Research on Security issues of OpenFlow based Software Defined Network (SDN)

Abstract

Software defined networking (SDN) is a new type of network architecture characterized by decoupling the control plane and data plane of the network, and placing the control operating system in a centralized location to manage underlying hardware functions. Due to the openness of SDN and its standardized application program interfaces, researchers are able to design and implement new network functions and protocols in a simpler and more flexible manner, which helps SDN achieve a global view of the underlying topology and enables the control plane to dynamically modify network functions and abstract from hardware issues. Among them, OpenFlow is currently the most deployed protocol in SDN, providing communication between controllers and switches. The characteristics of programmable networks also bring new challenges to the implementation of security in SDN. For example, scanning attacks, spoofing attacks, denial of service attacks, and other potential new security challenges. In recent years, a large amount of research has been conducted on the security vulnerabilities and threats faced by SDN architecture based on OpenFlow protocol, with literature distributed in many places and composed of works with different styles. In this thesis, we conducted a systematic literature review on the field. Through paper retrieval systems such as IEEE Xplore and Sciencedirect, we conducted quantitative and qualitative analysis on the dataset of search results. At the same time, we proposed a summary of the literature contributions of several research questions to key issues and identified gaps that still exist. From these analyses, we call for action to address the main open challenges.

Software defined networking (SDN) is a new type of network architecture characterized by decoupling the control plane and data plane of the network, and placing the control operating system in a centralized location to manage underlying hardware functions. Due to the openness of SDN and its standardized application program interfaces, researchers are able to design and implement new network functions and protocols in a simpler and more flexible manner, which helps SDN achieve a global view of the underlying topology and enables the control plane to dynamically modify network functions and abstract from hardware issues. Among them, OpenFlow is currently the most deployed protocol in SDN, providing communication between controllers and switches. The characteristics of programmable networks also bring new challenges to the implementation of security in SDN. For example, scanning attacks, spoofing attacks, denial of service attacks, and other potential new security challenges. In recent years, a large amount of research has been conducted on the security vulnerabilities and threats faced by SDN architecture based on OpenFlow protocol, with literature distributed in many places and composed of works with different styles. In this thesis, we conducted a systematic literature review on the field. Through paper retrieval systems such as IEEE Xplore and Sciencedirect, we conducted quantitative and qualitative analysis on the dataset of search results. At the same time, we proposed a summary of the literature contributions of several research questions to key issues and identified gaps that still exist. From these analyses, we call for action to address the main open challenges.