IEEE Access (Jan 2023)

On the (in)Security of the Control Plane of SDN Architecture: A Survey

  • Zaheed Ahmed Bhuiyan,
  • Salekul Islam,
  • Md. Motaharul Islam,
  • A. B. M. Ahasan Ullah,
  • Farha Naz,
  • Mohammad Shahriar Rahman

DOI
https://doi.org/10.1109/ACCESS.2023.3307467
Journal volume & issue
Vol. 11
pp. 91550 – 91582

Abstract

Read online

Software-Defined Networking (SDN) has revolutionized the networking landscape by offering programmable control and optimization of network resources. However, SDN architecture’s inherent flexibility and centralized control expose it to new security risks. In this paper, we have presented a comprehensive study focused on the security implications associated with the control plane of SDN, which serves as a critical layer responsible for its network orchestration. We have addressed some pressing security concerns in SDN deployments by examining control plane vulnerabilities and explicit attacks. Through extensive analysis, we have investigated various control plane attacks. By meticulously exploring each attack vector, we have shed light on its mechanisms, potential impact and countermeasures. Furthermore, we have emphasized the interdependencies between the control plane, application plane, and data plane, highlighting how compromises in the control plane can propagate and impact the entire network infrastructure. Our research contributes to a deeper understanding of the specific vulnerabilities within SDN, focusing on the control plane as the primary target. By providing insights into the security landscape of SDN, network administrators, researchers, and security practitioners can develop proactive defense strategies and fortify the security posture of SDN deployments. We have underscored the importance of integrating robust security mechanisms to safeguard the control plane and maintain the overall security of SDN architectures. Our comprehensive analysis of control plane attacks in SDN elucidates the evolving security challenges posed by the programmability and centralization of network control. By addressing these vulnerabilities, we have tried to pave the way for future researchers to develop effective security solutions and ensure SDN networks’ resilience and integrity.

Keywords