Abstract
Nowadays, cyberspace has become a vital part of social infrastructure. With the rapid development of the scale of networks, applications and services have become enriched, and the bearing function of the underlying network devices (such as switches and routers) has also been extended. To promote the dynamics architecture, high-level security, and high quality of service of the network, control network architecture forward separation is a development trend of the networking technology. Currently, software-defined networking (SDN) is one of the most popular and promising technologies. In SDN, high-level strategies are deployed by the proprietary equipment, which is used to guide the data forwarding of the network equipment. This can reduce many complicated functions of the network equipment and improve the flexibility and operability of the implementation and deployment of new network technologies and protocols. However, this novel networking technology faces novel challenges in term of architecture and security. The aim of this study is to offer a comprehensive review of the state-of-the-art research on novel advances of programmable SDN, and to highlight what has been investigated and what remains to be addressed, particularly, in terms of architecture and security.
Similar content being viewed by others
References
Ali ST, Sivaraman V, Radford A, et al., 2015. A survey of securing networks using software defined networking. IEEE Trans Reliab, 64(3):1086–1097. https://doi.org/10.1109/TR.2015.2421391
Benton K, Camp LJ, Small C, 2013. OpenFlow vulnerability assessment. 2nd ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, p.151–152. https://doi.org/10.1145/2491185.2491222
Botelho F, Bessani A, Ramos FMV, et al., 2014. On the design of practical fault–tolerant SDN controllers. 3rd European Workshop on Software Defined Networks, p.73–78. https://doi.org/10.1109/EWSDN.2014.25
Braga R, Mota E, Passito A, 2010. Lightweight DDoS flooding attack detection using NOX/OpenFlow. IEEE Local Computer Network Conf, p.408–415. https://doi.org/10.1109/LCN.2010.5735752
Casado M, Freedman MJ, Pettit J, et al., 2007. Ethane: taking control of the enterprise. Conf on Applications, Technologies, Architectures, and Protocols for Computer Communications, p.1–12. https://doi.org/10.1145/1282380.1282382
Cheng YN, Dong C, Chu LW, et al., 2015. Design and implementation of software–defined networking based firewall system. Comput Appl Softw, 32(1):286–288, 312 (in Chinese). https://doi.org/10.3969/j.issn.1000-386x.2015.01.072
David K, Berndt H, 2018. 6G vision and requirements: is there any need for beyond 5G? IEEE Veh Technol Mag, 13(3): 72–80. https://doi.org/10.1109/MVT.2018.2848498
European Telecommunications Standards Institute, 2012. Network Functions Virtualisation. https://doi.org/portal.etsi.org/nfv/nfv_white_paper.pdf
Fayazbakhsh SK, Sekar V, Yu ML, et al., 2013. FlowTags: enforcing network–wide policies in the presence of dynamic middlebox actions. 2nd ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, p.19–24. https://doi.org/10.1145/2491185.2491203
Feng MJ, Mao SW, Jiang T, 2016. Enhancing the performance of future wireless networks with software–defined networking. Front Inform Technol Electron Eng, 17(7):606–619. https://doi.org/10.1631/FITEE.1500336
Gelberger A, Yemini N, Giladi R, 2013. Performance analysis of software–defined networking (SDN). IEEE 21st Int Symp on Modelling, Analysis and Simulation of Computer and Telecommunication Systems, p.389–393. https://doi.org/10.1109/MASCOTS.2013.58
Greenberg A, Hjalmtysson G, Maltz DA, et al., 2005. A clean slate 4D approach to network control and management. ACM SIGCOMM Comput Commun Rev, 35(5):41–54. https://doi.org/10.1145/1096536.1096541
Guan ZT, Zhang Y, Wu LF, et al., 2019. APPA: an anonymous and privacy preserving data aggregation scheme for fog–enhanced IoT. J Netw Comput Appl, 125:82–92. https://doi.org/10.1016/j.jnca.2018.09.019
Gude N, Koponen T, Pettit J, et al., 2008. NOX: towards an operating system for networks. ACM SIGCOMM Comput Commun Rev, 38(3):105–110. https://doi.org/10.1145/1384609.1384625
Handigol N, Heller B, Jeyakumar V, et al., 2012. Where is the debugger for my software–defined network? 1st Workshop on Hot Topics in Software Defined Networks, p.55–60. https://doi.org/10.1145/2342441.2342453
Hata H, 2013. A study of requirements for SDN switch platform. Int Symp on Intelligent Signal Processing and Communication Systems, p.79–84. https://doi.org/10.1109/ISPACS.2013.6704525
Heller B, Sherwood R, McKeown N, 2012. The controller placement problem. 1st Workshop on Hot Topics in Software Defined Networks, p.7–12. https://doi.org/10.1145/2342441.2342444
Hu ZY, Wang MW, Yan XQ, et al., 2015. A comprehensive security architecture for SDN. 18th Int Conf on Intelligence in Next Generation Networks, p.30–37. https://doi.org/10.1109/ICIN.2015.7073803
Jafarian JH, Al–Shaer E, Duan Q, 2012. OpenFlow random host mutation: transparent moving target defense using software defined networking. 1st Workshop on Hot Topics in Software Defined Networks, p.127–132. https://doi.org/10.1145/2342441.2342467
Keller E, Ghorbani S, Caesar M, et al., 2012. Live migration of an entire network (and its hosts). 11th ACM Workshop on Hot Topics in Networks, p.109–114. https://doi.org/10.1145/2390231.2390250
Kim H, Feamster N, 2013. Improving network management with software defined networking. IEEE Commun Mag, 51(2):114–119. https://doi.org/10.1109/MCOM.2013.6461195
Kreutz D, Ramos FMV, Verissimo P, 2013. Towards secure and dependable software–defined networks. 2nd ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, p.55–60. https://doi.org/10.1145/2491185.2491199
Li GL, Wu J, Li JH, et al., 2017. Battery status sensing software–defined multicast for V2G regulation in smart grid. IEEE Sens J, 17(23):7838–7848. https://doi.org/10.1109/JSEN.2017.2731971
Linux Foundation, 2015. OpenDaylight. https://doi.org/www.opendaylight.org
Liu B, Chen M, Xu B, et al., 2016. An OpenFlow–based performance–oriented multipath forwarding scheme in datacenters. Front Inform Technol Electron Eng, 17(7): 647–660. https://doi.org/10.1631/FITEE.1601059
Liu CF, Samarakoon S, Bennis M, et al., 2018. Fronthaulaware software–defined wireless networks: resource allocation and user scheduling. IEEE Trans Wirel Commun, 17(1):533–547. https://doi.org/10.1109/TWC.2017.2768358
Liu ZJ, Li Y, Su L, et al., 2014. TCAM–efficient flow table mapping scheme for OpenFlow multiple–table pipelines. J Tsinghua Univ (Sci Technol), 54(4):437–442 (in Chinese). https://doi.org/10.16511/j.cnki.qhdxxb.2014.04.009
McKeown N, Anderson T, Balakrishnan H, et al., 2008. OpenFlow: enabling innovation in campus networks. ACM SIGCOMM Comput Commun Rev, 38(2):69–74. https://doi.org/10.1145/1355734.1355746
Narayana S, Rexford J, Walker D, 2014. Compiling path queries in software–defined networks. 3rd Workshop on Hot Topics in Software Defined Networking, p.181–186. https://doi.org/10.1145/2620728.2620736
Nayak AK, Reimers A, Feamster N, et al., 2009. Resonance: dynamic access control for enterprise networks. 1st ACM Workshop on Research on Enterprise Networking, p.11–18. https://doi.org/10.1145/1592681.1592684
Nunes BBA, Mendonca M, Nguyen XN, et al., 2014. A survey of software–defined networking: past, present, and future of programmable networks. IEEE Commun Surv Tutor, 16(3):1617–1634. https://doi.org/10.1109/SURV.2014.012214.00180
Open Networking Foundation, 2012. Software–Defined Networking: the New Norm for Networks. https://doi.org/www.valleytalk.org/wp-content/uploads/2012/05/wp-sdn-newnorm.pdf
Pan H, Guan HT, Liu JJ, et al., 2013. The FlowAdapter: enable flexible multi–table processing on legacy hardware. 2nd ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, p.85–90. https://doi.org/10.1145/2491185.2491209
Porras P, Shin S, Yegneswaran V, et al., 2012. A security enforcement kernel for OpenFlow networks. 1st Workshop on Hot Topics in Software Defined Networks, p.121–126. https://doi.org/10.1145/2342441.2342466
Qazi ZA, Tu CC, Chiang L, et al., 2013. SIMPLE–fying middlebox policy enforcement using SDN. ACM SIGCOMM Comput Commun Rev, 43(4):27–38. https://doi.org/10.1145/2486001.2486022
Reitblatt M, Foster N, Rexford J, et al., 2011. Consistent updates for software–defined networks: change you can believe in! 10th ACM Workshop on Hot Topics in Networks, Article 7. https://doi.org/10.1145/2070562.2070569
Reitblatt M, Foster N, Rexford J, et al., 2012. Abstractions for network update. ACM SIGCOMM Comput Commun Rev, 42(4):323–334. https://doi.org/10.1145/2377677.2377748
Scott–Hayward S, 2015. Design and deployment of secure, robust, and resilient SDN controllers. 1st IEEE Conf on Network Softwarization, p.1–5. https://doi.org/10.1109/NETSOFT.2015.7258233
Scott–Hayward S, O’Callaghan G, Sezer S, 2013. SDN security: a survey. IEEE SDN for Future Networks and Services, p.1–7. https://doi.org/10.1109/SDN4FNS.2013.6702553
Sezer S, Scott–Hayward S, Chouhan PK, et al., 2013. Are we ready for SDN? Implementation challenges for softwaredefined networks. IEEE Commun Mag, 51(7):36–43. https://doi.org/10.1109/MCOM.2013.6553676
Shin S, Gu GF, 2012. CloudWatcher: network security monitoring using OpenFlow in dynamic cloud networks. 20th IEEE Int Conf on Network Protocols, p.1–6. https://doi.org/10.1109/ICNP.2012.6459946
Shin S, Porras P, Yegneswaran V, et al., 2013. FRESCO: modular composable security services for softwaredefined networks. ISOC Network and Distributed Security Symp, p.1–16.
Tavakoli A, Casado M, Koponen T, et al., 2009. Applying NOX to the datacenter. 8th ACM Workshop on Hot Topics in Networks, p.1–6.
Voellmy A, Kim H, Feamster N, 2012. Procera: a language for high–level reactive network control. 1st Workshop on Hot Topics in Software Defined Networks, p. 43–48. https://doi.org/10.1109/10.1145/2342441.2342451
Wang K, Li JH, Wu J, et al., 2018. QoS–predicted energy efficient routing for information–centric smart grid: a network calculus approach. IEEE Access, 6:52867–52876. https://doi.org/10.1109/ACCESS.2018.2870929
Wang X, Liu Z, Qi YX, et al., 2012. LiveCloud: a lucid orchestrator for cloud datacenters. 4th IEEE Int Conf on Cloud Computing Technology and Science, p.341–348. https://doi.org/10.1109/CloudCom.2012.6427544
Wen XT, Chen Y, Hu CC, et al., 2013. Towards a secure controller platform for openflow applications. 2nd ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, p.171–172. https://doi.org/10.1145/2491185.2491212
Wu J, Dong MX, Ota K, et al., 2017. FCSS: fog computing based content–aware filtering for security services in information centric social networks. IEEE Trans Emerg Top Comput, in press. https://doi.org/10.1109/TETC.2017.2747158
Wu J, Dong MX, Ota K, et al., 2018a. Big data analysis–based secure cluster management for optimized control plane in software–defined networks. IEEE Trans Netw Serv Manag, 15(1):27–38. https://doi.org/10.1109/TNSM.2018.2799000
Wu J, Luo SB, Wang S, et al., 2018b. NLES: a novel lifetime extension scheme for safety–critical cyber–physical systems using SDN and NFV. IEEE Internet Things J, in press. https://doi.org/10.1109/JIOT.2018.2870294
Yang EZ, Zhang LK, Yao Z, et al., 2016. A video conferencing system based on SDN–enabled SVC multicast. Front Inform Technol Electron Eng, 17(7):672–681. https://doi.org/10.1631/FITEE.1601087
Yeganeh SH, Ganjali Y, 2012. Kandoo: a framework for efficient and scalable offloading of control applications. 1st Workshop on Hot Topics in Software Defined Networks, p.19–24. https://doi.org/10.1145/2342441.2342446
Yeganeh SH, Tootoonchian A, Ganjali Y, 2013. On scalability of software–defined networking. IEEE Commun Mag, 51(2):136–141. https://doi.org/10.1109/MCOM.2013.6461198
Zhang D, Chang Z, Yu FR, et al., 2016a. A double auction mechanism for virtual resource allocation in SDN–based cellular network. IEEE 27th Annual Int Symp on Personal, Indoor, and Mobile Radio Communications, p.1–6. https://doi.org/10.1109/PIMRC.2016.7794896
Zhang D, Chang Z, Hämäläinen T, 2016b. Reverse combinatorial auction based resource allocation in heterogeneous software defined network with infrastructure sharing. IEEE 83rd Vehicular Technology Conf, p.1–6. https://doi.org/10.1109/VTCSpring.2016.7504455
Zhang D, Chang Z, Hämäläinen T, et al., 2017. Double auction based multi–flow transmission in software–defined and virtualized wireless networks. IEEE Trans Wirel Commun, 16(12):8390–8404. https://doi.org/10.1109/TWC.2017.2762300
Author information
Authors and Affiliations
Corresponding author
Additional information
Project supported by the National Natural Science Foundation of China (No. 61831007)
Rights and permissions
About this article
Cite this article
Wang, S., Wu, J., Yang, W. et al. Novel architectures and security solutions of programmable software-defined networking: a comprehensive survey. Frontiers Inf Technol Electronic Eng 19, 1500–1521 (2018). https://doi.org/10.1631/FITEE.1800575
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1631/FITEE.1800575