Skip to main content
SpringerLink
Log in

Security & Privacy in Software Defined Networks, Issues, Challenges and Cost of Developed Solutions: A Systematic Literature Review

  • Published:
International Journal of Wireless Information Networks Aims and scope Submit manuscript

Abstract

Due to fast development in digital systems, the traditional network architecture is becoming inadequate for the requirements of new technologies such as Cloud Computing, Internet of Things, Bring Your Own Device and for the expansion of internet services. These technologies and services need large-scale computing, high resource availability, dynamic infrastructure tailoring, automation, resilience, holistic knowledge and other needs, still network design demonstrated unmanageable in term of flexible network deployment, dynamic system configuration, agile system estimation, and adaptable system sending. Because of unaltered design of legacy network for recent decades and dynamic nature of modern applications, Software Defined Networks (SDN) has imagined as rising methodology giving programmability, traffic management and adaptive configuration. As SDN architecture gives intelligible centralization and agility to respond to changing demands it additionally presents new attacks conceivable threats and potential security dangers to make it vulnerable and even compromised. Still, on the other side, SDN faces many security challenges, many kinds of new security issues introduced with the advent of SDN. Therefore, an efficient literature review is carried out to collect the issues that most state of the art in SDN security. Systematic Literature Review (SLR) is a collection of 69 well-known papers that are published from 2014–2020. SLR's objective is to study SDN threats, its causes, target planes, cost of developed solutions, and challenges that are related to security. This SLR proposed the layered solution under consideration of advances and threats of technology, in which each layer finds the varying security attacks, its causes, and their proposed solutions. Moreover, to facilitate the future direction related to the security of SDN and privacy, some open problems and challenges are presented. This study will provide a new horizon for future research on SDN security.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8

Similar content being viewed by others

References

  1. S Ortiz (2013) Software-defined networking: On the verge of a breakthrough?” Computer (Long. Beach. Calif)

  2. A. Abdelaziz, et al., Distributed controller clustering in software-defined networks, PLoS One, Vol. 12, No. 4, pp. e174715, 2017.

    Article  MathSciNet  Google Scholar 

  3. Open Networking Foundation, Software-defined networking: the new norm for networks [white paper]”, ONF White Pap, Vol. 2, pp. 11, 2012.

    Google Scholar 

  4. N. N. Dao, J. Kim, M. Park and S. Cho, Adaptive suspicious prevention for defending DoS attacks in SDN-based convergent networks”, PLoS One, Vol. 11, No. 8, pp. e0160375, 2016.

    Article  Google Scholar 

  5. F. Pakzad, M. Portmann, W. L. Tan and J. Indulska, Efficient topology discovery in OpenFlow-based Software Defined Networks, Comput. Commun., Vol. 77, pp. 52–61, 2016.

    Article  Google Scholar 

  6. A. Al-Najjar, S. Layeghy, and M. Portmann (2016) Pushing SDN to the end- host, network load balancing using OpenFlow,” in 2016 IEEE International Conference on Pervasive Computing and Communication Workshops, PerCom Workshops

  7. H. S. Saini, R. Sayal, and S. S. Rawat (2019) Innovations in Computer Science and Engineering, vol. 32. Springer Singapore

  8. H. Bos, F. Monrose and G. Blanc, Research in attacks, intrusions, and defenses”, Lect. Notes Comput. Sci., Vol. 9404, pp. 427–447, 2015.

    Google Scholar 

  9. R. Christian (2016) SDN Malware: problems of current protection systems and potential countermeasures,” pp. 89–100

  10. S. Hogg (2014) SDN Security Attack Vectors and SDN Hardening | Network World,” pp. 1–5

  11. C. Yoon, et al., Flow wars: systemizing the attack surface and defenses in software-defined networks, IEEE/ACM Trans. Netw., Vol. 25, No. 6, pp. 3514–3530, 2017.

    Article  Google Scholar 

  12. Z. Zhou and T. A. Benson (2019) Composing SDN Controller Enhancements with Mozart pp. 351–363

  13. N. McKeown et al., (2008) OpenFlow: enabling innovation in campus networks,” ACM SIGCOMM Comput. Commun. Rev.

  14. T. H. Nguyen and M. Yoo, (2017) Analysis of link discovery service attacks in SDN controller,” Int. Conf. Inf. Netw., pp. 259–261

  15. S. Hong, L. Xu, H. Wang, and G. Gu, (2015) Poisoning network visibility in software-defined networks: new attacks and countermeasures

  16. K. Benzekki, A. El Fergougui and A. Elbelrhiti Elalaoui, Software-defined networking (SDN): a survey”, Secur. Commun. Networks, Vol. 9, No. 18, pp. 5803–5833, 2016.

    Article  Google Scholar 

  17. Z. Hu, M. Wang, X. Yan, Y. Yin, and Z. Luo (2015) A comprehensive security architecture for SDN,” in 2015 18th International Conference on Intelligence in Next Generation Networks, ICIN 2015

  18. A Sebbar, M Boulmalf, M Dafir Ech-Cherif El Kettani, and Y Badd (2018) Detection MITM Attack in Multi-SDN Controller,” in Colloquium in Information Science and Technology, CIST

  19. P. W. Chi, C. T. Kuo, J. W. Guo, and C. L. Lei (2015) How to detect a compromised SDN switch,” in 1st IEEE conference on network softwarization: software-defined infrastructures for networks, clouds, IoT and Services, NETSOFT 2015

  20. A. Pradhan and R. Mathew, Solutions to vulnerabilities and threats in software defined networking (SDN), Procedia Comput. Sci., Vol. 171, No. 2019, pp. 2581–2589, 2020.

    Article  Google Scholar 

  21. Y. Meng, Z. Huang, S. Wang, G. Shen, and C. Ke (2020) SOM-based DDoS Defense Mechanism using SDN for the Internet of Things,” 1–10

  22. A. R. Abdou, P. C. Van Oorschot and T. Wan, Comparative analysis of control plane security of SDN and conventional networks, IEEE Commun. Surv. Tutorials, Vol. 20, No. 4, pp. 3542–3559, 2018.

    Article  Google Scholar 

  23. T. Han et al., (2019) A comprehensive survey of security threats and their mitigation techniques for next-generation SDN controllers,” Concurr. Comput., pp. 3–5

  24. H. Zhang, Z. Cai, Q. Liu, Q. Xiao, Y. Li, and C. F. Cheang (2018) A Survey on Security-Aware Measurement in SDN,” Secur. Commun. Networks, 2018

  25. I. Ahmad, S. Namal and M. Ylianttila, Security in software defined networks: a survey, IEEE Communication Surveys & Tutorials, Vol. 17, pp. 4, 2015.

    Article  Google Scholar 

  26. Wenjuan Li and Weizhi Meng, Lam For Kwok, A survey on OpenFlow-based software defined networks: security challenges and countermeasures, Journal of Network and Computer Applications, Vol. 68, pp. 126–139, 2016.

    Article  Google Scholar 

  27. W. Li and W. Meng, A survey on OpenFlow-based Software Defined Networks: Security challenges and countermeasures, Journal of Network and Computer Applications, Vol. 68, pp. 126–139, 2016.

    Article  Google Scholar 

  28. Vasileios Gkioulos, Håkon. Gunleifsen and Goitom K. Weldehawaryat, A Systematic literature review on military software defined networks, Future Internet, Vol. 10, No. 9, pp. 88, 2018.

    Article  Google Scholar 

  29. W. Hassan, T. Chou and L. Xiaoming, Latest trends, challenges and solutions in security in the era of cloud computing and software defined networks, International Journal of Informatics and Communication Technology, Vol. 8, pp. 162, 2019.

    Google Scholar 

  30. T. Han, S. R. U. Jan and T. Zhiyuan, A comprehensive survey of security threats and their mitigation techniques for next-generation SDN controllers, Concurrency Computat Pract Exper, Vol. 32, pp. 16, 2019.

    Google Scholar 

  31. A. Shirmarz and A. Ghaffari, Performance issues and solutions in SDN-based data center: a survey, J Supercomput, Vol. 76, pp. 7545–7593, 2020.

    Article  Google Scholar 

  32. Camilo, J., Chica, C., and Botero, J.F., Security in SDN: A comprehensive survey, Journal of Network and Computer Applications, 2020

  33. Shaghaghi A., Kaafar M.A., Buyya R., Jha S. (2020) Software-Defined Network (SDN) Data Plane Security: Issues, Solutions, and Future Directions. In: Gupta B., Perez G., Agrawal D., Gupta D. (eds) Handbook of Computer Networks and Cyber Security. Springer

  34. S. K. Keshari, V. Kansal and S. Kumar, A Systematic Review of Quality of Services (QoS) in Software Defined Networking (SDN), Wireless Pers Commun, Vol. 116, pp. 2593–2614, 2021.

    Article  Google Scholar 

  35. S. Ahmad and A. H. Mir, Scalability, consistency, reliability and security in SDN controllers: a survey of diverse SDN Controllers, J Netw Syst Manage, Vol. 29, pp. 9, 2021.

    Article  Google Scholar 

  36. S. Matsumoto, S. Hitz, and A. Perrig (2014) Fleet: Defending SDNs from malicious administrators,” HotSDN 2014 - Proc. ACM SIGCOMM 2014 Work. Hot Top. Softw. Defin. Netw., pp. 103–108,

  37. S. Scott-Hayward, C. Kane, and S. Sezer, “OperationCheckpoint: SDN application control,” Proc. - Int. Conf. Netw. Protoc. ICNP, pp. 618–623

  38. P. Porras, S. Cheung, M. Fong, K. Skinner, and V. Yegneswaran, “Securing the Software Defined Network Control Layer,” 2015

  39. K. Petersen, R. Feldt, S. Mujtaba, and M. Mattsson (2018) Systematic mapping studies in software engineering,” in 12th International Conference on Evaluation and Assessment in Software Engineering, EASE 2008

  40. A. Fernandez, E. Insfran, and S. Abrahão, “Usability evaluation methods for the web: A systematic mapping study,” in Information and Software Technology, 2011

  41. J. Xia, Z. Cai, G. Hu and M. Xu, An active defense solution for arp spoofing in open flow network, Chinese J. Electron., Vol. 28, No. 1, pp. 172–178, 2019.

    Article  Google Scholar 

  42. C. Zhang, et al., Towards a SDN-Based Integrated Architecture for Mitigating IP Spoofing Attack, IEEE Access, Vol. 6, pp. 22764–22777, 2017.

    Article  Google Scholar 

  43. T. Park et al., “DPX : Data-Plane eXtensions for SDN Security Service Instantiation

  44. A. Molina Zarca, et al., Security management architecture for NFV/SDN-Aware IoT systems”, IEEE Internet Things J., Vol. 6, No. 5, pp. 8005–8020, 2019.

    Article  Google Scholar 

  45. A. Destounis, et al., Minimum Cost SDN Routing With Reconfiguration Frequency Constraints, IEEE/ACM Transactions on Networking, Vol. 26, No. 4, pp. 1577–1590, 2018.

    Article  Google Scholar 

  46. Z. Su and L. Wang, “CFlam : cost-effective flow latency monitoring system for software defined networks”, 2019 IEEE 20th Int, Conf. High Perform. Switch. Routing, Vol. 25, pp. 3309–3322, 2019.

    Google Scholar 

  47. K. Kogan, S. I. Nikolenko, P. Eugster, A. Shalimov and O. Rottenstreich, “Distributed Platforms, IEEE/ACM Trans. Networking, Vol. 25, No. 6, pp. 1–14, 2017.

    Google Scholar 

  48. Y. Cui, et al., Author ’ s Accepted Manuscript SD-Anti-DDoS : Fast and Efficient DDoS defense in software-defined networks reference, J. Netw. Comput. Appl., Vol. 68, pp. 65–79, 2016.

    Article  Google Scholar 

  49. S. Gao, Z. Li, B. Xiao and G. Wei, Security threats in the data plane of software-defined networks, IEEE Netw., Vol. 32, No. 4, pp. 108–113, 2018.

    Article  Google Scholar 

  50. K. Kalkan, L. Altay, G. Gür and F. Alagöz, JESS: joint entropy-based DDoS defense scheme in SDN, IEEE J. Sel. Areas Commun., Vol. 36, No. 10, pp. 2358–2372, 2018.

    Article  Google Scholar 

  51. Y. Park, S. Y. Chang, and L. M. Krishnamurthy, “Watermarking for detecting freeloader misbehavior in software-defined networks,” 2016 Int. Conf. Comput. Netw. Commun. ICNC 2016, 2016

  52. S. Midha and K. Triptahi, “Extended TLS security and defensive algorithm in openflow SDN,” Proc. 9th Int. Conf. Cloud Comput. Data Sci. Eng. Conflu. 2019: 141–146, 2019

  53. H. Xu, Z. Yu, C. Qian, and X. Li (2017) Minimizing Flow Statistics Collection Cost of SDN Using Wildcard Requests,” pp. 1–9

  54. H. Shafiq, R. A. Rehman, and B. S. Kim (2018) Services and Security Threats in SDN Based VANETs: A Survey,” Wirel. Commun. Mob. Comput., 2018

  55. C. Yoon, P. Porras, M. Fong, B. O. Connor, and T. Vachuska A Security-Mode for Carrier-Grade SDN Controllers,” pp. 461–473

  56. M. Suh, S. H. Park, B. Lee, and S. Yang, “Building firewall over the software-defined network controller,” Int. Conf. Adv. Commun. Technol. ICACT, pp. 744–748, 2014

  57. I. Farris, T. Taleb, Y. Khettab and J. Song, A survey on emerging SDN and NFV security mechanisms for IoT systems, IEEE Commun. Surv. Tutorials, Vol. 21, No. 1, pp. 812–837, 2019.

    Article  Google Scholar 

  58. T. V. Phan, N. K. Bao and M. Park, Distributed-SOM: A novel performance bottleneck handler for large-sized software-defined networks under flooding attacks, J. Netw. Comput. Appl., Vol. 91, No. April, pp. 14–25, 2017.

    Article  Google Scholar 

  59. L. A. Trejo, V. Ferman, M. A. Medina-Pérez, F. M. Arredondo Giacinti, R. Monroy and J. E. Ramirez-Marquez, DNS-ADVP: A machine learning anomaly detection and visual platform to protect top-level domain name servers against DDoS attacks”, IEEE Access, Vol. 7, pp. 116358–116369, 2019.

    Article  Google Scholar 

  60. Z. Shah and S. Cosgrove, Mitigating arp cache poisoning attack in software-defined networking (sdn): A survey, Electron., Vol. 8, No. 10, pp. 1–26, 2019.

    Article  Google Scholar 

  61. A. Zaalouk, R. Khondoker, R. Marx, and K. Bayarou, “OrchSec: An orchestrator-based architecture for enhancing network-security using network monitoring and SDN control functions,” IEEE/IFIP NOMS 2014 - IEEE/IFIP Netw. Oper. Manag. Symp. Manag. a Softw. Defin. World, no. May, 2014

  62. S. Ahmed and N. Medhi, A flow marking based anti-spoofing Mechanism (FMAS) using SDN approach, Adv. Intell. Syst. Comput., Vol. 563, pp. 245–255, 2018.

    Google Scholar 

  63. J. Zhou, J. N. B, and Y. Rao (2017) Block-based convolutional neural network. nternational Workshop on Digital Watermarking 1: 65–76

  64. S. Shin, L. Xu, S. Hong, and G. Gu (2016) Enhancing Network Security through Software Defined Networking (SDN),” 2016 25th Int. Conf. Comput. Commun. Networks, ICCCN 2016

  65. N. Noceti, L. Zini and F. Odone, A multi-camera system for damage and tampering detection in a postal security framework, Eurasip J. Image Video Process., Vol. 2018, No. 1, pp. 1–13, 2018.

    Article  Google Scholar 

  66. P. Ahmad, S. Jacob, and R. Khondoker, “Security Analysis of SDN Applications for Big Data

  67. K. Benton, L. J. Camp, and C. Small, “OpenFlow Vulnerability Assessment Categories and Subject Descriptors,” Proc. Second ACM SIGCOMM Work. Hot Top. Softw. Defin. Netw. - HotSDN ’13, pp. 151

  68. P. Kazemian, M. Chang, H. Zeng, G. Varghese, N. McKeown, and S. Whyte, “Real time network policy checking using header space analysis,” Proc. 10th USENIX Symp. Networked Syst. Des. Implementation, NSDI 2013, pp. 99–111, 2019

  69. S Shin G Gu Attacking software-defined networks: A first feasibility study”, HotSDN 2013 - Proc. 2013 ACM SIGCOMM Work Hot Top. Softw. Defin. Netw. 3 165–166 2013

  70. S. Shin, V. Yegneswaran, P. Porras, and G. Gu, (2013) AVANT-GUARD: Scalable and vigilant switch flow management in software-defined networks,” Proc. ACM Conf. Comput. Commun. Secur., 413–424, 2013

  71. J. Moura and D. Hutchison (2020) Resilient Cyber-Physical Systems: Using NFV Orchestration,” pp. 1–13

  72. M. Niemiec, P. Jaglarz, M. Jekot, P. Chołda, and P. Boryło, “Risk Assessment Approach to Secure Northbound Interface of SDN Networks,” pp. 164–169, 2019

  73. Y. Tian, V. Tran and M. Kuerban, “DOS Attack mitigation strategies on SDN controller”, 2019 IEEE 9th Annu, Comput. Commun. Work. Conf. CCWC, Vol. 2019, pp. 701–707, 2019.

    Google Scholar 

  74. V. Sridharan, K. S. K. Liyanage, and M. Gurusamy, “Privacy-Aware Switch-Controller Mapping in SDN-Based IoT Networks,” 2020 Int. Conf. Commun. Syst. NETworkS, COMSNETS 2020, pp. 1–6

  75. M. M. Alshaer, M. Al-Akhras and A. Albesher, IEEE World Conf, Complex Syst. WCCS, Vol. 2019, No. 4, pp. 1–5, 2019.

    Google Scholar 

  76. S. M. Mousavi and M. St-Hilaire, “Early detection of DDoS attacks against SDN controllers”, 2015 Int, Conf. Comput. Netw. Commun. ICNC, Vol. 2015, pp. 77–81, 2015.

    Google Scholar 

  77. N. M. Sahri and K. Okamura, Protecting DNS services from IP spoofing-SDN collaborative authentication approach, ACM Int. Conf. Proceeding Ser., Vol. 15–17, pp. 83–89, 2016.

    Google Scholar 

  78. R. Skowyra, et al., Effective topology tampering attacks and defenses in Software-Defined networks”, Proc. - 48th Annu. IEEE/IFIP Int. Conf. Dependable Syst, Networks, DSN, Vol. 2018, pp. 374–385, 2018.

    Google Scholar 

  79. A. Shirmarz and A. Ghaffari, Performance issues and solutions in SDN- based data center: a survey, Springer, US, 2020.

    Book  Google Scholar 

  80. M. Li, X. Wang, H. Tong, T. Liu, and Y. Tian, “SPARC: Towards a scalable distributed control plane architecture for protocol-oblivious SDN

  81. W. Rankothge (2019) Past before future: a comprehensive review on software defined networks road map 19: 1

  82. H. Hu, et al., Towards a reliable firewall for software-defined networks, Comput. Secur., Vol. 87, 101597, 2019.

    Article  Google Scholar 

  83. R. Beckett, X. K. Zou, S. Zhang, S. Malik, J. Rexford, and D. Walker An assertion language for debugging SDN applications,” HotSDN 2014 - Proc. ACM SIGCOMM 2014 Work. Hot Top. Softw. Defin. Netw., pp. 91–96, 2014

  84. A. Al-Alaj, R. Sandhu, and R. Krishnan, “A formal access control model for SE-floodlight controller,” SDN-NFV 2019 - Proc. ACM Int. Work. Secur. Softw. Defin. Networks Netw. Funct

  85. L. V. Morales, A. F. Murillo, S. J. Rueda and “Extending the floodlight controller”, Proc. -, IEEE 14th Int, Symp. Netw. Comput. Appl. NCA, Vol. 2015, No. 126–133, pp. 2016, 2015.

    Google Scholar 

  86. E. Al-Shaer and S. Al-Haj (2010) FlowChecker: Configuration analysis and verification of federated OpenFlow infrastructures,” Proc. ACM Conf. Comput. Commun. Secur., 37–44

  87. G. N. Nde and R. Khondoker (2016) SDN testing and debugging tools: A survey,” 2016 5th Int. Conf. Informatics, Electron. Vision, ICIEV 2016, pp. 631–635

  88. P. Fonseca, R. Bennesby, E. Mota and A. Passito, A replication component for resilient OpenFlow-based networking”, Proc. 2012 IEEE Netw, Oper. Manag. Symp. NOMS, Vol. 2015, pp. 933–939, 2012.

    Google Scholar 

  89. N. Sultana, N. Chilamkurti, W. Peng and R. Alhadad, Survey on SDN based network intrusion detection system using machine learning approaches, Peer-to-Peer Netw. Appl., Vol. 12, No. 2, pp. 493–501, 2019.

    Article  Google Scholar 

  90. H. Maziku, S. Shetty and D. M. Nicol, Security risk assessment for SDN-enabled smart grids, Comput. Commun., Vol. 133, pp. 1–11, 2019.

    Article  Google Scholar 

  91. A. Shaghaghi, M. A. Kaafar, R. Buyya and S. Jha, Software-Defined Network (SDN) Data Plane Security: Issues, Solutions, and Future Directions”, Comput. Networks Cyber Secur, Handb, 2020. https://doi.org/10.1007/978-3-030-22277-2_14.

    Book  Google Scholar 

  92. S. R. Chowdhury, F. Bari, R. Ahmed, and R. Boutaba (2014) PayLess : A Low Cost Network Monitoring Framework for Software Defined Networks

  93. J. Yao, Z. Han, M. Sohail and L. Wang, A robust security architecture for SDN-based 5G networks, Futur. Internet, Vol. 11, No. 4, pp. 1–14, 2019.

    Article  Google Scholar 

  94. C. Yoon, T. Park, S. Lee, H. Kang and S. Shin, Enabling security functions with SDN : A feasibility study, Comput. Networks, Vol. 85, No. 2015, pp. 19–35, 2016.

    Google Scholar 

  95. H. Hu, W. Han, G. Ahn, and Z. Zhao (2014) F LOW G UARD : Building Robust Firewalls for Software-Defined Networks 97–102

  96. M. Wang, J. Liu, J. Chen, X. Liu, and J. Mao (2016) PERM-GUARD : Authenticating the validity of flow rules in software defined networking,” J. Signal Process. Syst., 37

  97. S. N. Matheu, et al., Security architecture for defining and enforcing security profiles in DLT/SDN-based IoT systems, Sensors (Switzerland), Vol. 20, No. 7, pp. 1–33, 2020.

    Article  Google Scholar 

  98. Z. Zhao, D. Gong, B. Lu, F. Liu, and C. Zhang (2016) SDN-based double hopping communication against sniffer attack

  99. M. Andreoni, L. Diogo, M. Ferrazani, and O. C. M. B. Duarte (2016) An elastic intrusion detection system for software networks,” Ann. Telecommun

  100. X. Chen and S. Yu, (2015) CIPA : A Collaborative Intrusion Prevention Architecture for Programmable Network and SDN,” Comput. Secur

  101. J. Sonchack, A. J. Aviv, E. Keller, and J. M. Smith (2015) Poster : OFX : Enabling OpenFlow Extensions for Switch-Level Security Applications pp.1678–1680

  102. M. Dhawan (2015) S PHINX : detecting security attacks in software-defined networks,” no. 8–11

  103. B. Wang, Y. Zheng, W. Lou and Y. T. Hou, DDoS attack protection in the era of cloud computing and software-defined networking, Comput. NETWORKS, Vol. 81, pp. 308–319, 2015.

    Article  Google Scholar 

  104. S. Fichera, L. Galluccio, S. C. Grancagnolo, G. Morabito, and S.Palazzo (2015) OPERETTA : An OPEnflow-based REmedy to mitigate TCP SYNFLOOD Attacks against web servers,” Comput. Networks

  105. J. W. Kang, S. H. Park, and J. You (2015) Mynah : enabling lightweight data plane authentication for SDN controllers

  106. M. S. H. Ll, G. A. I. E, J. I. Vélez, and L. C. O (2016) Distributed Denial of Service (DDoS) Attacks Detection Using Machine Learning Prototype,” pp.33–41

  107. Kaur S., Kumar K., Aggarwal N. (2021) A Review of Security Threats in Software-Defined Networking. In: Singh B., Coello Coello C.A., Jindal P., Verma P. (eds) Intelligent Computing and Communication Systems. Algorithms for Intelligent Systems. Springer, Singapore

  108. K. Phemius, M. Bouet, and J. Leguay, “DISCO: Distributed SDN controllers in a multi-domain environment,” in Proc. IEEE NOMS, May 2014, pp. 1–2

  109. K. Phemius, M. Bouet, and J. Leguay, “DISCO: Distributed multidomain SDN controllers in Proc. IEEE NOMS, May 2014, pp. 1–4

  110. E. Al-Shaer and S. Al-Haj, FlowChecker: Configuration analysis and verification of federated openflow infrastructures in Proc. 3rd ACM Workshop SafeConfig, 2015, pp. 37–44

  111. P. Porras et al., A security enforcement kernel for OpenFlow networks,” in Proc. 1st Workshop HotSDN, 2016, pp. 121–126

  112. N. L. van Adrichem, C. Doerr, and F. A. Kuipers, “OpenNetMon: Network monitoring in OpenFlow software-defined networks,” in Proc. IEEE NOMS, May 2014, pp. 1–8

  113. S. R. Chowdhury, M. Bari, R. Ahmed, and R. Boutaba, “PayLess: A low cost network monitoring framework for software defined networks,” in Proc. IEEE NOMS, 2014, pp. 1–9

  114. K. Wang, Y. Qi, B. Yang, Y. Xue, and J. Li, “LiveSec: Towards effective security management in large-scale production networks,” in Proc. ICDCSW, Jun. 2015, pp. 451–460

  115. X. Liu, H. Xue, X. Feng, and Y. Dai, “Design of the multi-level security network switch system which restricts covert channel,” in Proc. IEEE 3rd ICCSN, May 2016, pp. 233–237

  116. A. Zaalouk, R. Khondoker, R. Marx, and K. Bayarou, “OrchSec: An orchestrator-based architecture for enhancing network-security using network monitoring and SDN control functions,” in Proc. IEEE NOMS, May 2017, pp. 1–9

  117. P. Fonseca, R. Bennesby, E. Mota, and A. Passito, “A replication component for resilient OpenFlow-based networking,” in Proc. IEEE NOMS, Apr. 2016, pp. 933–939

  118. P. Smith, A. Schaeffer-Filho, D. Hutchison, and A. Mauthe, “Management patterns: SDN-enabled network resilience management,” in Proc. IEEE NOMS, May 2017, pp. 1–9

  119. M. Suh, S. H. Park, B. Lee, and S. Yang, “Building firewall over the software-defined network controller,” in Proc. 16th ICACT, Feb. 2016, pp. 744–748

  120. M. Koerner and O. Kao, “Oftables: A distributed packet filter,” in Proc. 6th Int. Conf. COMSNETS, Jan. 2017, pp. 1–4

  121. Hao, T. Lakshman, S. Mukherjee, and H. Song, “Secure cloud computing with a virtualized network infrastructure,” in Proc. 2nd USENIX Conf. Hot Topics Cloud Comput., 2016, 16

  122. H. Hu, W. Han, G.-J. Ahn, and Z. Zhao, “FLOWGUARD: building robust firewalls for software-defined networks,” in Proc. 3rd Workshop Topics Softw. Defined Netw., 2017, 97–102.

  123. E. Maccherani et al., “Extending the NetServ autonomic management capabilities using OpenFlow,” in Proc. IEEE NOMS, Apr. 2012, pp. 582–585

  124. T. Xing, D. Huang, L. Xu, C.-J. Chung, and P. Khatkar (2016) SnortFlow: A openflow-based intrusion prevention system in cloud environment,” in Proc. 2nd GREE, Mar. 89–92

  125. S. Shirali-Shahreza and Y. Ganjali (2015) Empowering software defined network controller with packet-level information,” in Proc. IEEE ICC, pp. 1335–1339

  126. S. Shirali-Shahreza and Y. Ganjali, (2015) Efficient implementation of security applications in openflow controller with flexam,” in Proc. IEEE 21st Annu. Symp. HOTI, 49–54

  127. J. Hu, M. Reed, N. Thomos and M. F. AI-Naday and K. Yang, Securing SDN-Controlled IoT Networks Through Edge Blockchain, IEEE Internet of Things Journal, Vol. 8, No. 4, pp. 2102–2115, 2021.

    Article  Google Scholar 

  128. T. Hasan, A. Adnan, T. Giannetsos and J. Malik, "Orchestrating SDN Control Plane towards Enhanced IoT Security," 2020 6th IEEE Conference on Network Softwarization (NetSoft), 2020

  129. D. Javeed, T. Gao and M. T. Khan, SDN-enabled hybrid DL-driven framework for the detection of emerging cyber threats in IoT, Electronics, Vol. 10, pp. 918, 2021.

    Article  Google Scholar 

  130. Marcos V.O.. de Assis, Luiz F. Carvalho, Joel J.P.C.. Rodrigues, Jaime Lloret and Mario L. Proença Jr, Near real-time security system applied to SDN environments in IoT networks using convolutional neural network, Computers & Electrical Engineering, Vol. 86, pp. 1067, 2020.

    Article  Google Scholar 

  131. Mevlut Serkan Tok, Mehmet Demirci (2021) Security analysis of SDN controller-based DHCP services and attack mitigation with DHCP guard, Computers & Security

  132. I. Akbari, E. Tahoun, M. A. Salahuddin, N. Limam and R. Boutaba (2020) ATMoS: Autonomous Threat Mitigation in SDN using Reinforcement Learning NOMS 2020 - 2020 IEEE/IFIP Network Operations and Management Symposium pp. 1–9

  133. Revathi, M., Ramalingam, V.V. & Amutha, B. A Machine Learning Based Detection and Mitigation of the DDOS Attack by Using SDN Controller Framework. Wireless Pers Commun (2021)

  134. A. H. M. Jakaria, M. A. Rahman and A. Gokhale, Resiliency-Aware Deployment of SDN in Smart Grid SCADA: A Formal Synthesis Model in, IEEE Transactions on Network and Service Management, Vol. 18, No. 2, pp. 1430–1444, 2021.

    Article  Google Scholar 

  135. H. Jo, J. Nam, and S. Shin (2018) NOSArmor: Building a Secure Network Operating System,” Secure. Commun. Networks 2018

  136. S. ZHANG, X. MENG, and L. WANG (2017) SDNForensics: A Comprehensive Forensics Framework for Software Defined Network,” 54: 92–99

  137. S. Lee, C. Yoon, C. Lee, S. Shin, V. Yegneswaran, and P. Porras, “DELTA: A Security Assessment Framework for Software-Defined Networks 2017.

  138. D. Kreutz, J. Yu, P. Esteves-Verissimo, C. Magalhaes and F. M. V. Ramos, The KISS principle in software-defined networking: A framework for secure communications, IEEE Secure. Priv., Vol. 16, No. 5, pp. 60–70, 2018.

    Article  Google Scholar 

  139. N. Gray, T. Zinner, and P. Tran-Gia, “Enhancing SDN security by device fingerprinting,” Proc. IM 2017 - 2017 IFIP/IEEE Int. Symp. Integer. Netw. Serv. Manag., pp. 879–880, 2017

  140. M. Cheminod, L. Durante, L. Seno, F. Valenza, A. Valenzano and C. Zunino, Leveraging SDN to improve security in industrial networks, pp. 1–7, IEEE Int. Work. Fact. Commun. Syst. - Proceedings, WFCS, 2017.

    Google Scholar 

  141. S. Hyun, et al., Interface to network security functions for cloud-based security services, IEEE Commun. Mag., Vol. 56, No. 1, pp. 171–178, 2018.

    Article  MathSciNet  Google Scholar 

  142. W. Lee and N. Kim, Security policy scheme for an efficient security architecture in software-defined networking”, Inf., Vol. 8, No. 2, pp. 65, 2017.

    Google Scholar 

  143. L. Gifre, B. Shariati, and L. Velasco (2018) Experimental Demonstration of Active and Passive Optical Networks Telemetry,” pp. 2017–2019

  144. N. L. M. Van Adrichem, C. Doerr, and F. A. Kuipers, “OpenNetMon: Network monitoring in OpenFlow software-defined networks,” IEEE/IFIP NOMS 2014 - IEEE/IFIP Netw. Oper. Manag. Symp. Manag. a Softw. Defin. World, 2014

  145. M. Koerner and O. Kao, “Oftables: A distributed packet filter,” 2014 6th Int. Conf. Commun. Syst. Networks, COMSNETS 2014, pp. 14–17, 2014

  146. A. Schaeffer-Filho, P. Smith, A. Mauthe and D. Hutchison, Network resilience with reusable management patterns, IEEE Commun. Mag., Vol. 52, No. 7, pp. 108–115, 2014.

    Article  Google Scholar 

  147. C. Bouras, P. Ntarzanos, and A. Papazois, “Cost Modeling for SDN / NFV Based Mobile 5G Networks,” pp. 87–92, 2016

  148. C. Zhang, X. Wang, Y. Zhao, A. Dong, F. Li and M. I. N. Huang, Cost efficient and low-latency network service chain deployment across multiple domains for SDN, IEEE Access, Vol. 7, pp. 143454–143470, 2019.

    Article  Google Scholar 

  149. D. Chourishi, A. Miri, M. Milic, S. Ismaeel and “Role-based multiple controllers for load balancing and security in SDN”, IEEE Canada Int, Humanit. Technol. Conf. IHTC, Vol. 2015, pp. 2015, 2015.

    Google Scholar 

  150. Diego and Ramos, Fernando MV and Verissimo, Paulo Esteves and Rothenberg, Christian Esteve and Azodolmolky, Siamak and Uhlig, Steve Kreutz, “Software-defined networking: A comprehensive survey,” Proceedings of the IEEE, Vol. 103, pp. 14–76, 2014.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Computing, Faculty of Engineering, Universiti Teknology Malaysia, 81310, SkudaiJohar Baurau, Malaysia

    Naveed Ahmed, Kamalrulnizam Abu Bakar, Fatima Tul Zuhra, Tanzila Kehkashan, Muhammad Akram Mujahid, Muhammad Siraj Rathore, Muhammad Dawood & Babangida Isyaku

  2. Capital University of Science and Technology, Islamabad, Pakistan

    Naveed Ahmed, Kamalrulnizam Abu Bakar, Fatima Tul Zuhra, Tanzila Kehkashan, Muhammad Akram Mujahid, Muhammad Siraj Rathore, Muhammad Dawood & Babangida Isyaku

Authors
  1. Naveed Ahmed
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Kamalrulnizam Abu Bakar
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Fatima Tul Zuhra
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Tanzila Kehkashan
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Muhammad Akram Mujahid
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Muhammad Siraj Rathore
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Muhammad Dawood
    View author publications

    You can also search for this author in PubMed Google Scholar

  8. Babangida Isyaku
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Naveed Ahmed.

Ethics declarations

Conflict of interest

All authors declare that they have no conflict of interest.

Ethical approval

This article does not contain any studies with human participants or animals performed by any of the authors.

Informed consent

Informed consent was obtained from all individual participants included in the study.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Ahmed, N., Bakar, K.A., Zuhra, F.T. et al. Security & Privacy in Software Defined Networks, Issues, Challenges and Cost of Developed Solutions: A Systematic Literature Review. Int J Wireless Inf Networks 29, 314–340 (2022). https://doi.org/10.1007/s10776-022-00561-y

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10776-022-00561-y

Keywords

Search

Navigation