Information and Communications Technology and Policy ›› 2023, Vol. 49 ›› Issue (2): 35-42.doi: 10.12267/j.issn.2096-5931.2023.02.006
Previous Articles Next Articles
ZHANG Jian, CAO Heng, WANG Zhe
Received:
2022-12-22
Online:
2023-02-25
Published:
2023-03-20
CLC Number:
ZHANG Jian, CAO Heng, WANG Zhe. Research on the security of software defined network architecture[J]. Information and Communications Technology and Policy, 2023, 49(2): 35-42.
[1] | Stanford University. Clean slate program[R], 2006. |
[2] | MCKEOWN N. Software-Defined metworking[C]. In Proc. of the INFOCOM Key Note, 2009. |
[3] | Software-Defined Networking (SDN) definition-open networking foundation[R], 2018. |
[4] | ALHAZMI A, SHAMI, REFAEY A. Optimized provisioning of SDN enabled virtual networks in geo-distributed cloud computing datacenters[J]. Commun. Netw, 2017, 19(4): 402-415. |
[5] | MARíA B, JIMéNEZ F, JORGE E, et al. A Survey of the main security issues and solutions for the SDN architecture[J]. IEEE Access, 2021(9):122016-122038. |
[6] | RAHOUTI M, XIONG K, XIN Y, et al. SDN security review: threat taxonomy, implications, and open challenges[J]. IEEE Access, 2022(10):45820-45854. |
[7] | MUBARAKALI A, ALQAHTANI A S. A survey: security threats and countermeasures in software defined networking[C]. IEEE 2nd International Con. on Information and Computer Technologies, 2019:180-185. |
[8] | VAUGHAN-NICHOLS S. OpenFlow: the next generation of the network[J]. Computer, 2011, 44(8): 13-15. |
[9] | FEAMSTER N, REXFORD J, ZEGURA E. The road to SDN: an intellectual history of programmable networks[J]. ACM Comput, Commun, 2014, 44(2): 87-98. |
[10] | DING A, CROWCROFT J, TARKOMA S, et al. Software defined networking for security enhancement in wireless mobile networks[J]. Computer Networks, 2014(66): 94-101. |
[11] | SCOTT-HAYWARD S, O’CALLAGHAN G. SDN security: a survey[C]. in Proc. SDN4FNS Workshop Softw. Defined Netw. Future Netw. Services, 2013:1-7. |
[12] | ON Foundation. SDN architecture[R], 2014. |
[13] | Danping A, Pourzandi M, Scott-Hayward S, et al. Threat analysis for the SDN architecture[R], 2018. |
[14] | LIU Y, ZHAO B, ZHAO P, et al. A survey: typical security issues of software-defined networking[J]. China Communications, 2019, 16(7):13-31. |
[15] | NAGARATHNA R, SHALINIE S. SLAMHHA: a supervised learning approach to mitigate host location hijacking attack on SDN controllers[C]// in Proc. 4th Int. Conf. Signal Process.,Commun. Netw, 2017: 1-7. |
[16] | SMYTH D, MCSWEENEY S, O’SHEA D, et al. Detecting link fabrication attacks in software-defined networks[C]// in Proc. 26th Int. Conf. Comput. Commun. Netw. (ICCCN), 2017: 1-8. |
[17] | BROOKS M, YANG B. A man-in-the-middle attack against OpenDay light SDN controller[C]// in Proc. 4th Annu. ACM Conf. Res. Inf. Technol., 2015:45-49. |
[18] | JERO S, KOCH W, SKOWYRA R, et al. Identifier binding attacks and defenses in software-defined networks[C]// in Proc. of 26th USENIX Security Symposium, 2017: 415-432. |
[19] | MARIN E, BUCCIOL N, CONTI M. An in-depth look into SDN topology discovery mechanisms: novel attacks and practical countermeasures[C]// in Proc. ACM SIGSAC Conf. Comput. Commun. Secur., 2019: 1101-1114. |
[20] | PRADHAN A, MATHEW R. Solutions to vulnerabilities and threats in software defined networking (SDN)[C]// in Proc. Comput. Sci., 2020(171): 2581-2589. |
[21] | SALLAM A, REFAEY A, SHAMI A. On the security of SDN: a completed secure and scalable framework using the software-defined perimeter[J]. IEEE Access, 2019(7): 146577-146587. |
[22] | WANG M, LIU J, Chen J, et al. Perm-guard: authenticating the validity of flow rules in software defined networking[J]. Signal Process. Syst., 2017, 86(2-3): 157-173. |
[23] |
XIA J, CAI Z, HU G, et al. An active defense solution for ARP spoofing in OpenFlow network[J]. Chin. J. Electron., 2019, 28(1): 172-178.
doi: 10.1049/cje.v28.1 URL |
[24] | CAO J, LI Q, XIE R, et al. The crosspath attack: disrupting the SDN control channel via shared links[C]. Proc. 28th USENIX Secur. Symp., 2019:19-36. |
[25] | THIMMARAJU K, SCHIFF L, SCHMID S. Outsmarting network security with SDN teleportation[C]// IEEE Eur. Symp. Secur. Privacy, 2017: 563-578. |
[26] | KLOTI R. OpenFlow: a security analysis[D]. M.S. thesis, Dept. Inf. Tech. Elec. Eng., Swiss Fed. Inst. Technol.Zurich (ETH), Zurich, Switzerland, 2013. |
[27] | SKOWYRA P, XU L, GU G, et al. Effective topology tampering attacks and defenses in software-defined networks[C]// in 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, 2018: 374-385. |
[28] | HONG S, XU L, WANG H, et al. Poisoning network visibility in software-defined networks: new attacks and countermeasures[C]// in Proc. Netw. Distrib. Syst. Secur. Symp. (NDSS), 2015(15):8-11. |
[29] | MAITY P, SAXENA S, SRIVASTAVA S, et al. An effective probabilistic technique for DDoS detection in OpenFlow controller[J]. IEEE Syetems Journal, 2022, 16(1):1345-1354. |
[30] |
CAO Y, JIANG H, DENG Y, et al. Detecting and mitigating DDoS attacks in SDN using spatial-temporal graph convolutional network[J]. IEEE Transactions on Dependable and Secure Computing, 2022, 19(6):3855-3872.
doi: 10.1109/TDSC.2021.3108782 URL |
[31] | Feb. Security-Enhanced Floodlight[R], 2022. |
[32] | Feb. Floodlight Controller[R], 2022. |
[33] | FERNANDEZ M. Comparing OpenFlow controller paradigms scalability: Reactive and proactive[C]// in Proc. IEEE 27th Int. Conf. Adv. Inf. Netw.Appl., pp. 1009-1016, Mar. 2013. |
[34] | Al-SHAER E, Al-HAJ S. FlowChecker: configuration analysis and verification of federated openflow infrastructures[C]// in Proc. 3rd ACM Workshop Assurable Usable Secur. Configuration, 2010: 37-44. |
[35] | KHURSHID A, ZHOU W, CAESAR M, et al. VeriFlow: verifying network-wide invariants in real time[C]// in Proc. 1st Workshop Hot Topics Softw. Defined Netw., 2012: 49-54. |
[36] | PORRAS P, SHIN S, YEGNESWARAN V, et al. A security enforcement kernel for OpenFlow networks[C]// in Proc. 1st ACM Workshop Hot Hot Topics Softw. Defined Netw., 2012:121-126. |
[37] | WEN X, CHEN Y, HU C, et al. Towards a secure controller platform for OpenFlow applications[C]// in Proc. 2nd ACM SIGCOMM Workshop Hot Topics Softw. Defined Netw., 2013: 171-172. |
[38] | BECKETT R, ZOU X K, ZHANG S, et al. An assertion language for debugging SDN applications[C]// in Proc.3rd ACM Workshop Hot Topics Softw. Defined Netw., 2014: 91-96. |
[39] | Business Wire. Global software-defined networking market (2020 to 2025)-software-defined networking for 5G presents opportunities[R], 2020. |
[40] | GOUD K, GIDITURI S. Security challenges and related solutions in software defined networks: a survey[J]. International Journal of Computer Networks and Applications, 2022(9): 22-37. |
[41] | MALEH Y, QASMAOUI Y, GHOLAMI K, Y. et al. A comprehensive survey on SDN security: threats, mitigations, and future directions[J]. J. Reliable Intell. Environ., 2022: 1-39. |
[42] | AHMAD A, Harjula E, Ylianttila M, et al. Evaluation of machine learning techniques for security in SDN[C]. IEEE Globecom Workshops, 2020. |
[43] | ALSHRA, ABDULLAH S, Ahmad F, et al. Deep learning algorithms for detecting denial of service attacks in software-defined networks[J]. Procedia Computer Science, 2021(91): 254-263. |
[44] | VARHESE J, MUNIYAL B. An efficient IDS framework for DDoS attacks in SDN environment[J]. IEEE Access, 2021(19): 69680-69699. |
[1] | LU Dan, WANG Qi, WANG Ke, SHAO Xiaomeng, HAN Jialin. Mobile phone subscribers location information protection:strategic research and protection approaches [J]. Information and Communications Technology and Policy, 2022, 48(10): 91-96. |
[2] | XU Kai, JIANG Jie. Research on social risks and supervising countermeasures of AI applications [J]. Information and Communications Technology and Policy, 2021, 47(5): 15-20. |
[3] | WANG Qi. The research on the security risks of 5G clouds [J]. Information and Communications Technology and Policy, 2021, 47(2): 92-96. |
[4] | WEI Liang, ZHA Xuan. Risk analysis and evaluation of Blockchain infrastructure [J]. Information and Communications Technology and Policy, 2020, 46(2): 10-13. |
[5] | FENG Zebing, LU Yue. Analysis on Blockchain technology enhancing the security of UAV swarm system [J]. Information and Communications Technology and Policy, 2020, 46(2): 14-18. |
[6] | CHI Cheng, MA Baoluo, TIAN Juan. Security risk analysis model for identifier resolution system of Industrial Internet [J]. Information and Communications Technology and Policy, 2020, 46(10): 23-27. |
[7] | DONG Yue, LI Yi, QIN Guoying, LI Shan. Research of data security in Industrial Internet [J]. Information and Communications Technology and Policy, 2020, 46(10): 38-41. |
[8] | LI Lingtao. Obstacles and countermeasures of 8K industry development from the perspective of user demand [J]. Information and Communications Technology and Policy, 2020, 46(10): 67-72. |
[9] | LIN Meiyu, WANG Yazhong. Research on Internet of Things terminals security capabilities [J]. Information and Communications Technology and Policy, 2020, 46(10): 93-96. |
[10] | PANJuan, LIUTao. Security risk analysis and countermeasures for intelligent video surveillance device [J]. Information and Communications Technology and Policy, 2019, 45(8): 78-80. |
[11] | CAOYuan, ZHAOYongli. Software definedquantumkey distribution as a service [J]. Information and Communications Technology and Policy, 2019, 45(10): 49-55. |
Viewed | ||||||
Full text |
|
|||||
Abstract |
|
|||||
2020 © Information and Communications Technology and Policy
Address: 52 Huayuan North Road, Beijing, China Phone: 010-62300192 E-mail: ictp@caict.ac.cn