Software Defined Networking:Security Model, Threats and Mechanism
Author:
Affiliation:

Clc Number:

Fund Project:

National Key Basic Research Program (973) (2012CB315905); National Natural Science Foundation of China (61272501, 61402029, 61370190)

  • Article
  • |
  • Figures
  • |
  • Metrics
  • |
  • Reference
  • |
  • Related
  • |
  • Cited by
  • |
  • Materials
  • |
  • Comments
    Abstract:

    Software defined networking(SDN) facilitates rapid and open innovation by decoupling the control plane from the data plane, thus enabling high degree of openness and programmability in network protocols and applications. However, the dynamism of programmable networks also introduces new security challenges, which limit the large-scale application of SDN in many places. This paper presents a comprehensive survey on the security of SDN. First, SDN architecture and the security model of SDN are reviewed. Next, typical security threats and security issues of SDN are summarized and classified from the following two aspects:SDN specific and non-specific threats, and the security issues associated with the SDN framework. Then an in-depth analysis is provided on the latest developments in how to build a secure and dependable SDN from the following six aspects:Building a secure SDN controller or network operating system, the modular composable security services for SDN, DoS/DDoS flooding attack prevention and detection for SDN controllers, conflict resolutions and consistency resolutions for flow rules in SDN, the security of northbound application programming interface(API), and the security of applications in SDN. Finally, a brief analysis of the standardization work on SDN security is provided, along with a discussion on future research trends in building more secured SDN.

    Reference
    Related
    Cited by
Get Citation

王蒙蒙,刘建伟,陈杰,毛剑,毛可飞.软件定义网络:安全模型、机制及研究进展.软件学报,2016,27(4):969-992

Copy
Share
Article Metrics
  • Abstract:
  • PDF:
  • HTML:
  • Cited by:
History
  • Received:May 18,2015
  • Revised:August 17,2015
  • Adopted:
  • Online: January 07,2016
  • Published:
You are the firstVisitors
Copyright: Institute of Software, Chinese Academy of Sciences Beijing ICP No. 05046678-4
Address:4# South Fourth Street, Zhong Guan Cun, Beijing 100190,Postal Code:100190
Phone:010-62562563 Fax:010-62562533 Email:jos@iscas.ac.cn
Technical Support:Beijing Qinyun Technology Development Co., Ltd.

Beijing Public Network Security No. 11040202500063