On the (in)Security of the Control Plane of SDN Architecture: A Survey

Zaheed Ahmed Bhuiyan; Salekul Islam; Md. Motaharul Islam; A. B. M. Ahasan Ullah; Farha Naz; Mohammad Shahriar Rahman

doi:10.1109/ACCESS.2023.3307467

IEEE Access (Jan 2023)

On the (in)Security of the Control Plane of SDN Architecture: A Survey

Zaheed Ahmed Bhuiyan,
Salekul Islam,
Md. Motaharul Islam,
A. B. M. Ahasan Ullah,
Farha Naz,
Mohammad Shahriar Rahman

Affiliations

Zaheed Ahmed Bhuiyan: ORCiD; Department of Computer Science and Engineering, United International University, Badda, Dhaka, Bangladesh
Salekul Islam: ORCiD; Department of Computer Science and Engineering, United International University, Badda, Dhaka, Bangladesh
Md. Motaharul Islam: ORCiD; Department of Computer Science and Engineering, United International University, Badda, Dhaka, Bangladesh
A. B. M. Ahasan Ullah: ORCiD; Department of Computer Science and Engineering, United International University, Badda, Dhaka, Bangladesh
Farha Naz: Department of Computer Science and Engineering, United International University, Badda, Dhaka, Bangladesh
Mohammad Shahriar Rahman: ORCiD; Department of Computer Science and Engineering, United International University, Badda, Dhaka, Bangladesh

DOI: https://doi.org/10.1109/ACCESS.2023.3307467
Journal volume & issue: Vol. 11
pp. 91550 – 91582

Abstract

Read online

Software-Defined Networking (SDN) has revolutionized the networking landscape by offering programmable control and optimization of network resources. However, SDN architecture’s inherent flexibility and centralized control expose it to new security risks. In this paper, we have presented a comprehensive study focused on the security implications associated with the control plane of SDN, which serves as a critical layer responsible for its network orchestration. We have addressed some pressing security concerns in SDN deployments by examining control plane vulnerabilities and explicit attacks. Through extensive analysis, we have investigated various control plane attacks. By meticulously exploring each attack vector, we have shed light on its mechanisms, potential impact and countermeasures. Furthermore, we have emphasized the interdependencies between the control plane, application plane, and data plane, highlighting how compromises in the control plane can propagate and impact the entire network infrastructure. Our research contributes to a deeper understanding of the specific vulnerabilities within SDN, focusing on the control plane as the primary target. By providing insights into the security landscape of SDN, network administrators, researchers, and security practitioners can develop proactive defense strategies and fortify the security posture of SDN deployments. We have underscored the importance of integrating robust security mechanisms to safeguard the control plane and maintain the overall security of SDN architectures. Our comprehensive analysis of control plane attacks in SDN elucidates the evolving security challenges posed by the programmability and centralization of network control. By addressing these vulnerabilities, we have tried to pave the way for future researchers to develop effective security solutions and ensure SDN networks’ resilience and integrity.

Published in IEEE Access

ISSN: 2169-3536 (Online)
Publisher: IEEE
Country of publisher: United States
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering
Website: https://ieeexplore.ieee.org/xpl/RecentIssue.jsp?punumber=6287639

About the journal

Abstract

Keywords