ReviewSecurity in SDN: A comprehensive survey
Introduction
The SDN paradigm decouples the control and data planes, therefore all network intelligence and control logic is migrated from the network devices to a logically centralized software-based entity known as the network controller. Network controller resides in the control plane where centralized control and network management functions instruct forwarding behavior to all the elements distributed in the infrastructure. In the data plane, network elements called switches are designed to match metadata in flow packets against the rules and forwarding instructions issued by the network controller. Such process runs before conceiving any forwarding decision. The centralized characteristic of SDN implies that the network controller is always aware of the network state and that all traffic flows are passed to the controller at least once in the network lifetime for the definition of forwarding behavior. Besides centralized flow management, SDN nurtures the conception of network programmability; hence, different network functions are embedded as software applications that can be either installed on top of the controller or deployed as independent data consumer functions.
SDN embodies the concept of network programmability since all network operations must be described as software programs, integrating algorithms, data structures and programming concepts that belong to the software development environment. Security, a sensitive aspect in communication and data networks, may benefit from SDN features including the network programmability itself; several security problems that often threat conventional networks can be sorted out in SDN in a timely and reliable manner enforcing network security software applications. The introduction of security applications to networking environments might contribute to: replace hardware-based security middleboxes; add extra security features by the integration of emergent software-based technologies to the SDN environment, such as machine learning and virtualization; redefine, improve or sanitize conventional networking mechanisms and concepts with a proclivity to expose vulnerabilities or weak points; increase scalability and flexibility of security solutions and ease the deployment of such solutions in massive network infrastructures. Despite all the benefits listed before, it is convenient to highlight that the SDN architecture entails unknown and additional security problems, risks and threats that emerge due to the introduction of new network interfaces and the alteration of network elements and their traditional communication scheme. Therefore besides developing new security strategies leveraging SDN there must be a commitment to embed security in the reference architecture of the SDN itself.
As stated above, SDN can be leveraged to enhance network security but, at the same time, it needs to be precisely secured. Both approaches have attracted the attention of researchers considering that the SDN paradigm will not consolidate as the reference network architecture for enterprises and ISPs until a strict security scheme that cooperates with fulfilling a standardized set of minimum security requirements is completely devised. Back in 2008, the first security proposals for SDN appeared (Hinrichs et al., 2008) and since then to the recent years many different proposals have been published; some of them provide new network security mechanisms and improvements that leverage SDN features while some others focus on building a secure framework for reliable SDN deployment, just to name a few: PermOF (Wen et al., 2013) SE-Floodlight (Porras et al., 2015), FortNOX (Porras et al., 2012), Rosemary (Shin et al., 2014), LegoSDN (Chandrasekaran and Benson, 2014), Avant-Guard (Shin et al., 2013a), CPRecovery (Fonseca et al., 2012), NICE (Canini et al., 2012), FlowChecker (Al-Shaer and Al-Haj, 2010), Veriflow (Khurshid et al., 2012), FlowGuard (Hu et al., 2014a), Frenetic (Foster et al., 2011), Verificare (Skowyra et al., 2013), FRESCO (Shin et al., 2013b), NICE:NIDS (Chung et al., 2013), SnortFlow (Xing et al., 2013) and CBAS (Toseef et al., 2014). Those security proposals have been presented and thoroughly analyzed and discussed in comprehensive survey articles published throughout the recent years (Dacier et al., 2017, Ahmad et al., 2015, Scott-Hayward et al., 2016, Scott-Hayward et al., 2013, Akhunzada et al., 2015, Rawat and Reddy, 2017, Alsmadi and Xu, 2015, Ali et al., 2015, Shu et al., 2016, Akhunzada et al., 2016, Coughlin, 2014, Shaghaghi et al., 1804). Therefore, we consider that no significant contribution will result from further analysis of such works. However, new proposals have been thickening the state-of-art reflecting the evolution of SDN technology and covering newly discovered security aspects and details closely related to such evolution. Therefore, in this work we will focus on recently published SDN security works that introduce new security approaches obtained by either leveraging SDN features or by adapting to SDN security strategies that were developed for conventional networks.
The main goal of this work is to provide readers with a comprehensive revision of state-of-art proposals for the development and evolution of SDN security. In more detail, the main contributions of this survey are listed below:
- 1.
A taxonomy that classifies the reviewed articles in two main categories: The first one groups the proposals that leverage SDN features to improve network security. While the other one marks proposals that provide solutions to intrinsic security faults and risks in SDN. Moreover, subsequent categories label the articles according to seven subclasses defined according to unique contributions and features exhibited by the proposals.
- 2.
We foster a discussion to highlight two situations: The complexity in the integration of diverse security systems, and the Inconsistencies that can be observed in the design and implementation of security strategies for SDN. From our perspective and understanding those two situations need attention and additional efforts from the SDN community in order to ensure that the emerging security solutions overcome the problems and flaws present in current SDN security strategies.
- 3.
An introduction to the open and emerging challenges in SDN security to suggest and point out the directions for future research efforts and proposals.
This work is structured as follows: Section 2 introduces a set of basic notions and concepts to provide a brief description of the SDN architecture and the OpenFlow protocol; in this section we also highlight network attacks, threat vectors and attack surfaces in SDN. In Section 3, we thoroughly analyze the duality in SDN security: enforcing SDN to improve network security or enhancing SDN security? In Section 4, the taxonomy and the classification are presented, along with a brief analysis of newly published proposals. In Section 5 we briefly detail some potential flaws and inconsistencies that are still present in the design of security mechanisms for SDN. In Section 6, we identify open challenges and future work in SDN security. And finally, in Section 7 we conclude this article.
Section snippets
Background and context
SDN paradigm decouples control and data planes, it means that all network logic and control is isolated from data devices. Although SDN proposes novel and promising network architectures, it is still in an early stage for realistic and production-like implementations. One key aspect that inibits the adoption of SDN as the de-facto network architecture is the security, there is still too much to develop and test regarding this aspect. Nevertheless, in recent years SDN security has been gaining
SDN for security and SDN security
SDN features like network-wide visibility, centralized network intelligence and network programmability reshaped the way packet forwarding and basic network control duties are performed in programmable networks. However, as detailed in the previous section, these features and the SDN architecture itself introduce new security risks and attack surfaces that are not present in conventional network deployments. According to the latter statement and taking on count the benefits to network control
Classification and overview of SDN security solutions
In this section, we provide a comprehensive review of new security solutions to attack vectors and threat surfaces that target the SDN architecture. We present the proposals classified into eight categories that reflect either the main contribution to security or the main network concept that is embodied in the proposal: Attack detection, Virtualized/Cloud-based security, Threat and attack mitigation, Protected and secure sessions, Network state monitoring, Vulnerability assessment, Forensics
Faulty system integration and system complexity
Security is as strong as the weakest link, any loose end in a security approach exposes the entire network system to be compromised sooner or later. For that latter reason it is suggested to run extensive assessments and tests for the identification of critical points that could be leveraged to bypass the security measures and then compromise the network elements under threat. Besides, implementation of a comprehensive security system implies adding complexity to the network and reducing its
Lack of standardized interfaces for the integration of NFV and cloud services in SDN security
Virtualized functions and services offer many new possibilities for the enhancement of security in SDN environments, as detailed in previous sections virtualized functions can be enforced by SDN to deploy security services directly on infrastructure devices or in the control plane, removing the utilization of specialized middleboxes and by the way offloading processing burden from control plane instances. Besides, by enforcing virtualized functions and services available in cloud environments
Conclusion
The SDN architecture is a revolution in network management and control, adding special features that enhance different network functions and at the same time provide with solutions to cumbersome issues present in conventional networks. The centralized control and network programmability in SDN cooperate in speeding-up the prototyping and development of network functions, in general, most of the network functions found in conventional architectures can be rendered in SDN in the form of simple
Declaration of competing interest
None.
Acknowledgements
This paper has been partially supported by the project “Red temática CYTED 519RT0580″ funded by the Ibero-American Science and Technology Program CYTED. This research was also partially supported by the Colombian Department of Science Technology and Innovation (Colciencias) and the Government of Antioquia, under the contract CT609 of 2019.
Juan Camilo Correa Chica, received the Bs. Eng in Electronics Engineering in 2010 from the University of Antioquia and received his MSc degree in Telecommunications Engineering from the same university in 2016. He is a lecturer and researcher at Instituto Tecnológico Metropolitano (ITM) and has been working as part time lecturer for digital systems design and software programming courses for the University of Antioquia. His research interests include: simulation and modeling of
References (127)
- et al.
Secure and dependable software defined networks
J. Netw. Comput. Appl.
(2016) - et al.
Identifying cyber-attacks on software defined networks: an inference-based intrusion detection approach
J. Netw. Comput. Appl.
(2017) - et al.
Security of software defined networks: a survey
Comput. Secur.
(2015) - et al.
Resilience support in software-defined networking: a survey
Comput. Network.
(2015) - et al.
Software-defined networking: a survey
Comput. Network.
(2015) - et al.
Classification of security threats in information systems
Procedia Comput. Sci.
(2014) - et al.
Classification of security threats in information systems
Procedia Comput. Sci.
(2014) - et al.
Global flow table: a convincing mechanism for security operations in sdn
Comput. Network.
(2017) - et al.
Machine learning based intrusion detection system for software defined networks
- et al.
Security in software defined networks: a survey
IEEE Commun. Surv. Tutor.
(2015)
Flow-based intrusion detection system for sdn
Securing software defined networks: taxonomy, requirements, and open issues
IEEE Commun. Mag.
Flowchecker: configuration analysis and verification of federated openflow infrastructures
A survey of securing networks using software defined networking
IEEE Trans. Reliab.
Meridian: an sdn platform for cloud network services
IEEE Commun. Mag.
Network security function virtualization(nsfv) towards cloud computing with nfv over openflow infrastructure: challenges and novel approaches
Openflow vulnerability assessment
Introduction and analysis of sdn and nfv security architecture (sn-seca)
Openflow switching: data plane performance
A survey on the programmable data plane: abstractions architectures and open problems
Software-defined networking using openflow: protocols, applications and architectural design choices
Future Internet
A nice way to test openflow applications
Fortress: an efficient and distributed firewall for stateful data plane sdn, security and communication networks
Tolerating sdn application failures with legosdn
Leveraging sdn to improve security in industrial networks
Nice: network intrusion detection and countermeasure selection in virtual network systems
IEEE Trans. Dependable Secure Comput.
Know your enemy: stealth configuration-information gathering in sdn
A novel stealthy attack to gather sdn configuration-information
IEEE Trans. Emerg. Top. Comput.
A Survey of Sdn Security Research
Leveraging sdn and webrtc for rogue access point security
IEEE Trans. Netw. Serv. Manag.
Network attack detection and defense: security challenges and opportunities of software-defined networking
Dagstuhl Rep.
Security challenges and opportunities of software-defined networking
IEEE Secur. Priv.
Vnguard: an nfv/sdn combination framework for provisioning and managing virtual firewalls
Packet injection attack and its defense in software-defined networks
IEEE Trans. Inf. Forensics Secur.
Sphinx: detecting security attacks in software-defined networks
A detection method for a novel ddos attack against sdn controllers by vast new low-traffic flows
A Denial of Service Attack against the Open Floodlight Sdn Controller
A Switch Table Vulnerability in the Open Floodlight Sdn Controller
The road to sdn
Queue
Comparing openflow controller paradigms scalability: reactive and proactive
A replication component for resilient openflow-based networking
Frenetic: a network programming language
ACM Sigplan Not.
Software-defined networking: the new norm for networks
ONF White Paper
Enhancing sdn security by device fingerprinting
Network programmability with forces
IEEE Commun. Surv. Tutor.
Expressing and Enforcing Flow-Based Network Security Policies
Taxonomic modeling of security threats in software defined networking
Sdn Security Attack Vectors and Sdn Hardening: Securing Sdn Deployments Right from the Start
Poisoning network visibility in software-defined networks: new attacks and countermeasures
Cited by (182)
Enhancing security in SDN: Systematizing attacks and defenses from a penetration perspective
2024, Computer NetworksSecuring distributed systems: A survey on access control techniques for cloud, blockchain, IoT and SDN
2023, Cyber Security and ApplicationsQuantum walks-based classification model with resistance for cloud computing attacks
2023, Expert Systems with ApplicationsThe applications of nature-inspired meta-heuristic algorithms for decreasing the energy consumption of software-defined networks: A comprehensive and systematic literature review
2023, Sustainable Computing: Informatics and SystemsSDN-based automated rekey of IPsec security associations: Design and practical validations
2023, Computer Networks
Juan Camilo Correa Chica, received the Bs. Eng in Electronics Engineering in 2010 from the University of Antioquia and received his MSc degree in Telecommunications Engineering from the same university in 2016. He is a lecturer and researcher at Instituto Tecnológico Metropolitano (ITM) and has been working as part time lecturer for digital systems design and software programming courses for the University of Antioquia. His research interests include: simulation and modeling of telecommunication systems; Internet of Things; Big Data; Software Defined Networking; and issues regarding software engineering such as efficient algorithms, data structures, optimization and metaheuristics. ORCID: 0000-0003-3476-9312
Jenny Cuatindioy Imbachi, is a Professor at the Telecommunications Engineering Department at the University of Medellín, Medellín, Colombia. She received her Bs. Eng in Electronics and Telecommunications engineering back in 1998 from Universidad del Cauca. She pursued a Specialization in Networks and Telecommunications Services at Universidad del Cauca in 2005. She also received her M.Sc. degree in Telecommunications engineering from Universidad de Antioquia in 2017. Her main research interests include Channel Coding, Optical Networks, Access and Carrier Grade Networks and Next-Gen Networks.
Juan Felipe Botero Vega, is a Professor at the Electronics and Telecommunications Engineering Department at the University of Antioquia, Medellín, Colombia. In 2006 he received his Computer Science Degree from the University of Antioquia, his M.Sc. degree in Telematics Engineering in 2008 from the Technical University of Catalonia, UPC, in Barcelona, Spain, and his Ph.D. degree in Telematics Engineering at UPC. In 2013, he joined the research group on applied telecommunications (GITA) at the Electronics and Telecommunications Engineering Department. His main research interests include Quality of Service, Software Defined Networking, Network Virtualization, Data Center Network Virtualization and resource allocation in virtual networks. (https://sites.google.com/site/juanfebotero/). ORCID: 0000-0002-7072-8924.