Loading [MathJax]/extensions/TeX/AMSmath.js
Security in Software Defined Networks: A Survey | IEEE Journals & Magazine | IEEE Xplore

Security in Software Defined Networks: A Survey


Abstract:

Software defined networking (SDN) decouples the network control and data planes. The network intelligence and state are logically centralized and the underlying network i...Show More

Abstract:

Software defined networking (SDN) decouples the network control and data planes. The network intelligence and state are logically centralized and the underlying network infrastructure is abstracted from applications. SDN enhances network security by means of global visibility of the network state where a conflict can be easily resolved from the logically centralized control plane. Hence, the SDN architecture empowers networks to actively monitor traffic and diagnose threats to facilitates network forensics, security policy alteration, and security service insertion. The separation of the control and data planes, however, opens security challenges, such as man-in-the middle attacks, denial of service (DoS) attacks, and saturation attacks. In this paper, we analyze security threats to application, control, and data planes of SDN. The security platforms that secure each of the planes are described followed by various security approaches for network-wide security in SDN. SDN security is analyzed according to security dimensions of the ITU-T recommendation, as well as, by the costs of security solutions. In a nutshell, this paper highlights the present and future security challenges in SDN and future directions for secure SDN.
Published in: IEEE Communications Surveys & Tutorials ( Volume: 17, Issue: 4, Fourthquarter 2015)
Page(s): 2317 - 2346
Date of Publication: 27 August 2015

ISSN Information:


References

References is not available for this document.