A comprehensive survey on SDN security: threats, mitigations, and future directions

Nowadays, security threats on Software Defined Network SDN architectures are similar to traditional networks. However, the profile of these threats changes with SDN. For example, a denial-of-service attack on a centralized controller that manages a large network of several network devices (routers,...

Full description

Saved in:
Bibliographic Details
Published inJournal of reliable intelligent environments Vol. 9; no. 2; pp. 201 - 239
Main Authors Maleh, Yassine, Qasmaoui, Youssef, El Gholami, Khalid, Sadqi, Yassine, Mounir, Soufyane
Format Journal Article
LanguageEnglish
Published Cham Springer International Publishing 01.06.2023
Springer Nature B.V
Subjects
Artificial Intelligence
Computer architecture
Computer Science
Controllers
Cybersecurity
Denial of service attacks
Health Informatics
Performance and Reliability
Review
Routers
Simulation and Modeling
Software Engineering/Programming and Operating Systems
Software-defined networking
State-of-the-art reviews
Switches
Taxonomy
User Interfaces and Human Computer Interaction
Software Defined Network
Application plane
SDN mitigations
Data plane
Control plane
SDN threats
SDN attacks
Online AccessGet full text

Cover

More Information
Summary:Nowadays, security threats on Software Defined Network SDN architectures are similar to traditional networks. However, the profile of these threats changes with SDN. For example, a denial-of-service attack on a centralized controller that manages a large network of several network devices (routers, switches, etc.) is more destructive than a targeted attack against a router. A spoofed SDN controller could allow a hacker to control an entire network, while a spoofed router could only harm the proper functioning of the traffic routed through that router. The SDN is facing these new security challenges, especially on securing the SDN architecture itself. SDN security is ensured at all these levels based on three-layer architecture and programming interfaces, which poses several challenges. The SDN’s security challenges are expected to grow with the progressive deployment. This paper aims to provide a comprehensive review of state of the art, accompanied by categorizing the research literature into a taxonomy that highlights each proposal’s main characteristics and contributions to the SDN's different layers. Based on the analysis of existing work, we also highlight key research gaps that could support future research in this area.
ISSN:2199-4668
2199-4676
DOI:10.1007/s40860-022-00171-8