Litcius/Paper detail

Software‐defined networking security for private data center networks and clouds: Vulnerabilities, attacks, countermeasures, and solutions

Abdallah Mustafa Abdelrahman, Joel J. P. C. Rodrigues, Mukhtar M. E. Mahmoud, Kashif Saleem, Ashok Kumar Das, Valery V. Korotaev, S. A. Kozlov

2020International Journal of Communication Systems45 citationsDOI

Abstract

Summary Software‐defined networking (SDN) is an agile, modern networking approach that facilitates innovations in the networking paradigm. The abstracted and centralized network operating system facilitates the network management and reduces operational expenditure (OPEX). The open nature and simplicity of the data‐forwarding plane dramatically reduces capital expenditure (CAPEX) by leveraging commodity servers and switches. SDN also lends itself very well to address major cloud computing issues and complement cloud services, especially in terms of network virtualization and networking as a service (NaaS). As a new technology, SDN does involve certain security challenges, which include distributed denial of service (DDoS) threats, build and run time injected malware, insider (tenant) attacks, and security holes resulting from controller misconfigurations. These are severe threats that can cripple an entire network. It is crucial to address the SDN vulnerabilities to ensure its successful deployment in private data center networks, on cloud platforms and beyond. Some security solutions leverage the built‐in features of SDN, such as its controller software component, while other solutions provide external SDN applications running above the controller. This study reviews the security solutions for the vulnerabilities of state‐of‐the‐art SDN controllers and the available countermeasures. Furthermore, an in‐depth analysis of the SDN features that support security is presented, and some unresolved research issues on SDN controllers are identified.

Topics & Concepts

Computer scienceSoftware-defined networkingCloud computingComputer securityDenial-of-service attackCloud computing securityComputer networkData centerNetworking hardwareNetwork securityOpenFlowOperating systemThe InternetSoftware-Defined Networks and 5GNetwork Security and Intrusion DetectionCaching and Content Delivery
Software‐defined networking security for private data center networks and clouds: Vulnerabilities, attacks, countermeasures, and solutions | Litcius