Novel architectures and security solutions of programmable software-defined networking: a comprehensive survey

  • Shen Wang
  • Jun WuEmail author
  • Wu Yang
  • Long-hua Guo


Nowadays, cyberspace has become a vital part of social infrastructure. With the rapid development of the scale of networks, applications and services have become enriched, and the bearing function of the underlying network devices (such as switches and routers) has also been extended. To promote the dynamics architecture, high-level security, and high quality of service of the network, control network architecture forward separation is a development trend of the networking technology. Currently, software-defined networking (SDN) is one of the most popular and promising technologies. In SDN, high-level strategies are deployed by the proprietary equipment, which is used to guide the data forwarding of the network equipment. This can reduce many complicated functions of the network equipment and improve the flexibility and operability of the implementation and deployment of new network technologies and protocols. However, this novel networking technology faces novel challenges in term of architecture and security. The aim of this study is to offer a comprehensive review of the state-of-the-art research on novel advances of programmable SDN, and to highlight what has been investigated and what remains to be addressed, particularly, in terms of architecture and security.

Key words

Software-defined networking (SDN) Security Programmable 

CLC number



Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. Ali ST, Sivaraman V, Radford A, et al., 2015. A survey of securing networks using software defined networking. IEEE Trans Reliab, 64(3):1086–1097. CrossRefGoogle Scholar
  2. Benton K, Camp LJ, Small C, 2013. OpenFlow vulnerability assessment. 2nd ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, p.151–152. CrossRefGoogle Scholar
  3. Botelho F, Bessani A, Ramos FMV, et al., 2014. On the design of practical fault–tolerant SDN controllers. 3rd European Workshop on Software Defined Networks, p.73–78. CrossRefGoogle Scholar
  4. Braga R, Mota E, Passito A, 2010. Lightweight DDoS flooding attack detection using NOX/OpenFlow. IEEE Local Computer Network Conf, p.408–415. CrossRefGoogle Scholar
  5. Casado M, Freedman MJ, Pettit J, et al., 2007. Ethane: taking control of the enterprise. Conf on Applications, Technologies, Architectures, and Protocols for Computer Communications, p.1–12. Google Scholar
  6. Cheng YN, Dong C, Chu LW, et al., 2015. Design and implementation of software–defined networking based firewall system. Comput Appl Softw, 32(1):286–288, 312 (in Chinese). Google Scholar
  7. David K, Berndt H, 2018. 6G vision and requirements: is there any need for beyond 5G? IEEE Veh Technol Mag, 13(3): 72–80. Google Scholar
  8. European Telecommunications Standards Institute, 2012. Network Functions Virtualisation. Google Scholar
  9. Fayazbakhsh SK, Sekar V, Yu ML, et al., 2013. FlowTags: enforcing network–wide policies in the presence of dynamic middlebox actions. 2nd ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, p.19–24. CrossRefGoogle Scholar
  10. Feng MJ, Mao SW, Jiang T, 2016. Enhancing the performance of future wireless networks with software–defined networking. Front Inform Technol Electron Eng, 17(7):606–619. CrossRefGoogle Scholar
  11. Gelberger A, Yemini N, Giladi R, 2013. Performance analysis of software–defined networking (SDN). IEEE 21st Int Symp on Modelling, Analysis and Simulation of Computer and Telecommunication Systems, p.389–393. CrossRefGoogle Scholar
  12. Greenberg A, Hjalmtysson G, Maltz DA, et al., 2005. A clean slate 4D approach to network control and management. ACM SIGCOMM Comput Commun Rev, 35(5):41–54. CrossRefGoogle Scholar
  13. Guan ZT, Zhang Y, Wu LF, et al., 2019. APPA: an anonymous and privacy preserving data aggregation scheme for fog–enhanced IoT. J Netw Comput Appl, 125:82–92. CrossRefGoogle Scholar
  14. Gude N, Koponen T, Pettit J, et al., 2008. NOX: towards an operating system for networks. ACM SIGCOMM Comput Commun Rev, 38(3):105–110. CrossRefGoogle Scholar
  15. Handigol N, Heller B, Jeyakumar V, et al., 2012. Where is the debugger for my software–defined network? 1st Workshop on Hot Topics in Software Defined Networks, p.55–60. CrossRefGoogle Scholar
  16. Hata H, 2013. A study of requirements for SDN switch platform. Int Symp on Intelligent Signal Processing and Communication Systems, p.79–84. CrossRefGoogle Scholar
  17. Heller B, Sherwood R, McKeown N, 2012. The controller placement problem. 1st Workshop on Hot Topics in Software Defined Networks, p.7–12. Google Scholar
  18. Hu ZY, Wang MW, Yan XQ, et al., 2015. A comprehensive security architecture for SDN. 18th Int Conf on Intelligence in Next Generation Networks, p.30–37. CrossRefGoogle Scholar
  19. Jafarian JH, Al–Shaer E, Duan Q, 2012. OpenFlow random host mutation: transparent moving target defense using software defined networking. 1st Workshop on Hot Topics in Software Defined Networks, p.127–132. CrossRefGoogle Scholar
  20. Keller E, Ghorbani S, Caesar M, et al., 2012. Live migration of an entire network (and its hosts). 11th ACM Workshop on Hot Topics in Networks, p.109–114. CrossRefGoogle Scholar
  21. Kim H, Feamster N, 2013. Improving network management with software defined networking. IEEE Commun Mag, 51(2):114–119. CrossRefGoogle Scholar
  22. Kreutz D, Ramos FMV, Verissimo P, 2013. Towards secure and dependable software–defined networks. 2nd ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, p.55–60. CrossRefGoogle Scholar
  23. Li GL, Wu J, Li JH, et al., 2017. Battery status sensing software–defined multicast for V2G regulation in smart grid. IEEE Sens J, 17(23):7838–7848. CrossRefGoogle Scholar
  24. Linux Foundation, 2015. OpenDaylight. Google Scholar
  25. Liu B, Chen M, Xu B, et al., 2016. An OpenFlow–based performance–oriented multipath forwarding scheme in datacenters. Front Inform Technol Electron Eng, 17(7): 647–660. Google Scholar
  26. Liu CF, Samarakoon S, Bennis M, et al., 2018. Fronthaulaware software–defined wireless networks: resource allocation and user scheduling. IEEE Trans Wirel Commun, 17(1):533–547. CrossRefGoogle Scholar
  27. Liu ZJ, Li Y, Su L, et al., 2014. TCAM–efficient flow table mapping scheme for OpenFlow multiple–table pipelines. J Tsinghua Univ (Sci Technol), 54(4):437–442 (in Chinese). Google Scholar
  28. McKeown N, Anderson T, Balakrishnan H, et al., 2008. OpenFlow: enabling innovation in campus networks. ACM SIGCOMM Comput Commun Rev, 38(2):69–74. CrossRefGoogle Scholar
  29. Narayana S, Rexford J, Walker D, 2014. Compiling path queries in software–defined networks. 3rd Workshop on Hot Topics in Software Defined Networking, p.181–186. CrossRefGoogle Scholar
  30. Nayak AK, Reimers A, Feamster N, et al., 2009. Resonance: dynamic access control for enterprise networks. 1st ACM Workshop on Research on Enterprise Networking, p.11–18. Google Scholar
  31. Nunes BBA, Mendonca M, Nguyen XN, et al., 2014. A survey of software–defined networking: past, present, and future of programmable networks. IEEE Commun Surv Tutor, 16(3):1617–1634. CrossRefGoogle Scholar
  32. Open Networking Foundation, 2012. Software–Defined Networking: the New Norm for Networks. Google Scholar
  33. Pan H, Guan HT, Liu JJ, et al., 2013. The FlowAdapter: enable flexible multi–table processing on legacy hardware. 2nd ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, p.85–90. CrossRefGoogle Scholar
  34. Porras P, Shin S, Yegneswaran V, et al., 2012. A security enforcement kernel for OpenFlow networks. 1st Workshop on Hot Topics in Software Defined Networks, p.121–126. CrossRefGoogle Scholar
  35. Qazi ZA, Tu CC, Chiang L, et al., 2013. SIMPLE–fying middlebox policy enforcement using SDN. ACM SIGCOMM Comput Commun Rev, 43(4):27–38. CrossRefGoogle Scholar
  36. Reitblatt M, Foster N, Rexford J, et al., 2011. Consistent updates for software–defined networks: change you can believe in! 10th ACM Workshop on Hot Topics in Networks, Article 7. CrossRefGoogle Scholar
  37. Reitblatt M, Foster N, Rexford J, et al., 2012. Abstractions for network update. ACM SIGCOMM Comput Commun Rev, 42(4):323–334. CrossRefGoogle Scholar
  38. Scott–Hayward S, 2015. Design and deployment of secure, robust, and resilient SDN controllers. 1st IEEE Conf on Network Softwarization, p.1–5. CrossRefGoogle Scholar
  39. Scott–Hayward S, O’Callaghan G, Sezer S, 2013. SDN security: a survey. IEEE SDN for Future Networks and Services, p.1–7. Google Scholar
  40. Sezer S, Scott–Hayward S, Chouhan PK, et al., 2013. Are we ready for SDN? Implementation challenges for softwaredefined networks. IEEE Commun Mag, 51(7):36–43. CrossRefGoogle Scholar
  41. Shin S, Gu GF, 2012. CloudWatcher: network security monitoring using OpenFlow in dynamic cloud networks. 20th IEEE Int Conf on Network Protocols, p.1–6. Google Scholar
  42. Shin S, Porras P, Yegneswaran V, et al., 2013. FRESCO: modular composable security services for softwaredefined networks. ISOC Network and Distributed Security Symp, p.1–16.Google Scholar
  43. Tavakoli A, Casado M, Koponen T, et al., 2009. Applying NOX to the datacenter. 8th ACM Workshop on Hot Topics in Networks, p.1–6.Google Scholar
  44. Voellmy A, Kim H, Feamster N, 2012. Procera: a language for high–level reactive network control. 1st Workshop on Hot Topics in Software Defined Networks, p. 43–48. CrossRefGoogle Scholar
  45. Wang K, Li JH, Wu J, et al., 2018. QoS–predicted energy efficient routing for information–centric smart grid: a network calculus approach. IEEE Access, 6:52867–52876. CrossRefGoogle Scholar
  46. Wang X, Liu Z, Qi YX, et al., 2012. LiveCloud: a lucid orchestrator for cloud datacenters. 4th IEEE Int Conf on Cloud Computing Technology and Science, p.341–348. Google Scholar
  47. Wen XT, Chen Y, Hu CC, et al., 2013. Towards a secure controller platform for openflow applications. 2nd ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, p.171–172. CrossRefGoogle Scholar
  48. Wu J, Dong MX, Ota K, et al., 2017. FCSS: fog computing based content–aware filtering for security services in information centric social networks. IEEE Trans Emerg Top Comput, in press. Google Scholar
  49. Wu J, Dong MX, Ota K, et al., 2018a. Big data analysis–based secure cluster management for optimized control plane in software–defined networks. IEEE Trans Netw Serv Manag, 15(1):27–38. CrossRefGoogle Scholar
  50. Wu J, Luo SB, Wang S, et al., 2018b. NLES: a novel lifetime extension scheme for safety–critical cyber–physical systems using SDN and NFV. IEEE Internet Things J, in press. Google Scholar
  51. Yang EZ, Zhang LK, Yao Z, et al., 2016. A video conferencing system based on SDN–enabled SVC multicast. Front Inform Technol Electron Eng, 17(7):672–681. CrossRefGoogle Scholar
  52. Yeganeh SH, Ganjali Y, 2012. Kandoo: a framework for efficient and scalable offloading of control applications. 1st Workshop on Hot Topics in Software Defined Networks, p.19–24. Google Scholar
  53. Yeganeh SH, Tootoonchian A, Ganjali Y, 2013. On scalability of software–defined networking. IEEE Commun Mag, 51(2):136–141. CrossRefGoogle Scholar
  54. Zhang D, Chang Z, Yu FR, et al., 2016a. A double auction mechanism for virtual resource allocation in SDN–based cellular network. IEEE 27th Annual Int Symp on Personal, Indoor, and Mobile Radio Communications, p.1–6. CrossRefGoogle Scholar
  55. Zhang D, Chang Z, Hämäläinen T, 2016b. Reverse combinatorial auction based resource allocation in heterogeneous software defined network with infrastructure sharing. IEEE 83rd Vehicular Technology Conf, p.1–6. CrossRefGoogle Scholar
  56. Zhang D, Chang Z, Hämäläinen T, et al., 2017. Double auction based multi–flow transmission in software–defined and virtualized wireless networks. IEEE Trans Wirel Commun, 16(12):8390–8404. CrossRefGoogle Scholar

Copyright information

© Editorial Office of Journal of Zhejiang University Science and Springer-Verlag GmbH Germany, part of Springer Nature 2018

Authors and Affiliations

  1. 1.Research Center for Modern GovernanceZhejiang University of Science and TechnologyHangzhouChina
  2. 2.School of Electronic Information and Electrical EngineeringShanghai Jiao Tong UniversityShanghaiChina
  3. 3.Information Security Research CenterHarbin Engineering UniversityHarbinChina
  4. 4.Huawei Technologies Co., Ltd.ShanghaiChina

Personalised recommendations