CFP last date
20 May 2024
Call for Paper
June Edition
IJCA solicits high quality original research papers for the upcoming June edition of the journal. The last date of research paper submission is 20 May 2024

Submit your paper
Know more
The week's pick
Responsive image
Enhancing Privacy Preservation: Multi-Attribute Protection with P-Sensitive K-Anonymity

Twinkle Patel Kiran Amin
Random Articles
Reseach Article

Vulnerabilities in SDN Due to Separation of Data and Control Planes

by S. Faizullah, S. AlMutairi
journal cover thumbnail

International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 179 - Number 31
Year of Publication: 2018
Authors: S. Faizullah, S. AlMutairi
10.5120/ijca2018916519

S. Faizullah, S. AlMutairi . Vulnerabilities in SDN Due to Separation of Data and Control Planes. International Journal of Computer Applications. 179, 31 ( Apr 2018), 21-24. DOI=10.5120/ijca2018916519

@article{ 10.5120/ijca2018916519,
author = { S. Faizullah, S. AlMutairi },
title = { Vulnerabilities in SDN Due to Separation of Data and Control Planes },
journal = { International Journal of Computer Applications },
issue_date = { Apr 2018 },
volume = { 179 },
number = { 31 },
month = { Apr },
year = { 2018 },
issn = { 0975-8887 },
pages = { 21-24 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume179/number31/29194-2018916519/ },
doi = { 10.5120/ijca2018916519 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-07T00:57:07.165907+05:30
%A S. Faizullah
%A S. AlMutairi
%T Vulnerabilities in SDN Due to Separation of Data and Control Planes
%J International Journal of Computer Applications
%@ 0975-8887
%V 179
%N 31
%P 21-24
%D 2018
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Tremendous advancements over the past several decades revolutionized the networking research and technological industry, however, it is still dominated and remains hardware based. Such legacy networks are inflexible, hard and costly to scale and manage. Software defined networking (SDN) is a new approach to networking which enable comprehensive network programmability. SDN architecture bifurcates the data and control plane thereby simplifies network management. In this new architecture, the control plane consists of networking intelligence and the policy making ability is moved to a centralized entity called as controller. Commonly, SDN uses OpenFlow as the communication interface between the data and control planes. This separation while providing great opportunities for scalability, also introduces new vulnerabilities. We identify certain scenarios for vulnerabilities in the OpenFlow semantics that can subject the controller to distributed denial of service (DDoS) attack which is unique to SDN due to the new architecture where the control plane is separated from the data plane. We also explore some reactive mechanisms that can detect and help to devise techniques to prevent impending DDoS attack on an SDN controller.

References
  1. B. Nunes, M. Mendonca, X.-N. Nguyen, K. Obraczka and T. Turletti, "A survey of software-defined networking: Past, present, future of programmable networks", IEEE Commun. Surv. Tut., vol. 16, no. 3, pp. 1617-1634, 2014
  2. N. Feamster, J. Rexford and E. Zegura, "The road to SDN", Queue, vol. 11, no. 12, pp. 20:20-20:40, 2013
  3. K. Ahokas, “Software-defined networking”, Aalto University School of Science.
  4. S. Shin and G. Gu, ”Attacking software-defined networks: A first feasibility study (short paper)” , In HotSDN'13.
  5. M. Yu, L. Jose, and R. Miao, “Software defined traffic measurement with OpenSketch”. In Proceedings of the 10th USENIX Symposium on Networked Systems Design and Implementation (NSDI'13). April (2013).
  6. http://archive.openflow.org/documents/openflow-spec-v1.0.0.pdf
  7. A. Doria, J. Hadi Salim, R. Haas, H. Khosravi, W. Wang, L. Dong, R. Gopal, and J. Halpern, “Forwarding and control element separation” (ForCES) protocol specification, RFC 5810 (Proposed Standard), March 2010,
  8. Devolved Control of ATM Networks. http://www.cl.cam.ac.uk/research/srg/netos/old-projects/dcan/#pub.
  9. H. Wang, L. Xu, and G. Guofei, “Of-Guard: A DoS Attack Prevention Extension in Software-Defined Networks’, In USENIX Open Network Summit, 2014.
  10. T. Limoncelli, “Openflow: a radical new idea in networking”,. Commun. ACM, 55(8):42–47, August 2012.
  11. K. Benton, L. J. Camp, and C. Small. OpenFlow Vulnerability Assessment. HotSDN '13, pages 151--152, 2013.
Index Terms

Computer Science
Information Sciences

Keywords

Software Defined Networking SDN SDN Vulnerabilities DDoS Cloud Computing OpenFlow.

Powered by PhDFocusTM