Deakin University
Browse

File(s) under permanent embargo

Software-Defined Network (SDN) Data Plane Security: Issues, Solutions, and Future Directions

chapter
posted on 2020-01-01, 00:00 authored by Arash Shaghaghi, Mohamed Ali Kaafar, Rajkumar Buyya, Sanjay Jha
Software-defined network (SDN) radically changes the network architecture by decoupling the network logic from the underlying forwarding devices. This architectural change rejuvenates the network-layer granting centralized management and reprogrammability of the networks. From a security perspective, SDN separates security concerns into control and data plane, and this architectural recomposition brings up exciting opportunities and challenges. The overall perception is that SDN capabilities will ultimately result in improved security. However, in its raw form, SDN could potentially make networks more vulnerable to attacks and harder to protect. In this paper, we provide a comprehensive review of SDN security domain while focusing on its data plane, which is one of the least explored but most critical aspects in securing this technology. We review the most recent enhancements in SDNs, identify the main vulnerabilities of SDNs, and provide a novel attack taxonomy for SDNs. Thereafter, we provide a comprehensive analysis of challenges involved in protecting SDN data plane and control plane and provide an in-depth look into available solutions with respect to the identified threats and identify their limitations. To highlight the importance of securing the SDN platform, we also review the numerous security services built on top of this technology. We conclude the paper by offering future research directions.

History

Chapter number

14

Pagination

341-387

ISBN-13

9783030222772

ISBN-10

3030222772

Language

eng

Publication classification

B1.1 Book chapter

Extent

39

Editor/Contributor(s)

Gupta B, Perez G, Agrawal D, Gupta D

Publisher

Springer

Place of publication

Cham, Switzerland

Title of book

Handbook of computer networks and cyber security : principles and paradigms

Usage metrics

    Research Publications

    Categories

    No categories selected

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC