Ask a question from expert

Ask now

Security Issues in Software Defined Networks (SDN)

6 Pages3403 Words167 Views
   

Added on  2021-05-31

Security Issues in Software Defined Networks (SDN)

   Added on 2021-05-31

BookmarkShareRelated Documents
Running head: SECURITY ISSUES IN SOFTWARE DEFINED NETWORKS (SDN)Security issues in Software Defined Networks (SDN)Name of the StudentName of the UniversityAuthor’s Note
Security Issues in Software Defined Networks (SDN)_1
2SECURITY ISSUES IN SOFTWARE DEFINED NETWORKS (SDN)ABSTRACT- This study discuses about thesecurity challenges in the SDN architecture.Various benefits of the SDN architecture havebeen discussed in the study. Various threats havebeen identified in the study. Various securitysolutions have been analyzed in the study. Keywords- SDN controller, DISCO, DoS attack andCONAA.INTRODUCTIONCloud Service providers have been working forsatisfying their customers by their enhanced qualityof services and security. Different networkarchitectures have been prepared in order to enhancesecurity of data and information of users. Thesoftware defined network (SDN) has helped inpreparing in secured network architecture for the bestfunction of virtualization. Various softwareprogramming have been installed in the SDNs forpreparing secure networks in organization [1]. This report focuses in the security perspective ofthe SDNs in the market. Various security threats andrisks have been discussed in the report.This report outlines the safety measures forcounter-measuring these challenges in SDNs. A.Research problemThis research has focused on the securitychallenges in the network of various companies. Thesecurity treats in the network architecture have beenmajor problem discussed in this research. Thesecurity of data and information transferring throughnetwork architecture have been intercepted by thehackers and other intruders in the network. Therefore,this have been creating a lot of problems related todata loss in companies [2]. Various securitychallenges and solutions has been discussed in theresearch that might help in maintaining the securityof data and information of companies in the market.Various attacks including cyber-attacks, DoS attack,and traffic monitoring and overflow attack have beenmajor challenges in the SDN architecture.B.LITERATURE REVIEWOverview of SDN Architecture SDN has been an emerging network architecturethat helps in forwarding data from the control logic tother network components. The decoupling offorwarding data and information is done with thehelp of switches and routers. However, SDNarchitecture can be divided into three layers includingdata forwarding layer, control layer and applicationlayer [3]. A.Data forwarding layerThe data forwarding layer of the SDN consists ofvarious SDN switches that are hysically connectedwith the help of wires and wireless media. Everyswitch acts as a simple device for forwarding packetsof data and information to the Flow table thatcontains thousands of rules for forwarding decisions[11]. However, each of the table is made up of threefields including action, counter and pattern. Thepattern describes the flow of data and its header filesvalue. The switch searches its flow table uponreceiving the data and information. The switchreceives notification upon receiving the data andinformation from various data sources and forward tothe controller from control layer.B.Control layerThe SDN controller communicates with theswitch by a standard south bound API includingOpenflow. Various routing protocols, such as BGPand OSPF, run on the SDN controller so that all thedata forwarding taking place in the data layer is basedon instructions placed by the controller. Thecontroller used in the control layer helps incontrolling the amount of data flow [12]. In the multicontroller architecture, each controller is responsiblefor controlling only a portion of the switches. Inorder to maintain the consistency of the network’sstatus, an individual SDN controller cancommunicate with other controllers in the networkthrough east–westbound APIs. C.Application layerThe application layer issued to allowing networkoperators for responding to various businessrequirements. Various innovative applicationsoftware has been prepared for SDN controllers formeeting the requirements incusing networkvirtualization and topology [13]. This layer used tocommunicate with the control layer by north-bundAPIs. However, the control layer helps in providingabstraction of restores of network operators forchanging the data path of packets by programminglanguage focusing in SDN controllers. Advantages of SDN and defectsThere are various advantages of the SDNarchitectures. Some of the benefits are discussedbelow:Effective monitoring of abnormal traffic:SDN controllers are able to perceivenetwork traffic, therefore, it becomes easy fornoticing abnormal behavior in network traffic due to
Security Issues in Software Defined Networks (SDN)_2
3SECURITY ISSUES IN SOFTWARE DEFINED NETWORKS (SDN)an attacker. Any kind of mischievous activitieshappening in the network can be easily detected bythe SDN controllers.Timely dealing with vulnerabilities:The controllers are programmed to theimmediate actions against the threat detected in thenetworks. The controllers are responsible forreacting against the identified threat in the networkswithout wasting any time. Software installed in thecontrollers has been updated with latest version thathelps in maintaining the security of the data andinformation [4]. The SDN controller helps inproviding data security policy covering differentlayers in the network. There are some defects in the SDN networkdiscussed below:Vulnerable controller:The architecture of the SDN helpsimprovising a concentrated target of reducing thedifficulties in attacks. However, the development ofthe cloud computing have been creating securityissues in the system. The data of the cloudcomputing have been less secure than other database[5]. Therefore, the security threats in the cloudcomputing get increased in the SDN controller. Theattackers can attack the SDN controllers that mightseize the control of the network and breach all dataand information of the network. Risk caused by open programmable interfaces: The open nature of the SDN have increasedthe security threats. The software is full open to theattackers that increase the security threats in the SDNcontroller. However, the SDN controller providehuge number of programmable interface for theapplication layer that is exposed in the maliciouscode. The open interfaces of SDN controller helps inproviding access to the attackers in the network [6].Therefore, the entrance of the attackers become easyand safe. The open interfaces of SDN controllersneeds to focus in the security of the gateway ofcontroller. More attack points:The traditional network provide less attackpoints that the modern SDN controllers. The SDNswitch has been prone to attacks that have beenidentified. The link between SDN switches are notencrypted that create security issues during the datatransfer. Therefore, data and information stored onthe switches are prone to the security attacks. TheSDN controller have been the most attractive targetfor the attackers in the market. The SDN controllerhas been the most central part of the networkarchitecture. Therefore, getting access to the SDNcontroller helps in accessing all parts of the SDN.The data packets that contain these rules can betampered with by attacker through eavesdropping onthe link between the controller and switch, which willresult in a spurious rule insertion or malicious rulemodification [14]. The application software is builton the controller that is directly that is located on thesame physical device. When the application softwareinvokes the functions of the controllers through thenorth-bound APIs, malicious code maybe embeddedinto the controller. Hence, the application software isconsidered the most convenient attack point forseizing the controllers.Security threats to SDNThere are various threats identified in thedifferent layer of SDN as discussed below: Threats in data forwarding layer:The data forwarding layer is situated at the bottom ofthe SDN architecture that contains thousands ofswitches, which are interconnected. Man-in-middleattack focuses on the agent node and destination nodeor intercepting communication of data and tamperthem without detected by the controller. Theseattacks of man-in-middle involve session hijacking,DNS spoofing and port mirroring. This attackbetween the controller and switches has been aproper choice for attacking an SDN. It is used tointercept the messages between them [15]. The flowtable has been saturated in the irregular traffic aslegal traffic have not been forwarded correctly.Packets in the Flow Buffer will be marked fordeletion on a First in First out (FIFO) basis to releasethe storage space. As in the case of the Flow Table,the storage capacity of the Flow Buffer is alsolimited. Attackers can flood large packets belongingto a different flow than that encountered by theswitch normally; the switch has to buffer these largepackets and this leads to the saturation of the FlowBuffer.Threats in Control layer:In the SDN architecture, the control layer isthe OpenFlow controllers and the security have adirect impact on the data forwarding layer. AContent-Oriented Networking Architecture (CONA)is a proxy node located between the client and thecontent server, and can communicate with thecontroller. Therefore, content request messages fromcustomers can be intercepted and analyzed by the
Security Issues in Software Defined Networks (SDN)_3

End of preview

Want to access all the pages? Upload your documents or become a member.

Related Documents
Challenges and Issues in Software Defined Networking (SDN)
|10
|2200
|341

Assignment Security Challenges in Emerging Network
|9
|2482
|69

Software Defined Networking Information 2022
|10
|2670
|36

Cloud Computing Assignment Sample
|7
|1722
|120

Security Issues in Software Defined Networks (pdf)
|14
|3418
|53

Software Defined Networking and Quality of Service in Advance Computer Networking
|8
|1854
|379