2016)

    Google Scholar 

  7. Kemmer, F., Reich, C., Knahl, M., Nathan, C.: Software defined privacy. In: IEEE International Conference on Cloud Engineering Workshop, pp. 25–29 (2016)

    Google Scholar 

  8. Han, B., Gopalakrishnan, V., Ji, L.S., Lee, S.J.: Network function virtualization: challenges and opportunities for innovations. IEEE Commun. Mag. 53(2), 90–97 (2015)

    Article  Google Scholar 

  9. Yang, W., Fung, C.: A survey on security in network functions virtualization. In: IEEE NetSoft Conference and Workshops (NetSoft), pp. 15–19 (2016)

    Google Scholar 

  10. Hu, F., Hao, Q., Bao, K.: A survey on software-defined network and OpenFlow from concept to implementation. IEEE Commun. Surv. Tutorials 16(4), 2181–2206 (2014)

    Article  Google Scholar 

  11. Shu, Z., Wan, J., Li, D., Lin, J., Vasilakos, A.V., Imran, M.: Security in software-defined networking: Threats and countermeasures. Mobile Netw. Appl. 21(5), 764–776 (2016)

    Article  Google Scholar 

  12. Bernardo, D.V.: Software-defined networking and network function virtualization security architecture (2017). https://tools.ietf.org/html/draft-bernardo-sec-arch-sdnnvf-architecture-00

  13. Namal, S., Ahmad, I., Gurtov, A., Ylianttila, M.: SDN based intertechnology load balancing leveraged by flow admission control. In: IEEE SDN for Future Networks and Services, pp. 1–5 (2013)

    Google Scholar 

  14. Kreutz, D., Ramos, F.M., Verissimo, P.E., Rothenberg, C.E., Azodolmolky, S., Uhlig, S.: Software-defined networking: A Comprehensive survey. Proc. IEEE 103(1), 14–76 (2015)

    Article  Google Scholar 

  15. Stallings, W.: Software-defined networks and OpenFlow. Internet Protoc. J. 16 (2015)

    Google Scholar 

  16. Top ten web application vulnerabilities (2017). https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project

  17. Green, M., Smith, M.: Developers are not the enemy!: the need for usable security APIs. IEEE Secur. Priv. 14(5), 40–46 (2016)

    Article  Google Scholar 

  18. Zhang, P., Wang, H., Hu, C., Lin, C.: On denial of service attacks in software defined networks. IEEE Netw. 30(6), 28–33 (2016)

    Article  Google Scholar 

  19. Brezetz, S.B., Kamga, G.B., Balla, M.N., Criton, T., Jebalia, H.: SDN-based trusted path in a multi-domain network. In: IEEE International Conference on Cloud Engineering Workshop, pp. 19–24 (2016)

    Google Scholar 

  20. Benton, K., Camp, L.J., Small, C.: OpenFlow vulnerability assessment. In: 2nd ACM SIGCOMM workshop on Hot Topics in Software Defined Networking, pp. 151–152 (2013)

    Google Scholar 

  21. Wen, X., Chen, Y., Hu, C., Shi, C., Wang, Y.: Towards a secure controller platform for openflow applications. In: The Second ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, pp. 171–172 (2013)

    Google Scholar 

  22. Canini, M., Venzano, D., Peresini, P., Kostic, D., Rexford, J.: A NICE way to test OpenFlow applications. In: The 9th USENIX Conference on Networked Systems Design and Implementation (2012)

    Google Scholar 

  23. Yu, D., Moore, A.W., Hall, C., Anderson, R.: Authentication for resilience: The case of SDN. In: Security Protocols XXI. Springer, Berlin, pp. 39–44 (2013)

    Google Scholar 

  24. Security Enhanced (SE) Floodlight (2017). http://www.openflowsec.org/Technologies.html

  25. Mattos, D.M.F., Ferraz, L.H.G., Duarte, O.C.M.B.: AuthFlow: Authentication and access control mechanism for software defined networking. Univ. Federal Rio Janeiro, Rio de Janeiro, Brazil (2014)

    Google Scholar 

  26. Ball, T., Bjmer, N., Gember, A., Itzhaky, S., Karbyshev, A., Sagiv, M., Valadarsky, A.: Vericon: towards verifying controller programs in software-defined networks. ACM SIGPLAN Not. 49(6), 282–293 (2014)

    Article  Google Scholar 

  27. Porras, P., Shin, S., Yegneswaran, V., Fong, M., Tyson, M., Gu, G.: A security enforcement kernel for OpenFlow networks. In: 1st Workshop Hot Topics Software Defined Network, pp. 121–126 (2012)

    Google Scholar 

  28. Chandrasekaran, B., Benson, T.: Tolerating SDN application failures with LegoSDN. In: Proceedings of the 13th ACM Workshop Hot Topics Network (2014)

    Google Scholar 

  29. Shin, S., et al.: Rosemary: A robust, secure, and high-performance network operating system. In: ACM Conference on Computer and Communications Security, pp. 78–89 (2014)

    Google Scholar 

  30. Kazemian, P., Chan, M., Zeng H., Varghese, G., McKeown, N., Whyte, S.: Real time network policy checking using header space analysis. In: USENIX Symposium on Networked Systems Design and Implementation, pp. 99–111 (2013)

    Google Scholar 

  31. Mai, H., Khurshid, A., Agarwal, R., Caesar, M., Godfrey, P., King, S.: Debugging the data plane with anteater. ACM SIGCOMM Comput. Commun. Rev. 41(4), 290–301 (2011)

    Article  Google Scholar 

  32. Son, S., Shin, S., Yegneswaran, V., Porras, P., Gu, G.: Model checking invariant security properties in OpenFlow. In: International Conference on Communications (ICC), pp. 1974–1979 (2013)

    Google Scholar 

  33. Shin, S., Porras, P., Yegneswaran, V., Fong, M., Gu, G., Tyson, M.: FRESCO: Modular composable security services for software-defined Networks. In: Network and Distributed Security Symposium, pp. 1–16 (2013)

    Google Scholar 

  34. Wang, H., Xu, L., Gu, G.: FloodGuard: a dos attack prevention extension in software-defined networks. In: 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), pp. 239–250 (2015)

    Google Scholar 

  35. Suh, J., Choi, H. G., Yoon, W., You, T., Kwon, T., Choi, Y.: Implementation of a content-oriented networking architecture (CONA): a focus on DDoS countermeasure. In: European NetFPGA Developers Workshop (2010)

    Google Scholar 

  36. Tootoonchian, A., Ganjali, Y.: HyperFlow: a distributed control plane for OpenFlow. In: The 2010 Internet Network Management Conference on Research on Enterprise Networking. USENIX Association, p. 3 (2010)

    Google Scholar 

  37. Voellmy, A., Wang, J.: Scalable software defined network controllers. In: The ACM SIGCOMM 2012 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communication, pp. 289–290 (2012)

    Google Scholar 

  38. Phemius, K., Bouet, M., Leguay, J.: DISCO: Distributed SDN controllers in a multi-domain environment. In: IEEE Network Operations and Management Symposium (NOMS), pp. 1–4 (2014)

    Google Scholar 

  39. Yao, G., Bi, J., Xiao, P.: Source address validation solution with OpenFlow/NOX architecture. In: 19th IEEE International Conference on Network Protocols (ICNP), pp. 7–12 (2011)

    Google Scholar 

  40. Sherwood, R., Gibb, G., Yap, K.K., Appenzeller, G., Casado, M., McKeown, N., Parulkar, G.: Flowvisor: a network virtualization layer. OpenFlow Switch Consortium, Technical Report (2009)

    Google Scholar 

  41. Khurshid, A., Zhou, W., Caesar, M., Godfrey, P.: Veriflow: verifying network-wide invariants in real time. In: ACM SIGCOMM Computer Communication Review, pp. 467–472 (2012)

    Google Scholar 

  42. Scott-Hayward, S., Natarajan, S., Sezer, S.: A survey of security in software defined networks. IEEE Commun. Surv. Tutorials 18(1), 623–654 (2015)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. LISTI, National School of Applied Sciences, Ibn Zohr University, Agadir, Morocco

    Nadya El Moussaid, Ahmed Toumanari & Maryam El Azhari

Authors
  1. Nadya El Moussaid
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ahmed Toumanari
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Maryam El Azhari
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Nadya El Moussaid .

Editor information

Editors and Affiliations

  1. Faculty of Sciences and Technologies, Tangier, Morocco

    Mostafa Ezziyyani

  2. Faculty of Sciences and Technologies, University Hassan 1st, Settat, Morocco

    Mohamed Bahaj

  3. Faculty of Sciences and Technologies, Mohammedia, Morocco

    Faddoul Khoukhi

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer International Publishing AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

El Moussaid, N., Toumanari, A., El Azhari, M. (2018). Survey of Security in Software-Defined Network. In: Ezziyyani, M., Bahaj, M., Khoukhi, F. (eds) Advanced Information Technology, Services and Systems. AIT2S 2017. Lecture Notes in Networks and Systems, vol 25. Springer, Cham. https://doi.org/10.1007/978-3-319-69137-4_21

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-69137-4_21

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-69136-7

  • Online ISBN: 978-3-319-69137-4

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation