Skip to main content
SpringerLink
Log in
Book cover

International Conference on Security, Privacy and Anonymity in Computation, Communication and Storage

SpaCCS 2016: Security, Privacy, and Anonymity in Computation, Communication, and Storage pp 319–332Cite as

Security in Software-Defined-Networking: A Survey

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 10066))

Abstract

With the development of information and networking technologies, conventional network has been unable to meet the demands of practical applications and network users. A new network paradigm called Software-Defined Networking (SDN) was proposed and got public attention. By decoupling the forwarding and control planes and applying specific protocols, SDN greatly reduces the cost of network management. Moreover, SDN empowers network managers to program their networks with high flexibility. However, there are many network security issues with regard to SDN, which should be solved in order to ensure the final success of SDN. In this paper, we undertake an SDN security survey. We focus on analyzing SDN’s security problems and reviewing existing countermeasures. Meanwhile, we identify the future research directions of SDN security.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Kreutz, D., Ramos, F.M., Verissimo, P.E., Rothenberg, C.E.: Software-defined networking: a comprehensive survey. Proc. IEEE 103(1), 14–76 (2015)

    Article  Google Scholar 

  2. Ali, S.T., Sivaraman, V., Radford, A., Jha, S.: A survey of securing networks using software defined networking. IEEE Trans. Reliab. 64(3), 1086–1097 (2015)

    Article  Google Scholar 

  3. Hawilo, H., Shami, A., Mirahmadi, M., Asal, R.: NFV: state of the art, challenges, and implementation in next generation mobile networks (vEPC). IEEE Netw. 28(6), 18–26 (2014)

    Article  Google Scholar 

  4. Scott-Hayward, S., Natarajan, S., Sezer, S.: A survey of security in software defined networks. IEEE Commun. Surv. Tutorials 18(1), 623–654 (2016)

    Article  Google Scholar 

  5. Dotcenko, S., Vladyko, A., Letenko, I.: A fuzzy logic-based information security management for software-defined networks. In: 16th International Conference on Advanced Communication Technology, pp. 167–171 (2014)

    Google Scholar 

  6. Klaedtke, F., Karame, G.O., Bifulco, R., Cui, H.: Access control for SDN controllers. In: 3rd Workshop on Hot Topics in Software Defined Networking, pp. 219–220 (2014)

    Google Scholar 

  7. Hu, H., Han, W., Ahn, G.J., Zhao, Z.: FLOWGUARD: building robust firewalls for software-defined networks. In: 3rd Workshop on Hot Topics in Software Defined Networking, pp. 97–102 (2014)

    Google Scholar 

  8. Shin, S., Porras, P.A., Yegneswaran, V., Fong, M.W., Gu, G., Tyson, M.: FRESCO: modular composable security services for software-defined networks. In: The ISOC Network and Distributed System Security Symposium, pp. 1–16 (2013)

    Google Scholar 

  9. Lim, S., Ha, J., Kim, H., Kim, Y., Yang, S.: A SDN-oriented DDoS blocking scheme for botnet-based attacks. In: Sixth International Conference on Ubiquitous and Future Networks, pp. 63–68 (2014)

    Google Scholar 

  10. Lim, S., Yang, S., Kim, Y., Yang, S., Kim, H.: Controller scheduling for continued SDN operation under DDoS attacks. Electron. Lett. 51(16), 1259–1261 (2015)

    Article  Google Scholar 

  11. Mousavi, S.M., St-Hilaire, M.: Early detection of DDoS attacks against SDN controllers. In: 2015 International Conference on Computing Networking and Communications (ICNC), pp. 77–81 (2015)

    Google Scholar 

  12. Braga, R., Mota, E., Passito, A.: Lightweight DDoS flooding attack detection using NOX/OpenFlow. In: 35th Annual IEEE Conference on Local Computer Networks, pp. 408–415 (2010)

    Google Scholar 

  13. Oktian, Y.E., Lee, S., Lee, H.: Mitigating denial of service (DoS) attacks in openflow networks. In: 2014 International Conference on Information and Communication Technology Convergence (ICTC), pp. 325–330 (2014)

    Google Scholar 

  14. Belyaev, M., Gaivoronski, S.: Towards load balancing in SDN-networks during DDoS-attacks. In: 2014 International Science and Technology Conference, pp. 1–6 (2014)

    Google Scholar 

  15. Dabbagh, M., Hamdaoui, B., Guizani, M., Rayes, A.: Software-defined networking security: pros and cons. IEEE Commun. Mag. 53(6), 73–79 (2015)

    Article  Google Scholar 

  16. Scott-Hayward, S., Kane, C., Sezer, S.: OperationCheckpoint: SDN application control. In: 2014 IEEE 22nd International Conference on Network Protocols, pp. 618–623 (2014)

    Google Scholar 

  17. Kreutz, D., Ramos, F., Verissimo, P.: Towards secure and dependable software-defined networks. In: 2nd ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, pp. 55–60 (2013)

    Google Scholar 

  18. Chandrasekaran, B., Benson, T.: Tolerating SDN application failures with LegoSDN. In: 13th ACM Workshop on Hot Topics in NetworYks, pp. 22–28 (2014)

    Google Scholar 

  19. Ferguson, A.D., Guha, A., Liang, C., Fonseca, R., Krishnamurthi, S.: Participatory networking: an API for application control of SDNs. ACM SIGCOMM Comput. Commun. Rev. 43(4), 327–338 (2013)

    Article  Google Scholar 

  20. Shin, M.K., Nam, K.H., Kim, H.J.: Software-defined networking (SDN): a reference architecture and open APIs. In: 2012 International Conference on ICT Convergence (ICTC), pp. 360–361 (2012)

    Google Scholar 

  21. Tootoonchian, A., Ganjali, Y.: HyperFlow: a distributed control plane for OpenFlow. In: 2010 Internet Network Management Conference on Research on Enterprise Networking, pp. 3–6 (2010)

    Google Scholar 

  22. Yan, Q., Yu, F.R.: Distributed denial of service attacks in software-defined networking with cloud computing. IEEE Commun. Mag. 53(4), 52–59 (2015)

    Article  Google Scholar 

Download references

Acknowledgments

This work is sponsored by the National Key Research and Development Program of China (grant 2016YFB0800704), the NSFC (grants 61672410 and U1536202), the 111 project (grants B08038 and B16037), the Ph.D. Programs Foundation of Ministry of Education of China (grant JY0300130104), the Project Supported by Natural Science Basic Research Plan in Shaanxi Province of China (Program No. 2016ZDJC-06), and Aalto University.

Author information

Authors and Affiliations

  1. The State Key Laboratory on Integrated Services Networks, School of Cyber Engineering, Xidian University, Xi’an, 710071, China

    Zhen Yao & Zheng Yan

  2. Department of Communications and Networking, Aalto University, 02150, Espoo, Finland

    Zheng Yan

Authors
  1. Zhen Yao
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Zheng Yan
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Zheng Yan .

Editor information

Editors and Affiliations

  1. Guangzhou University, Guangzhou, China

    Guojun Wang

  2. Department of Computer Science, Colorado State University, Fort Collins, Colorado, USA

    Indrakshi Ray

  3. University of the West of Scotland, Paisley, Glasgow, United Kingdom

    Jose M. Alcaraz Calero

  4. Indian Institute of Information Technology and Management, Kerala (IIITMK), Trivandrum, Kerala, India

    Sabu M. Thampi

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer International Publishing AG

About this paper

Cite this paper

Yao, Z., Yan, Z. (2016). Security in Software-Defined-Networking: A Survey. In: Wang, G., Ray, I., Alcaraz Calero, J., Thampi, S. (eds) Security, Privacy, and Anonymity in Computation, Communication, and Storage. SpaCCS 2016. Lecture Notes in Computer Science(), vol 10066. Springer, Cham. https://doi.org/10.1007/978-3-319-49148-6_27

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-49148-6_27

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-49147-9

  • Online ISBN: 978-3-319-49148-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation