Skip to main content
SpringerLink
Log in

A Study on Various Attacks and Detection Methodologies in Software Defined Networks

  • Published:
Wireless Personal Communications Aims and scope Submit manuscript

Abstract

The Software Defined Networks (SDN) is widely used in many industrial and enterprise networking applications due to its flexibility and gaining popularity. It offers various benefits like network virtualization, policy enforcement, greater control, and reduced operational cost. One of the challenging tasks in SDN is to secure the network against the harmful attacks. For this purpose, various attack detection mechanisms are developed in traditional works, which intends to increase the security of SDN by employing different policy enforcement and soft computing techniques. In this paper, a comprehensive survey is presented on various attacks that affect the performance of SDN and its corresponding countermeasure techniques. Typically, the performance of a network can be degraded due to the cause of attacks present on the layers. Also, it leads to reduced Quality of Service (QoS), increased network congestion, and packet drops. So, the attacks present on the layers must be detected or prevented for increasing the performance of SDN. This investigation illustrates various attacks with its causes and the most suitable techniques used for detecting those attacks for improving security. Moreover, the advantages and disadvantages of each attack detection mechanism are presented with its working procedure.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10

Similar content being viewed by others

References

  1. Yan, Q., Yu, F. R., Gong, Q., & Li, J. (2016). Software-defined networking (SDN) and distributed denial of service (DDoS) attacks in cloud computing environments: A survey, some research issues, and challenges. IEEE Communications Surveys & Tutorials, 18, 602–622.

    Google Scholar 

  2. Braga, R., Mota, E., & Passito, A. (2010). Lightweight DDoS flooding attack detection using NOX/OpenFlow. In 2010 IEEE 35th conference on Local Computer Networks (LCN) (pp. 408–415).

  3. Dong, X., Lin, H., Tan, R., Iyer, R. K., & Kalbarczyk, Z. (2015). Software-defined networking for smart grid resilience: Opportunities and challenges. In Proceedings of the 1st ACM workshop on cyber-physical system security (pp. 61–68).

  4. Ali, S. T., Sivaraman, V., Radford, A., & Jha, S. (2015). A survey of securing networks using software defined networking. IEEE Transactions on Reliability, 64, 1086–1097.

    Google Scholar 

  5. Braun, W., & Menth, M. (2014). Software-defined networking using OpenFlow: Protocols, applications and architectural design choices. Future Internet, 6, 302–336.

    Google Scholar 

  6. Farhady, H., Lee, H., & Nakao, A. (2015). Software-defined networking: A survey. Computer Networks, 81, 79–95.

    Google Scholar 

  7. Ahmad, I., Namal, S., Ylianttila, M., & Gurtov, A. (2015). Security in software defined networks: A survey. IEEE Communications Surveys & Tutorials, 17, 2317–2346.

    Google Scholar 

  8. Mousavi, S. M., & St-Hilaire, M. (2015). Early detection of DDoS attacks against SDN controllers. In 2015 international conference on computing, networking and communications (ICNC), 2015 (pp. 77–81).

  9. Dabbagh, M., Hamdaoui, B., Guizani, M., & Rayes, A. (2015). Software-defined networking security: Pros and cons. IEEE Communications Magazine, 53, 73–79.

    Google Scholar 

  10. Li, Y., & Chen, M. (2015). Software-defined network function virtualization: A survey. IEEE Access, 3, 2542–2553.

    Google Scholar 

  11. Blenk, A., Basta, A., Reisslein, M., & Kellerer, W. (2016). Survey on network virtualization hypervisors for software defined networking. IEEE Communications Surveys & Tutorials, 18, 655–685.

    Google Scholar 

  12. Antikainen, M., Aura, T., & Särelä, M. (2014). Spook in your network: Attacking an sdn with a compromised openflow switch. In Nordic conference on secure IT systems, 2014 (pp. 229–244).

  13. Thyagaturu, A. S., Mercian, A., McGarry, M. P., Reisslein, M., & Kellerer, W. (2016). Software defined optical networks (SDONs): A comprehensive survey. IEEE Communications Surveys & Tutorials, 18, 2738–2786.

    Google Scholar 

  14. Van Trung, P., Huong, T. T.,Van Tuyen, D., Duc, D. M., Thanh, N. H., & Marshall, A. (2015). A multi-criteria-based DDoS-attack prevention solution using software defined networking. In 2015 international conference on advanced technologies for communications (ATC), 2015 (pp. 308–313).

  15. De Gante, A., Aslan, M., & Matrawy, A. (2014). Smart wireless sensor network management based on software-defined networking. In 2014 27th biennial symposium on communications (QBSC), 2014 (pp. 71–75).

  16. Wang, B., Zheng, Y., Lou, W., & Hou, Y. T. (2015). DDoS attack protection in the era of cloud computing and software-defined networking. Computer Networks, 81, 308–319.

    Google Scholar 

  17. Mehdi, S. A., Khalid, J., & Khayam, S.A. (2011). Revisiting traffic anomaly detection using software defined networking. In International workshop on recent advances in intrusion detection, 2011 (pp. 161–180).

  18. Bokhari, M. U., & Shallal, Q. M. (2016). A review on symmetric key encryption techniques in cryptography. International Journal of Computer Applications, 147, 43–48.

    Google Scholar 

  19. Sharma, R., & Athavale, V. A. (2019). Survey of intrusion detection techniques and architectures in wireless sensor networks. International Journal of High Performance Computing and Networking, 10, 3925–3937.

    Google Scholar 

  20. Nait-Abdesselam, F., Bensaou, B., & Taleb, T. (2008). Detecting and avoiding wormhole attacks in wireless ad hoc networks. IEEE Communications Magazine, 46, 127–133.

    Google Scholar 

  21. Sen, J., Koilakonda, S., & Ukil, A. (2011). A mechanism for detection of cooperative black hole attack in mobile ad hoc networks. In 2011 second international conference on intelligent systems, modelling and simulation (ISMS), 2011 (pp. 338–343).

  22. Jhaveri, R. H., Patel, S. J., & Jinwala, D. C. (2012). DoS attacks in mobile ad hoc networks: A survey. In 2012 second international conference on advanced computing & communication technologies (ACCT), 2012 (pp. 535–541).

  23. Yan, Z., Zhang, P., & Vasilakos, A. V. (2016). A security and trust framework for virtualized networks and software-defined networking. Security and Communication Networks, 9, 3059–3069.

    Google Scholar 

  24. Gao, H., Hu, J., Huang, T., Wang, J., & Chen, Y. (2011). Security issues in online social networks. IEEE Internet Computing, 15, 56–63.

    Google Scholar 

  25. Bayraktaroglu, E., King, C., Liu, X., Noubir, G., Rajaraman, R., & Thapa, B. (2013). Performance of IEEE 802.11 under jamming. Mobile Networks and Applications, 18, 678–696.

    Google Scholar 

  26. Stallings, W. (2013). Software-defined networks and openflow. The Internet Protocol Journal, 16, 2–14.

    Google Scholar 

  27. Singh, V. P., Ukey, A. S. A., & Jain, S. (2013). Signal strength based hello flood attack detection and prevention in wireless sensor networks. International Journal of Computer Applications, 62, 1–6.

    Google Scholar 

  28. Sheela, D., Kumar, C. N., & Mahadevan, G. (2011). A non cryptographic method of sink hole attack detection in wireless sensor networks. In 2011 international conference on recent trends in information technology (ICRTIT), 2011 (pp. 527–532).

  29. Nithya, S., & Gomathy, C. (2018). An investigation on security attacks in wireless sensor network. International Journal of Pure and Applied Mathematics, 119, 927–935.

    Google Scholar 

  30. Ambusaidi, M. A., He, X., Nanda, P., & Tan, Z. (2016). Building an intrusion detection system using a filter-based feature selection algorithm. IEEE Transactions on Computers, 65, 2986–2998.

    MathSciNet  MATH  Google Scholar 

  31. La, Q. D., Quek, T. Q., Lee, J., Jin, S., & Zhu, H. (2016). Deceptive attack and defense game in honeypot-enabled networks for the internet of things. IEEE Internet of Things Journal, 3, 1025–1035.

    Google Scholar 

  32. Al-Rubaie, M., & Chang, J. M. (2016). Reconstruction attacks against mobile-based continuous authentication systems in the cloud. IEEE Transactions on Information Forensics and Security, 11, 2648–2663.

    Google Scholar 

  33. Sahay, R., Blanc, G., Zhang, Z., & Debar, H. (2015) Towards autonomic DDoS mitigation using software defined networking. In SENT 2015: NDSS workshop on security of emerging networking technologies, 2015.

  34. Vizváry, M., & Vykopal, J. (2014). Future of ddos attacks mitigation in software defined networks. In IFIP international conference on autonomous infrastructure, management and security, 2014 (pp. 123–127).

  35. Shin, S., & Gu, G. (2013). Attacking software-defined networks: A first feasibility study. In Proceedings of the second ACM SIGCOMM workshop on hot topics in software defined networking, 2013 (pp. 165–166).

  36. Wang, H., Xu, I., & Gu, G. (2015). Floodguard: A dos attack prevention extension in software-defined networks. In 2015 45th annual IEEE/IFIP international conference on dependable systems and networks (DSN), 2015 (pp. 239–250).

  37. Dotcenko, S., Vladyko, A., & Letenko, I. (2014). A fuzzy logic-based information security management for software-defined networks. In 2014 16th international conference on advanced communication technology (ICACT), 2014 (pp. 167–171).

  38. Jafarian, J. H., Al-Shaer, E., & Duan, Q. (2012). Openflow random host mutation: Transparent moving target defense using software defined networking. In Proceedings of the first workshop on hot topics in software defined networks, 2012 (pp. 127–132).

  39. Xu, T., Gao, D., Dong, P., Zhang, H., Foh, C. H., & Chao, H.-C. (2017). Defending against new-flow attack in sdn-based internet of things. IEEE Access, 5, 3431–3443.

    Google Scholar 

  40. Mahmoud, R., Yousuf, T., Aloul, F., & Zualkernan, I. (2015). Internet of Things (IoT) security: Current status, challenges and prospective measures. In 2015 10th international conference for internet technology and secured transactions (ICITST), 2015 (pp. 336–341).

  41. Tang, T. A., Mhamdi, L., McLernon, D., Zaidi, S. A. R., & Ghogho, M. (2016). Deep learning approach for network intrusion detection in software defined networking. In 2016 international conference on wireless networks and mobile communications (WINCOM), 2016 (pp. 258–263).

  42. Vilalta, R., Ciungu, R., Mayoral, A, Casellas, R., Martinez, R., Pubill, D., et al. (2016). Improving security in Internet of Things with software defined networking. In Global communications conference (GLOBECOM), 2016 IEEE, 2016 (pp. 1–6).

  43. Xue, N., Huang, X., & Zhang, J. (2016). S2Net: A security framework for software defined intelligent building networks. In Trustcom/BigDataSE/ISPA, 2016 IEEE, 2016 (pp. 654–661).

  44. Öğütçü, G., Testik, Ö. M., & Chouseinoglou, O. (2016). Analysis of personal information security behavior and awareness. Computers & Security, 56, 83–93.

    Google Scholar 

  45. Vučinić, M., Tourancheau, B., Rousseau, F., Duda, A., Damon, L., & Guizzetti, R. (2015). OSCAR: Object security architecture for the Internet of Things. Ad Hoc Networks, 32, 3–16.

    Google Scholar 

  46. Raza, S., Duquennoy, S., Höglund, J., Roedig, U., & Voigt, T. (2014). Secure communication for the Internet of Things: A comparison of link-layer security and IPsec for 6LoWPAN. Security and Communication Networks, 7, 2654–2668.

    Google Scholar 

  47. Mattos, D. M. F., & Duarte, O. C. M. B. (2016). AuthFlow: Authentication and access control mechanism for software defined networking. Annals of Telecommunications, 71, 607–615.

    Google Scholar 

  48. Corchado, E., & Herrero, Á. (2011). Neural visualization of network traffic data for intrusion detection. Applied Soft Computing, 11, 2042–2056.

    Google Scholar 

  49. Koc, L., Mazzuchi, T. A., Sarkani, S., Mazzuchi, A., & Sarkani, S. (2012). A network intrusion detection system based on a Hidden Naïve Bayes multiclass classifier. Expert Systems with Applications, 39, 13492–13500.

    Google Scholar 

  50. Jyothsna, V., Prasad, V. R., & Prasad, K. M. (2011). A review of anomaly based intrusion detection systems. International Journal of Computer Applications, 28, 26–35.

    Google Scholar 

  51. Hoque, M. S., Mukit, M., Bikas, M., & Naser, A. (2012). An implementation of intrusion detection system using genetic algorithm. arXiv preprint arXiv:1204.1336.

  52. Nayak, P., & Devulapalli, A. (2016). A fuzzy logic-based clustering algorithm for WSN to extend the network lifetime. IEEE Sensors Journal, 16, 137–144.

    Google Scholar 

  53. Tran, M. C., & Nakamura, Y. (2016). Behaviour similarity based to cluster automated HTTP communication. In 2016 IEEE sixth international conference on communications and electronics (ICCE), 2016 (pp. 19–24).

  54. Nasser, O., AlThuhli, S., Mohammed, M., AlMamari, R., & Hajamohideen, F. (2015). An investigation of backdoors implication to avoid regional security impediment. In 2015 global conference on communication technologies (GCCT), 2015 (pp. 409–412).

  55. Kumara, M. A., & Jaidhar, C. (2015). Virtual machine introspection based spurious process detection in virtualized cloud computing environment. In 2015 international conference on futuristic trends on computational analysis and knowledge management (ABLAZE), 2015 (pp. 309–315).

  56. Zhu, Z., & Cao, G. (2013). Toward privacy preserving and collusion resistance in a location proof updating system. IEEE Transactions on Mobile Computing, 12, 51–64.

    Google Scholar 

  57. Nadji, Y., Perdisci, R., & Antonakakis, M. (2017). Still beheading hydras: Botnet takedowns then and now. IEEE Transactions on Dependable and Secure Computing, 14, 535–549.

    Google Scholar 

  58. Haddadi, F., & Zincir-Heywood, A. N. (2016). Benchmarking the effect of flow exporters and protocol filters on botnet traffic classification. IEEE Systems Journal, 10, 1390–1401.

    Google Scholar 

  59. Wang, J., & Paschalidis, I. C. (2017). Botnet detection based on anomaly and community detection. IEEE Transactions on Control of Network Systems, 4, 392–404.

    MathSciNet  MATH  Google Scholar 

  60. Matta, V., Di Mauro, M., & Longo, M. (2017). DDoS attacks with randomized traffic innovation: Botnet identification challenges and strategies. IEEE Transactions on Information Forensics and Security, 12, 1844–1859.

    Google Scholar 

  61. Rashidi, B., Fung, C., & Bertino, E. (2017). A collaborative ddos defence framework using network function virtualization. IEEE Transactions on Information Forensics and Security, 12, 2483–2497.

    Google Scholar 

  62. De Assis, M. V., Hamamoto, A. H., Abrao, T., & Proença, M. L. (2017). A game theoretical based system using holt-winters and genetic algorithm with fuzzy logic for DoS/DDoS mitigation on SDN networks. IEEE Access, 5, 9485–9496.

    Google Scholar 

  63. Gonzalez, R., Jiang, L. Ahmed, M., Marciel, M., Cuevas, R., Metwalley, H., et al. (2017). The cookie recipe: Untangling the use of cookies in the wild. In Network traffic measurement and analysis conference (TMA), 2017 (pp. 1–9).

  64. Sood, A. K., Zeadally, S., & Bansal, R. (2017). Exploiting trust: stealthy attacks through socioware and insider threats. IEEE Systems Journal, 11, 415–426.

    Google Scholar 

  65. Fu, J., Liang, Y., Tan, C., & Xiong, X. (2010). Detecting software keyloggers with dendritic cell algorithm. In 2010 international conference on communications and mobile computing (CMC), 2010 (pp. 111–115).

  66. Shar, L. K., Briand, L. C., & Tan, H. B. K. (2015). Web application vulnerability prediction using hybrid program analysis and machine learning. IEEE Transactions on Dependable and Secure Computing, 12, 688–707.

    Google Scholar 

  67. Tang, T., Mhamdi, L., Zaidi, S., El-moussa, F., McLernon, D., & Ghogho, M. (2019). A deep learning approach combining auto-encoder with one-class SVM for DDoS attack detection in SDNs. In Proceedings of the international conference on communications and networking.

  68. Van Trung, P., Huong, T. T., Van Tuyen, D., Duc, D. M., Thanh, N. H., & Marshall, A. (2015). A multi-criteria-based DDoS-attack prevention solution using software defined networking. In International conference on advanced technologies for communications (ATC), 2015 (pp. 308–313).

  69. Yang, H., & Wang, F. (2019). Wireless network intrusion detection based on improved convolutional neural network. IEEE Access, 7, 64366–64374.

    Google Scholar 

  70. Dhawan, M., Poddar, R., Mahajan, K., & Mann, V. (2015). SPHINX: Detecting security attacks in software-defined networks. In NDSS, 2015.

  71. Shu, Z., Wan, J., Li, D., Lin, J., Vasilakos, A. V., & Imran, M. (2016). Security in software-defined networking: Threats and countermeasures. Mobile Networks and Applications, 21, 764–776.

    Google Scholar 

  72. Al-Ayyoub, M., Jararweh, Y., Benkhelifa, E., Vouk, M., & Rindos, A. (2015). Sdsecurity: A software defined security experimental framework. In 2015 IEEE international conference on communication workshop (ICCW), 2015 (pp. 1871–1876).

  73. Akhunzada, A., Gani, A., Anuar, N. B., Abdelaziz, A., Khan, M. K., Hayat, A., et al. (2016). Secure and dependable software defined networks. Journal of Network and Computer Applications, 61, 199–221.

    Google Scholar 

  74. Liyanage, M., Ahmed, I., Ylianttila, M., Santos, J. L., Kantola, R., Perez, O. L., et al. (2015). Security for future software defined mobile networks. In 2015 9th international conference on next generation mobile applications, services and technologies, 2015 (pp. 256–264).

  75. Zaalouk, A., Khondoker, R., Marx, R., & Bayarou, K. (2014). Orchsec: An orchestrator-based architecture for enhancing network-security using network monitoring and sdn control functions. In Network operations and management symposium (NOMS), 2014 IEEE (pp. 1–9).

  76. Lara, A., & Ramamurthy, B. (2016). Opensec: Policy-based security using software-defined networking. IEEE Transactions on Network and Service Management, 13, 30–42.

    Google Scholar 

  77. Yuan, B., Zou, D., Yu, S., Jin, H., Qiang, W., & Shen, J. (2016). Defending against flow table overloading attack in software-defined networks. IEEE Transactions on Services Computing, 12, 231–246.

    Google Scholar 

  78. Ambrosin, M., Conti, M., De Gaspari, F., & Poovendran, R. (2015). Lineswitch: Efficiently Managing switch flow in software-defined networking while effectively tackling dos attacks. In Proceedings of the 10th ACM symposium on information, computer and communications security, 2015 (pp. 639–644).

  79. Kandoi, R., & Antikainen, M. (2015). Denial-of-service attacks in OpenFlow SDN networks. In 2015 IFIP/IEEE international symposium on integrated network management (IM) (pp. 1322–1326).

  80. Yan, Q., & Yu, F. R. (2015). Distributed denial of service attacks in software-defined networking with cloud computing. IEEE Communications Magazine, 53, 52–59.

    Google Scholar 

  81. Ashraf, J., & Latif, S. (2014). Handling intrusion and DDoS attacks in Software Defined Networks using machine learning techniques. In 2014 National software engineering conference (pp. 55-60).

Download references

Funding

No funding was received for this study.

Author information

Authors and Affiliations

  1. Department of Computer Science and Engineering, Dr. B. R. Ambedkar Institute of Technology, Port Blair, India

    Sukhvinder Singh

  2. Department of Computer Science, School of Engineering and Technology, Pondicherry Central University, Kalapet, India

    S. K. V. Jayakumar

Authors
  1. Sukhvinder Singh
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. S. K. V. Jayakumar
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Sukhvinder Singh.

Ethics declarations

Conflict of interest

The authors declare that they have no conflict of interest.

Ethical Approval

All procedures performed in the studies involving human participants were in accordance with the ethical standards of the institutional and/or national research committee and with the 1964 Helsinki Declaration and its later amendments or comparable ethical standards.

Informed Consent

Informed consent was obtained from all individual participants included in the study.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Singh, S., Jayakumar, S.K.V. A Study on Various Attacks and Detection Methodologies in Software Defined Networks. Wireless Pers Commun 114, 675–697 (2020). https://doi.org/10.1007/s11277-020-07387-y

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11277-020-07387-y

Keywords

Search

Navigation