Abstract
With the growth in the use of information technology, there is a huge increase in traffic flowing through networks due to the large number of connected devices and modern internet applications, such as social networking and sharing of documents. Network administrators must manage a wide range of data formats, service types and devices, which is difficult with traditional network management tools that were not designed to cope with scalable topologies at very high speeds large scale. The concept of Software Defined Networking (SDN) is the solution to meet the needs of users of these network services and applications. This approach centralizes and simplifies network management, allowing administrators to orchestrate and automate it through a central software control interface without physically accessing hardware components. As SDN technology gains traction and more internet providers and data center administrators gradually adopt it, there is growing interest in the security issues that may arise with regard to its deployment in production. In this chapter, we present a comprehensive review of the SDN technology includes the architecture, applications, benefits and the programmable networks. In addition, we discuss the security issues of this technology.
Keywords
- SDN
- OpenFlow
- Security
- DoS
- IDS
This is a preview of subscription content, access via your institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
A. Shaghaghi, M.A. Kaafar, R. Buyya, S. Jha, Software-defined network (SDN) data plane security: issues, solutions, and future directions. Handb. Comput. Netw. Cyber Secur. 341–387 (2020)
S.K. Tayyaba, M.A. Shah, O.A. Khan, A.W. Ahmed, Software defined network (sdn) based internet of things (iot) a road ahead, in The International Conference on Future Networks and Distributed Systems (ACM, 2017), pp. 1–8
A. Prajapati, A. Sakadasariya, J. Patel, (2018, January). Software defined network: Future of networking, in 2018 2nd International Conference on Inventive Systems and Control (ICISC), IEEE, (2018), pp. 1351–1354
A. Voellmy, J. Wang, Scalable software defined network controllers, in ACM SIGCOMM 2012 conference on Applications, technologies, architectures, and protocols for computer communication (ACM, 2012), pp. 289–290
Y. Li, M. Chen, Software-defined network function virtualization: a survey. IEEE Access 3, 2542–2553 (2015)
M. Yang, Y. Li, D. Jin, L. Zeng, X. Wu, A.V. Vasilakos, Software-defined and virtualized future mobile and wireless networks: a survey. Mob. Netw. Appl. 20(1), 4–18 (2015)
J. Matias, J. Garay, N. Toledo, J. Unzilla, E. Jacob, Toward an SDN-enabled NFV architecture. IEEE Commun. Mag. 53(4), 187–193 (2015)
M. Ojo, D. Adami, S. Giordano, A SDN-IoT architecture with NFV implementation, in 2016 IEEE Globecom Workshops (GC Wkshps) (IEEE, 2016), pp. 1–6
V.G. Nguyen, A. Brunstrom, K.J. Grinnemo, J. Taheri, SDN/NFV-based mobile packet core network architectures: a survey. IEEE Commun. Surv. Tutor. 19(3), 1567–1602 (2017)
M.S. Bonfim, K.L. Dias, S.F. Fernandes, Integrated NFV/SDN architectures: a systematic literature review. ACM Comput. Surv. (CSUR) 51(6), 1–39 (2019)
O. Flauzac, C. González, A. Hachani, F. Nolot, SDN based architecture for IoT and improvement of the security, in 2015 IEEE 29th international conference on advanced information networking and applications workshops (IEEE, 2015), pp. 688–693
Q. Waseem, S.S. Alshamrani, K. Nisar, W.I.S. Wan Din, A.S. Alghamdi, Future technology: software-defined network (SDN) forensic. Symmetry 13(5), 767 (2021)
S. Seeber, L. Stiemert, G.D. Rodosek, Towards an SDN-enabled IDS environment, in 2015 IEEE Conference on Communications and Network Security (CNS) (IEEE, 2015), pp. 751–752
S. Scott-Hayward, G.O'Callaghan, S. Sezer, SDN security: a survey, in 2013 IEEE SDN For Future Networks and Services (SDN4FNS) (IEEE, 2013), pp. 1–7
J.C.C. Chica, J.C. Imbachi, J.F.B. Vega, Security in SDN: a comprehensive survey. J. Netw. Comput. Appl. 159, 102595 (2020)
M.H. Khairi, S.H. Ariffin, N.A. Latiff, A.S. Abdullah, M.K. Hassan, A review of anomaly detection techniques and distributed denial of service (DDoS) on software defined network (SDN). Eng. Technol. Appl. Sci. Res. 8(2), 2724–2730 (2018)
L. Wei, C. Fung, FlowRanger: a request prioritizing algorithm for controller DoS attacks in Software Defined Networks, in 2015 IEEE International Conference on Communications (ICC) (IEEE 2015), pp. 5254–5259
N.N. Dao, J. Park, M. Park, S. Cho, A feasible method to combat against DDoS attack in SDN network, in International Conference on Information Networking (ICOIN) (IEEE, 2015), pp. 309–311
H. Wang, L. Xu, G. Gu, Floodguard: a dos attack prevention extension in software-defined networks, in 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (IEEE, 2015), pp. 239–250
R. Sahay, G. Blanc, Z. Zhang, H. Debar, Towards autonomic DDoS mitigation using software defined networking, in SENT 2015: NDSS Workshop on Security of Emerging Networking Technologies (Internet society, 2015)
S. Shin, V. Yegneswaran, P. Porras, G. Gu, Avant-guard: Scalable and vigilant switch flow management in software-defined networks, in The 2013 ACM SIGSAC Conference on Computer and Communications Security (ACM, 2013), pp. 413–424
R. Mohammadi, R. Javidan, M. Conti, SLICOTS: an SDN-based lightweight countermeasure for TCP SYN flooding attacks. IEEE Trans. Netw. Serv. Manage. 14(2), 487–497 (2017)
K. Giotis, C. Argyropoulos, G. Androulidakis, D. Kalogeras, V. Maglaris, Combining OpenFlow and sFlow for an effective and scalable anomaly detection and mitigation mechanism on SDN environments. Comput. Netw. 62, 122–136 (2014)
M. Lopez, U. Figueiredo, A. Lobato, O.C. Duarte, Broflow: Um sistema eficiente de detecção e prevenção de intrusão em redes definidas por software, in Anais do XIII Workshop em Desempenho de Sistemas Computacionaise de Comunicação (SBC, 2014), pp. 108–121
T. Chin, X. Mountrouidou, X. Li, K. Xiong, Selective packet inspection to detect DoS flooding using software defined networking (SDN), in 2015 IEEE 35th International Conference on Distributed Computing Systems Workshops (IEEE, 2015), pp. 95–99
T. Xing, D. Huang, L. Xu, C.J. Chung, P. Khatkar, Snortflow: a openflow-based intrusion prevention system in cloud environment, in Second GENI Research and Educational Experiment Workshop (IEEE, 2013), pp. 89–92
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this chapter
Cite this chapter
Chouikik, M., Ouaissa, M., Ouaissa, M., Boulouard, Z., Kissi, M. (2022). Software-Defined Networking Security: A Comprehensive Review. In: Ouaissa, M., Boulouard, Z., Ouaissa, M., Khan, I.U., Kaosar, M. (eds) Big Data Analytics and Computational Intelligence for Cybersecurity. Studies in Big Data, vol 111. Springer, Cham. https://doi.org/10.1007/978-3-031-05752-6_6
Download citation
DOI: https://doi.org/10.1007/978-3-031-05752-6_6
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-05751-9
Online ISBN: 978-3-031-05752-6
eBook Packages: Computer ScienceComputer Science (R0)