Software-Defined Networking (SDN) Challenges
VerifiedAdded on 2020/05/16
|9
|2482
|69
AI Summary
The assignment delves into the multifaceted challenges inherent in Software-Defined Networking (SDN) technology. It examines key issues such as scalability limitations within SDN frameworks, the complexities of designing robust and efficient control planes, vulnerabilities and mitigation strategies for SDN security, and the hurdles associated with deploying SDN solutions in dynamic cloud computing environments.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: SECURITY CHALLENGES IN EMERGING NETWORKS
Security Challenges in Emerging Networks
Name of the Student
Name of the University
Author’s Note:
Security Challenges in Emerging Networks
Name of the Student
Name of the University
Author’s Note:
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1
SECURITY CHALLENGES IN NETWORKING
Table of Contents
Part 1: Security Aspects in Software Defined Networking.....................................................................2
i) Introduction to SDN........................................................................................................................2
ii) Characteristics of SDN compared to traditional network..............................................................3
iii) Comparison of advantages and disadvantages of SDN over traditional networks........................4
Part 2: Three Current or Future Security Issues in SDN and its Countermeasures................................5
i) Three security issues in SDN...........................................................................................................5
ii) Mitigation techniques and tools for each security measure..........................................................6
References.............................................................................................................................................7
SECURITY CHALLENGES IN NETWORKING
Table of Contents
Part 1: Security Aspects in Software Defined Networking.....................................................................2
i) Introduction to SDN........................................................................................................................2
ii) Characteristics of SDN compared to traditional network..............................................................3
iii) Comparison of advantages and disadvantages of SDN over traditional networks........................4
Part 2: Three Current or Future Security Issues in SDN and its Countermeasures................................5
i) Three security issues in SDN...........................................................................................................5
ii) Mitigation techniques and tools for each security measure..........................................................6
References.............................................................................................................................................7
2
SECURITY CHALLENGES IN NETWORKING
Part 1: Security Aspects in Software Defined Networking
i) Introduction to SDN
Software defined networking or SDN is a typical approach towards the technology of cloud
computing, which eventually facilitates the management of networking and also allows excellent
configuration of network programmatically [5]. This network configuration is enabled for the
improvement of network monitoring and performance. Moreover, SDN helps in addressing the
typical fact that static architecture of any traditional network is more complex and decentralized,
whereas, the architecture of the current network needs maximum flexibility and troubleshooting.
Software defined networking centralizes the network intelligence in any one specific component of
network by simply detaching the procedure of forwarding of any data packet from the process of
routing [12]. This process of routing comprises of at least one controller, also known as the brain of
any software defined network. The incorporation of network intelligence is done here. However,
there are few disadvantages as well in the security of this network.
There are three distinct layers in software defined networking. They are as follows:
i) Data Forwarding Layer: This the primary layer of a SDN. The network devices of this layer
mainly include router, local area network switch, packet switch and other network devices. This
layer is also known as data plane. It helps in forwarding the traffic to the next hop with a specific
path to the chosen network destination [11]. The packets of the data plane layer go via the router
present in the layer. The switches or the routers of the data forwarding layer utilize what the layer of
control plane is made for the disposal of the incoming or the outgoing packets and frames.
ii) Control Layer: This is the second layer of software defined networking. The SDN control
software in this layer includes routing, traffic engineering and mobility. The control layer is
responsible for the decision making regarding the destination of traffic [1]. Moreover, the router
always initiates the packets of the control layer. The major functions of this layer are system
management, configuration and also the exchange of the information of routing table. This layer is
also known as the signalling of a network.
iii) Application Layer: This is the third layer of software defined networking. The applications
of this particular layer mainly include the business applications, SDN applications and cloud
orchestration [2]. These applications are typical programs, which can explicitly or directly
communicate with the controller of SDN for the requirements of network.
SECURITY CHALLENGES IN NETWORKING
Part 1: Security Aspects in Software Defined Networking
i) Introduction to SDN
Software defined networking or SDN is a typical approach towards the technology of cloud
computing, which eventually facilitates the management of networking and also allows excellent
configuration of network programmatically [5]. This network configuration is enabled for the
improvement of network monitoring and performance. Moreover, SDN helps in addressing the
typical fact that static architecture of any traditional network is more complex and decentralized,
whereas, the architecture of the current network needs maximum flexibility and troubleshooting.
Software defined networking centralizes the network intelligence in any one specific component of
network by simply detaching the procedure of forwarding of any data packet from the process of
routing [12]. This process of routing comprises of at least one controller, also known as the brain of
any software defined network. The incorporation of network intelligence is done here. However,
there are few disadvantages as well in the security of this network.
There are three distinct layers in software defined networking. They are as follows:
i) Data Forwarding Layer: This the primary layer of a SDN. The network devices of this layer
mainly include router, local area network switch, packet switch and other network devices. This
layer is also known as data plane. It helps in forwarding the traffic to the next hop with a specific
path to the chosen network destination [11]. The packets of the data plane layer go via the router
present in the layer. The switches or the routers of the data forwarding layer utilize what the layer of
control plane is made for the disposal of the incoming or the outgoing packets and frames.
ii) Control Layer: This is the second layer of software defined networking. The SDN control
software in this layer includes routing, traffic engineering and mobility. The control layer is
responsible for the decision making regarding the destination of traffic [1]. Moreover, the router
always initiates the packets of the control layer. The major functions of this layer are system
management, configuration and also the exchange of the information of routing table. This layer is
also known as the signalling of a network.
iii) Application Layer: This is the third layer of software defined networking. The applications
of this particular layer mainly include the business applications, SDN applications and cloud
orchestration [2]. These applications are typical programs, which can explicitly or directly
communicate with the controller of SDN for the requirements of network.
3
SECURITY CHALLENGES IN NETWORKING
ii) Characteristics of SDN compared to traditional network
The traditional network is different from the software defined networking. The comparison
between the characteristics of SDN and traditional network are as follows:
Characteristics Traditional Networking Software Defined Networking
1. Definition Traditional networks are the
static as well as inflexible
network. They cannot be
utilized for the innovative
business ventures [10].
Moreover, traditional networks
possess extremely less
flexibility and agility.
Software defined network is
the programmable network
during time of deployment and
in the later stage on the basis of
requirement changing [14].
SDN is utilized for new business
venture through the
virtualization, agility and
flexibility.
2. Configuration Traditional network is
configured by utilizing
hardware appliances.
Software defined network is
configured by utilizing open
software.
3. Control Plane Traditional network comprises
of control plane that is
distributed [3].
Software defined network
comprises of control plane that
is logically centralized.
4. Utilization Traditional network utilize
custom FPGAs and ASICs.
Software defined network
utilize merchant silicon [8].
5. Working Procedure Traditional network works by
utilizing protocols [13].
Software defined network
utilize APIs for configuration as
required.
Figure 1: Architecture of Traditional Network Device
(Source: [1])
SECURITY CHALLENGES IN NETWORKING
ii) Characteristics of SDN compared to traditional network
The traditional network is different from the software defined networking. The comparison
between the characteristics of SDN and traditional network are as follows:
Characteristics Traditional Networking Software Defined Networking
1. Definition Traditional networks are the
static as well as inflexible
network. They cannot be
utilized for the innovative
business ventures [10].
Moreover, traditional networks
possess extremely less
flexibility and agility.
Software defined network is
the programmable network
during time of deployment and
in the later stage on the basis of
requirement changing [14].
SDN is utilized for new business
venture through the
virtualization, agility and
flexibility.
2. Configuration Traditional network is
configured by utilizing
hardware appliances.
Software defined network is
configured by utilizing open
software.
3. Control Plane Traditional network comprises
of control plane that is
distributed [3].
Software defined network
comprises of control plane that
is logically centralized.
4. Utilization Traditional network utilize
custom FPGAs and ASICs.
Software defined network
utilize merchant silicon [8].
5. Working Procedure Traditional network works by
utilizing protocols [13].
Software defined network
utilize APIs for configuration as
required.
Figure 1: Architecture of Traditional Network Device
(Source: [1])
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4
SECURITY CHALLENGES IN NETWORKING
Figure 2: Architecture of Software Defined Network
(Source: [1])
iii) Comparison of advantages and disadvantages of SDN over traditional networks
There are various advantages or benefits of software defined networking over traditional
networks regarding security issues. They are as follows:
i) Provision of Centralized Network: This is the most significant advantage of software
defined network. The centralized network is easily provisioned with the help of SDN. It provides an
extremely clear vision of the complete network and thus the network is provisioned and centralized
[7]. SDN abstracts the data or the control planes and thus more agility and flexibility is provided to
both the physical and virtual network devices from any centralized location.
ii) Centralized Security: This is the second important advantage of software defined network.
The network management is extremely difficult in case of virtualization [9]. For solving this problem,
the controller of SDN gives a specific central point for the successful distribution of policy
information and security within the organization.
iii) Less Operating Costs: The overall operating costs of software defined network are
extremely less than the traditional network. Thus, it is easily afforded by all organizations,
irrespective of its size.
SECURITY CHALLENGES IN NETWORKING
Figure 2: Architecture of Software Defined Network
(Source: [1])
iii) Comparison of advantages and disadvantages of SDN over traditional networks
There are various advantages or benefits of software defined networking over traditional
networks regarding security issues. They are as follows:
i) Provision of Centralized Network: This is the most significant advantage of software
defined network. The centralized network is easily provisioned with the help of SDN. It provides an
extremely clear vision of the complete network and thus the network is provisioned and centralized
[7]. SDN abstracts the data or the control planes and thus more agility and flexibility is provided to
both the physical and virtual network devices from any centralized location.
ii) Centralized Security: This is the second important advantage of software defined network.
The network management is extremely difficult in case of virtualization [9]. For solving this problem,
the controller of SDN gives a specific central point for the successful distribution of policy
information and security within the organization.
iii) Less Operating Costs: The overall operating costs of software defined network are
extremely less than the traditional network. Thus, it is easily afforded by all organizations,
irrespective of its size.
5
SECURITY CHALLENGES IN NETWORKING
iv) Cloud Abstraction: This is the fourth major advantage of software defined networking [4].
The abstraction of cloud resources is very important for any organization with cloud computing
technology.
In spite of having such vast advantages, software defined network do comprises of various
disadvantages over traditional network. They are as follows:
i) Scalability: This is one of the basic disadvantages of software defined network [7]. There is
lack of scalability in this type of network, the controllers often face problem due to this, and data is
lost.
ii) Latency: Latency is the second important disadvantage of software defined network. The
data packets are transferred after major delay.
Part 2: Three Current or Future Security Issues in SDN and its Countermeasures
i) Three security issues in SDN
Software defined network or SDN is a technology that is utilized for the management of
network and allows proper network configuration for the improvisation of performance as well as
monitoring of network. It helps in centralizing the network and disassociation of data forwarding
process [3]. The static architecture of all the traditional networks is absolutely decentralized and the
software defined network is properly centralized and flexible. The security and the elasticity of SDN
are main advantages of this particular network. However, there are some of the major issues in
security in software defined network. They are as follows:
i) Denial of Service or DoS Attacks: This is the most important and significant security issue
in software defined network [2]. Denial of service or simply DoS attack is the type of cyber threat or
attack, where the hacker or the intruder enters into a machine or any network resource absolutely
unavailable for the legitimate users by simply disturbing the host services linked to the Internet
connection. This Denial of Service attack occurs after the resource or the machine is congested with
various requests from illegitimate users. The original users do not get any idea about this attack and
the network is blocked completely. The intruders or the hackers claim themselves as the original
users and all the information or data are stolen and the confidentiality of this data or information is
lost [8]. Distributed Denial of Service attack or DDoS attack is a form of denial of service attack where
the incoming traffic is flooded by the victim origination from various sources. The SDN often suffers
from this type of attacks and they cannot be easily mitigated.
SECURITY CHALLENGES IN NETWORKING
iv) Cloud Abstraction: This is the fourth major advantage of software defined networking [4].
The abstraction of cloud resources is very important for any organization with cloud computing
technology.
In spite of having such vast advantages, software defined network do comprises of various
disadvantages over traditional network. They are as follows:
i) Scalability: This is one of the basic disadvantages of software defined network [7]. There is
lack of scalability in this type of network, the controllers often face problem due to this, and data is
lost.
ii) Latency: Latency is the second important disadvantage of software defined network. The
data packets are transferred after major delay.
Part 2: Three Current or Future Security Issues in SDN and its Countermeasures
i) Three security issues in SDN
Software defined network or SDN is a technology that is utilized for the management of
network and allows proper network configuration for the improvisation of performance as well as
monitoring of network. It helps in centralizing the network and disassociation of data forwarding
process [3]. The static architecture of all the traditional networks is absolutely decentralized and the
software defined network is properly centralized and flexible. The security and the elasticity of SDN
are main advantages of this particular network. However, there are some of the major issues in
security in software defined network. They are as follows:
i) Denial of Service or DoS Attacks: This is the most important and significant security issue
in software defined network [2]. Denial of service or simply DoS attack is the type of cyber threat or
attack, where the hacker or the intruder enters into a machine or any network resource absolutely
unavailable for the legitimate users by simply disturbing the host services linked to the Internet
connection. This Denial of Service attack occurs after the resource or the machine is congested with
various requests from illegitimate users. The original users do not get any idea about this attack and
the network is blocked completely. The intruders or the hackers claim themselves as the original
users and all the information or data are stolen and the confidentiality of this data or information is
lost [8]. Distributed Denial of Service attack or DDoS attack is a form of denial of service attack where
the incoming traffic is flooded by the victim origination from various sources. The SDN often suffers
from this type of attacks and they cannot be easily mitigated.
6
SECURITY CHALLENGES IN NETWORKING
ii) Manipulation of Data or Network: This is the second most significant security issue of
software defined network. Manipulation of data or network is the specific procedure of data
alteration with the effort for making the data or network unreadable or unbearable for the
legitimate users [3]. The hackers or the intruders often change or manipulate the data or network
with the wrong intention of data breaching or network breaching. Te network traffic is viewed by the
hackers and they block the traffic and thus, the data transfer is completely stopped.
iii) Network Traffic Diversion: This is the third major security issue in software defined
network. The traffic of the network is diversified by the hackers or the attackers and they do this
changing the network destination [1]. This often creates major problem when the data packets are
sent to some other location other than the destination.
ii) Mitigation techniques and tools for each security measure
The above mentioned security issues can be eradicated or mitigated with the help of various
mitigation tools and techniques. The various mitigation techniques for the three mentioned security
issues of software defined network are as follows:
i) Mitigation of Denial of Service or DoS Attacks: The security issue of Denial of Service
attack of software defined network can be easily eradicated or eliminated by utilizing the process or
technique of dropping of data packets in the control plane layer [5]. Moreover, the simple utilization
of limitation rate can also mitigate the denial of service attack.
ii) Mitigation of Manipulation of Data or Network: This specific type of attack can be easily
eradicated when the SDN controller has an entity based channel and strong encryption will protect
the network and data [14].
iii) Mitigation of Network Traffic Diversion: The network traffic diversion can be easily
eradicated with the help of strong encrypted communication channel [13]. This will eventually
secure the entire network.
SECURITY CHALLENGES IN NETWORKING
ii) Manipulation of Data or Network: This is the second most significant security issue of
software defined network. Manipulation of data or network is the specific procedure of data
alteration with the effort for making the data or network unreadable or unbearable for the
legitimate users [3]. The hackers or the intruders often change or manipulate the data or network
with the wrong intention of data breaching or network breaching. Te network traffic is viewed by the
hackers and they block the traffic and thus, the data transfer is completely stopped.
iii) Network Traffic Diversion: This is the third major security issue in software defined
network. The traffic of the network is diversified by the hackers or the attackers and they do this
changing the network destination [1]. This often creates major problem when the data packets are
sent to some other location other than the destination.
ii) Mitigation techniques and tools for each security measure
The above mentioned security issues can be eradicated or mitigated with the help of various
mitigation tools and techniques. The various mitigation techniques for the three mentioned security
issues of software defined network are as follows:
i) Mitigation of Denial of Service or DoS Attacks: The security issue of Denial of Service
attack of software defined network can be easily eradicated or eliminated by utilizing the process or
technique of dropping of data packets in the control plane layer [5]. Moreover, the simple utilization
of limitation rate can also mitigate the denial of service attack.
ii) Mitigation of Manipulation of Data or Network: This specific type of attack can be easily
eradicated when the SDN controller has an entity based channel and strong encryption will protect
the network and data [14].
iii) Mitigation of Network Traffic Diversion: The network traffic diversion can be easily
eradicated with the help of strong encrypted communication channel [13]. This will eventually
secure the entire network.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7
SECURITY CHALLENGES IN NETWORKING
References
[1] Ali-Ahmad, Hassan, Claudio Cicconetti, Antonio de la Oliva, Vincenzo Mancuso, Malla Reddy
Sama, Pierrick Seite, and Sivasothy Shanmugalingam. "An SDN-based network architecture for
extremely dense wireless networks." In Future Networks and Services (SDN4FNS), 2013 IEEE SDN for,
pp. 1-7. IEEE, 2013.
[2] Yan, Qiao, F. Richard Yu, Qingxiang Gong, and Jianqiang Li. "Software-defined networking (SDN)
and distributed denial of service (DDoS) attacks in cloud computing environments: A survey, some
research issues, and challenges." IEEE Communications Surveys & Tutorials 18, no. 1 (2016): 602-622.
[3] Hu, Fei, ed. Network Innovation through OpenFlow and SDN: Principles and Design. CRC Press,
2014.
[4] Cui, Laizhong, F. Richard Yu, and Qiao Yan. "When big data meets software-defined networking:
SDN for big data and big data for SDN." IEEE network 30, no. 1 (2016): 58-65.
[5]Farhady, H., Lee, H. and Nakao, A. (2015). Software-Defined Networking: A survey. Computer
Networks, 81, pp.79-95.
[6] Guan, Xinjie, Baek-Young Choi, and Sejun Song. "Reliability and scalability issues in software
defined network frameworks." In Research and Educational Experiment Workshop (GREE), 2013
Second GENI, pp. 102-103. IEEE, 2013.
[7] Karakus, Murat, and Arjan Durresi. "A survey: Control plane scalability issues and approaches in
Software-Defined Networking (SDN)." Computer Networks 112 (2017): 279-293.
[8] Yan, Qiao, F. Richard Yu, Qingxiang Gong, and Jianqiang Li. "Software-defined networking (SDN)
and distributed denial of service (DDoS) attacks in cloud computing environments: A survey, some
research issues, and challenges." IEEE Communications Surveys & Tutorials 18, no. 1 (2016): 602-622.
[9] Scott-Hayward, Sandra, Gemma O'Callaghan, and Sakir Sezer. "SDN security: A survey." In Future
Networks and Services (SDN4FNS), 2013 IEEE SDN For, pp. 1-7. IEEE, 2013.
[10] Dhamecha, Kapil, and Bhushan Trivedi. "Sdn issues-a survey." International Journal of Computer
Applications 73, no. 18 (2013).
SECURITY CHALLENGES IN NETWORKING
References
[1] Ali-Ahmad, Hassan, Claudio Cicconetti, Antonio de la Oliva, Vincenzo Mancuso, Malla Reddy
Sama, Pierrick Seite, and Sivasothy Shanmugalingam. "An SDN-based network architecture for
extremely dense wireless networks." In Future Networks and Services (SDN4FNS), 2013 IEEE SDN for,
pp. 1-7. IEEE, 2013.
[2] Yan, Qiao, F. Richard Yu, Qingxiang Gong, and Jianqiang Li. "Software-defined networking (SDN)
and distributed denial of service (DDoS) attacks in cloud computing environments: A survey, some
research issues, and challenges." IEEE Communications Surveys & Tutorials 18, no. 1 (2016): 602-622.
[3] Hu, Fei, ed. Network Innovation through OpenFlow and SDN: Principles and Design. CRC Press,
2014.
[4] Cui, Laizhong, F. Richard Yu, and Qiao Yan. "When big data meets software-defined networking:
SDN for big data and big data for SDN." IEEE network 30, no. 1 (2016): 58-65.
[5]Farhady, H., Lee, H. and Nakao, A. (2015). Software-Defined Networking: A survey. Computer
Networks, 81, pp.79-95.
[6] Guan, Xinjie, Baek-Young Choi, and Sejun Song. "Reliability and scalability issues in software
defined network frameworks." In Research and Educational Experiment Workshop (GREE), 2013
Second GENI, pp. 102-103. IEEE, 2013.
[7] Karakus, Murat, and Arjan Durresi. "A survey: Control plane scalability issues and approaches in
Software-Defined Networking (SDN)." Computer Networks 112 (2017): 279-293.
[8] Yan, Qiao, F. Richard Yu, Qingxiang Gong, and Jianqiang Li. "Software-defined networking (SDN)
and distributed denial of service (DDoS) attacks in cloud computing environments: A survey, some
research issues, and challenges." IEEE Communications Surveys & Tutorials 18, no. 1 (2016): 602-622.
[9] Scott-Hayward, Sandra, Gemma O'Callaghan, and Sakir Sezer. "SDN security: A survey." In Future
Networks and Services (SDN4FNS), 2013 IEEE SDN For, pp. 1-7. IEEE, 2013.
[10] Dhamecha, Kapil, and Bhushan Trivedi. "Sdn issues-a survey." International Journal of Computer
Applications 73, no. 18 (2013).
8
SECURITY CHALLENGES IN NETWORKING
[11] Dixit, Advait, Fang Hao, Sarit Mukherjee, T. V. Lakshman, and Ramana Kompella. "Towards an
elastic distributed SDN controller." In ACM SIGCOMM Computer Communication Review, vol. 43, no.
4, pp. 7-12. ACM, 2013.
[12] Sezer, Sakir, Sandra Scott-Hayward, Pushpinder Kaur Chouhan, Barbara Fraser, David Lake, Jim
Finnegan, Niel Viljoen, Marc Miller, and Navneet Rao. "Are we ready for SDN? Implementation
challenges for software-defined networks." IEEE Communications Magazine 51, no. 7 (2013): 36-43.
[13] Singla, Sanjoli, and Jasmeet Singh. "Cloud data security using authentication and encryption
technique." Global Journal of Computer Science and Technology (2013).
[14] Mihaljević, Miodrag J., and Hideki Imai. "Security issues of cloud computing and an encryption
approach." In Cloud Technology: Concepts, Methodologies, Tools, and Applications, pp. 1527-1547.
IGI Global, 2015.
SECURITY CHALLENGES IN NETWORKING
[11] Dixit, Advait, Fang Hao, Sarit Mukherjee, T. V. Lakshman, and Ramana Kompella. "Towards an
elastic distributed SDN controller." In ACM SIGCOMM Computer Communication Review, vol. 43, no.
4, pp. 7-12. ACM, 2013.
[12] Sezer, Sakir, Sandra Scott-Hayward, Pushpinder Kaur Chouhan, Barbara Fraser, David Lake, Jim
Finnegan, Niel Viljoen, Marc Miller, and Navneet Rao. "Are we ready for SDN? Implementation
challenges for software-defined networks." IEEE Communications Magazine 51, no. 7 (2013): 36-43.
[13] Singla, Sanjoli, and Jasmeet Singh. "Cloud data security using authentication and encryption
technique." Global Journal of Computer Science and Technology (2013).
[14] Mihaljević, Miodrag J., and Hideki Imai. "Security issues of cloud computing and an encryption
approach." In Cloud Technology: Concepts, Methodologies, Tools, and Applications, pp. 1527-1547.
IGI Global, 2015.
1 out of 9
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.