Advertisement

Novel architectures and security solutions of programmable software-defined networking: a comprehensive survey

  • Shen Wang
  • Jun WuEmail author
  • Wu Yang
  • Long-hua Guo
Review
  • 7 Downloads

Abstract

Nowadays, cyberspace has become a vital part of social infrastructure. With the rapid development of the scale of networks, applications and services have become enriched, and the bearing function of the underlying network devices (such as switches and routers) has also been extended. To promote the dynamics architecture, high-level security, and high quality of service of the network, control network architecture forward separation is a development trend of the networking technology. Currently, software-defined networking (SDN) is one of the most popular and promising technologies. In SDN, high-level strategies are deployed by the proprietary equipment, which is used to guide the data forwarding of the network equipment. This can reduce many complicated functions of the network equipment and improve the flexibility and operability of the implementation and deployment of new network technologies and protocols. However, this novel networking technology faces novel challenges in term of architecture and security. The aim of this study is to offer a comprehensive review of the state-of-the-art research on novel advances of programmable SDN, and to highlight what has been investigated and what remains to be addressed, particularly, in terms of architecture and security.

Key words

Software-defined networking (SDN) Security Programmable 

CLC number

TP393 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Ali ST, Sivaraman V, Radford A, et al., 2015. A survey of securing networks using software defined networking. IEEE Trans Reliab, 64(3):1086–1097.  https://doi.org/10.1109/TR.2015.2421391 CrossRefGoogle Scholar
  2. Benton K, Camp LJ, Small C, 2013. OpenFlow vulnerability assessment. 2nd ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, p.151–152.  https://doi.org/10.1145/2491185.2491222 CrossRefGoogle Scholar
  3. Botelho F, Bessani A, Ramos FMV, et al., 2014. On the design of practical fault–tolerant SDN controllers. 3rd European Workshop on Software Defined Networks, p.73–78.  https://doi.org/10.1109/EWSDN.2014.25 CrossRefGoogle Scholar
  4. Braga R, Mota E, Passito A, 2010. Lightweight DDoS flooding attack detection using NOX/OpenFlow. IEEE Local Computer Network Conf, p.408–415.  https://doi.org/10.1109/LCN.2010.5735752 CrossRefGoogle Scholar
  5. Casado M, Freedman MJ, Pettit J, et al., 2007. Ethane: taking control of the enterprise. Conf on Applications, Technologies, Architectures, and Protocols for Computer Communications, p.1–12.  https://doi.org/10.1145/1282380.1282382 Google Scholar
  6. Cheng YN, Dong C, Chu LW, et al., 2015. Design and implementation of software–defined networking based firewall system. Comput Appl Softw, 32(1):286–288, 312 (in Chinese).  https://doi.org/10.3969/j.issn.1000-386x.2015.01.072 Google Scholar
  7. David K, Berndt H, 2018. 6G vision and requirements: is there any need for beyond 5G? IEEE Veh Technol Mag, 13(3): 72–80.  https://doi.org/10.1109/MVT.2018.2848498 Google Scholar
  8. European Telecommunications Standards Institute, 2012. Network Functions Virtualisation. https://doi.org/portal.etsi.org/nfv/nfv_white_paper.pdf Google Scholar
  9. Fayazbakhsh SK, Sekar V, Yu ML, et al., 2013. FlowTags: enforcing network–wide policies in the presence of dynamic middlebox actions. 2nd ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, p.19–24.  https://doi.org/10.1145/2491185.2491203 CrossRefGoogle Scholar
  10. Feng MJ, Mao SW, Jiang T, 2016. Enhancing the performance of future wireless networks with software–defined networking. Front Inform Technol Electron Eng, 17(7):606–619.  https://doi.org/10.1631/FITEE.1500336 CrossRefGoogle Scholar
  11. Gelberger A, Yemini N, Giladi R, 2013. Performance analysis of software–defined networking (SDN). IEEE 21st Int Symp on Modelling, Analysis and Simulation of Computer and Telecommunication Systems, p.389–393.  https://doi.org/10.1109/MASCOTS.2013.58 CrossRefGoogle Scholar
  12. Greenberg A, Hjalmtysson G, Maltz DA, et al., 2005. A clean slate 4D approach to network control and management. ACM SIGCOMM Comput Commun Rev, 35(5):41–54.  https://doi.org/10.1145/1096536.1096541 CrossRefGoogle Scholar
  13. Guan ZT, Zhang Y, Wu LF, et al., 2019. APPA: an anonymous and privacy preserving data aggregation scheme for fog–enhanced IoT. J Netw Comput Appl, 125:82–92.  https://doi.org/10.1016/j.jnca.2018.09.019 CrossRefGoogle Scholar
  14. Gude N, Koponen T, Pettit J, et al., 2008. NOX: towards an operating system for networks. ACM SIGCOMM Comput Commun Rev, 38(3):105–110.  https://doi.org/10.1145/1384609.1384625 CrossRefGoogle Scholar
  15. Handigol N, Heller B, Jeyakumar V, et al., 2012. Where is the debugger for my software–defined network? 1st Workshop on Hot Topics in Software Defined Networks, p.55–60.  https://doi.org/10.1145/2342441.2342453 CrossRefGoogle Scholar
  16. Hata H, 2013. A study of requirements for SDN switch platform. Int Symp on Intelligent Signal Processing and Communication Systems, p.79–84.  https://doi.org/10.1109/ISPACS.2013.6704525 CrossRefGoogle Scholar
  17. Heller B, Sherwood R, McKeown N, 2012. The controller placement problem. 1st Workshop on Hot Topics in Software Defined Networks, p.7–12.  https://doi.org/10.1145/2342441.2342444 Google Scholar
  18. Hu ZY, Wang MW, Yan XQ, et al., 2015. A comprehensive security architecture for SDN. 18th Int Conf on Intelligence in Next Generation Networks, p.30–37.  https://doi.org/10.1109/ICIN.2015.7073803 CrossRefGoogle Scholar
  19. Jafarian JH, Al–Shaer E, Duan Q, 2012. OpenFlow random host mutation: transparent moving target defense using software defined networking. 1st Workshop on Hot Topics in Software Defined Networks, p.127–132.  https://doi.org/10.1145/2342441.2342467 CrossRefGoogle Scholar
  20. Keller E, Ghorbani S, Caesar M, et al., 2012. Live migration of an entire network (and its hosts). 11th ACM Workshop on Hot Topics in Networks, p.109–114.  https://doi.org/10.1145/2390231.2390250 CrossRefGoogle Scholar
  21. Kim H, Feamster N, 2013. Improving network management with software defined networking. IEEE Commun Mag, 51(2):114–119.  https://doi.org/10.1109/MCOM.2013.6461195 CrossRefGoogle Scholar
  22. Kreutz D, Ramos FMV, Verissimo P, 2013. Towards secure and dependable software–defined networks. 2nd ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, p.55–60.  https://doi.org/10.1145/2491185.2491199 CrossRefGoogle Scholar
  23. Li GL, Wu J, Li JH, et al., 2017. Battery status sensing software–defined multicast for V2G regulation in smart grid. IEEE Sens J, 17(23):7838–7848.  https://doi.org/10.1109/JSEN.2017.2731971 CrossRefGoogle Scholar
  24. Linux Foundation, 2015. OpenDaylight. https://doi.org/www.opendaylight.org Google Scholar
  25. Liu B, Chen M, Xu B, et al., 2016. An OpenFlow–based performance–oriented multipath forwarding scheme in datacenters. Front Inform Technol Electron Eng, 17(7): 647–660.  https://doi.org/10.1631/FITEE.1601059 Google Scholar
  26. Liu CF, Samarakoon S, Bennis M, et al., 2018. Fronthaulaware software–defined wireless networks: resource allocation and user scheduling. IEEE Trans Wirel Commun, 17(1):533–547.  https://doi.org/10.1109/TWC.2017.2768358 CrossRefGoogle Scholar
  27. Liu ZJ, Li Y, Su L, et al., 2014. TCAM–efficient flow table mapping scheme for OpenFlow multiple–table pipelines. J Tsinghua Univ (Sci Technol), 54(4):437–442 (in Chinese).  https://doi.org/10.16511/j.cnki.qhdxxb.2014.04.009 Google Scholar
  28. McKeown N, Anderson T, Balakrishnan H, et al., 2008. OpenFlow: enabling innovation in campus networks. ACM SIGCOMM Comput Commun Rev, 38(2):69–74.  https://doi.org/10.1145/1355734.1355746 CrossRefGoogle Scholar
  29. Narayana S, Rexford J, Walker D, 2014. Compiling path queries in software–defined networks. 3rd Workshop on Hot Topics in Software Defined Networking, p.181–186.  https://doi.org/10.1145/2620728.2620736 CrossRefGoogle Scholar
  30. Nayak AK, Reimers A, Feamster N, et al., 2009. Resonance: dynamic access control for enterprise networks. 1st ACM Workshop on Research on Enterprise Networking, p.11–18.  https://doi.org/10.1145/1592681.1592684 Google Scholar
  31. Nunes BBA, Mendonca M, Nguyen XN, et al., 2014. A survey of software–defined networking: past, present, and future of programmable networks. IEEE Commun Surv Tutor, 16(3):1617–1634.  https://doi.org/10.1109/SURV.2014.012214.00180 CrossRefGoogle Scholar
  32. Open Networking Foundation, 2012. Software–Defined Networking: the New Norm for Networks. https://doi.org/www.valleytalk.org/wp-content/uploads/2012/05/wp-sdn-newnorm.pdf Google Scholar
  33. Pan H, Guan HT, Liu JJ, et al., 2013. The FlowAdapter: enable flexible multi–table processing on legacy hardware. 2nd ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, p.85–90.  https://doi.org/10.1145/2491185.2491209 CrossRefGoogle Scholar
  34. Porras P, Shin S, Yegneswaran V, et al., 2012. A security enforcement kernel for OpenFlow networks. 1st Workshop on Hot Topics in Software Defined Networks, p.121–126.  https://doi.org/10.1145/2342441.2342466 CrossRefGoogle Scholar
  35. Qazi ZA, Tu CC, Chiang L, et al., 2013. SIMPLE–fying middlebox policy enforcement using SDN. ACM SIGCOMM Comput Commun Rev, 43(4):27–38.  https://doi.org/10.1145/2486001.2486022 CrossRefGoogle Scholar
  36. Reitblatt M, Foster N, Rexford J, et al., 2011. Consistent updates for software–defined networks: change you can believe in! 10th ACM Workshop on Hot Topics in Networks, Article 7.  https://doi.org/10.1145/2070562.2070569 CrossRefGoogle Scholar
  37. Reitblatt M, Foster N, Rexford J, et al., 2012. Abstractions for network update. ACM SIGCOMM Comput Commun Rev, 42(4):323–334.  https://doi.org/10.1145/2377677.2377748 CrossRefGoogle Scholar
  38. Scott–Hayward S, 2015. Design and deployment of secure, robust, and resilient SDN controllers. 1st IEEE Conf on Network Softwarization, p.1–5.  https://doi.org/10.1109/NETSOFT.2015.7258233 CrossRefGoogle Scholar
  39. Scott–Hayward S, O’Callaghan G, Sezer S, 2013. SDN security: a survey. IEEE SDN for Future Networks and Services, p.1–7.  https://doi.org/10.1109/SDN4FNS.2013.6702553 Google Scholar
  40. Sezer S, Scott–Hayward S, Chouhan PK, et al., 2013. Are we ready for SDN? Implementation challenges for softwaredefined networks. IEEE Commun Mag, 51(7):36–43.  https://doi.org/10.1109/MCOM.2013.6553676 CrossRefGoogle Scholar
  41. Shin S, Gu GF, 2012. CloudWatcher: network security monitoring using OpenFlow in dynamic cloud networks. 20th IEEE Int Conf on Network Protocols, p.1–6.  https://doi.org/10.1109/ICNP.2012.6459946 Google Scholar
  42. Shin S, Porras P, Yegneswaran V, et al., 2013. FRESCO: modular composable security services for softwaredefined networks. ISOC Network and Distributed Security Symp, p.1–16.Google Scholar
  43. Tavakoli A, Casado M, Koponen T, et al., 2009. Applying NOX to the datacenter. 8th ACM Workshop on Hot Topics in Networks, p.1–6.Google Scholar
  44. Voellmy A, Kim H, Feamster N, 2012. Procera: a language for high–level reactive network control. 1st Workshop on Hot Topics in Software Defined Networks, p. 43–48.  https://doi.org/10.1109/10.1145/2342441.2342451 CrossRefGoogle Scholar
  45. Wang K, Li JH, Wu J, et al., 2018. QoS–predicted energy efficient routing for information–centric smart grid: a network calculus approach. IEEE Access, 6:52867–52876.  https://doi.org/10.1109/ACCESS.2018.2870929 CrossRefGoogle Scholar
  46. Wang X, Liu Z, Qi YX, et al., 2012. LiveCloud: a lucid orchestrator for cloud datacenters. 4th IEEE Int Conf on Cloud Computing Technology and Science, p.341–348.  https://doi.org/10.1109/CloudCom.2012.6427544 Google Scholar
  47. Wen XT, Chen Y, Hu CC, et al., 2013. Towards a secure controller platform for openflow applications. 2nd ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, p.171–172.  https://doi.org/10.1145/2491185.2491212 CrossRefGoogle Scholar
  48. Wu J, Dong MX, Ota K, et al., 2017. FCSS: fog computing based content–aware filtering for security services in information centric social networks. IEEE Trans Emerg Top Comput, in press.  https://doi.org/10.1109/TETC.2017.2747158 Google Scholar
  49. Wu J, Dong MX, Ota K, et al., 2018a. Big data analysis–based secure cluster management for optimized control plane in software–defined networks. IEEE Trans Netw Serv Manag, 15(1):27–38.  https://doi.org/10.1109/TNSM.2018.2799000 CrossRefGoogle Scholar
  50. Wu J, Luo SB, Wang S, et al., 2018b. NLES: a novel lifetime extension scheme for safety–critical cyber–physical systems using SDN and NFV. IEEE Internet Things J, in press.  https://doi.org/10.1109/JIOT.2018.2870294 Google Scholar
  51. Yang EZ, Zhang LK, Yao Z, et al., 2016. A video conferencing system based on SDN–enabled SVC multicast. Front Inform Technol Electron Eng, 17(7):672–681.  https://doi.org/10.1631/FITEE.1601087 CrossRefGoogle Scholar
  52. Yeganeh SH, Ganjali Y, 2012. Kandoo: a framework for efficient and scalable offloading of control applications. 1st Workshop on Hot Topics in Software Defined Networks, p.19–24.  https://doi.org/10.1145/2342441.2342446 Google Scholar
  53. Yeganeh SH, Tootoonchian A, Ganjali Y, 2013. On scalability of software–defined networking. IEEE Commun Mag, 51(2):136–141.  https://doi.org/10.1109/MCOM.2013.6461198 CrossRefGoogle Scholar
  54. Zhang D, Chang Z, Yu FR, et al., 2016a. A double auction mechanism for virtual resource allocation in SDN–based cellular network. IEEE 27th Annual Int Symp on Personal, Indoor, and Mobile Radio Communications, p.1–6.  https://doi.org/10.1109/PIMRC.2016.7794896 CrossRefGoogle Scholar
  55. Zhang D, Chang Z, Hämäläinen T, 2016b. Reverse combinatorial auction based resource allocation in heterogeneous software defined network with infrastructure sharing. IEEE 83rd Vehicular Technology Conf, p.1–6.  https://doi.org/10.1109/VTCSpring.2016.7504455 CrossRefGoogle Scholar
  56. Zhang D, Chang Z, Hämäläinen T, et al., 2017. Double auction based multi–flow transmission in software–defined and virtualized wireless networks. IEEE Trans Wirel Commun, 16(12):8390–8404.  https://doi.org/10.1109/TWC.2017.2762300 CrossRefGoogle Scholar

Copyright information

© Editorial Office of Journal of Zhejiang University Science and Springer-Verlag GmbH Germany, part of Springer Nature 2018

Authors and Affiliations

  1. 1.Research Center for Modern GovernanceZhejiang University of Science and TechnologyHangzhouChina
  2. 2.School of Electronic Information and Electrical EngineeringShanghai Jiao Tong UniversityShanghaiChina
  3. 3.Information Security Research CenterHarbin Engineering UniversityHarbinChina
  4. 4.Huawei Technologies Co., Ltd.ShanghaiChina

Personalised recommendations