Skip to main content
Top
Published in: Mobile Networks and Applications 5/2016

12-01-2016

Security in Software-Defined Networking: Threats and Countermeasures

Authors: Zhaogang Shu, Jiafu Wan, Di Li, Jiaxiang Lin, Athanasios V. Vasilakos, Muhammad Imran

Published in: Mobile Networks and Applications | Issue 5/2016

Log in

Activate our intelligent search to find suitable subject content or patents.

search-config
loading …

Abstract

In recent years, Software-Defined Networking (SDN) has been a focus of research. As a promising network architecture, SDN will possibly replace traditional networking, as it brings promising opportunities for network management in terms of simplicity, programmability, and elasticity. While many efforts are currently being made to standardize this emerging paradigm, careful attention needs to be also paid to security at this early design stage. This paper focuses on the security aspects of SDN. We begin by discussing characteristics and standards of SDN. On the basis of these, we discuss the security features as a whole and then analyze the security threats and countermeasures in detail from three aspects, based on which part of the SDN paradigm they target, i.e., the data forwarding layer, the control layer and the application layer. Countermeasure techniques that could be used to prevent, mitigate, or recover from some of such attacks are also described, while the threats encountered when developing these defensive mechanisms are highlighted.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Show more products
Literature
1.
go back to reference Chen M, Zhang Y, Li Y, Mao S, Leung V (2015) EMC: emotion-aware mobile cloud computing in 5G. IEEE Netw 29(2):32–38CrossRef Chen M, Zhang Y, Li Y, Mao S, Leung V (2015) EMC: emotion-aware mobile cloud computing in 5G. IEEE Netw 29(2):32–38CrossRef
2.
go back to reference Wan J, Yan H, Suo H, Li F (2011) Advances in cyber-physical systems research. KSII Trans Internet Inf Syst 5(11):1891–1908 Wan J, Yan H, Suo H, Li F (2011) Advances in cyber-physical systems research. KSII Trans Internet Inf Syst 5(11):1891–1908
3.
go back to reference Suo H, Liu Z, Wan J, Zhou K (2013) Security and privacy in mobile cloud computing. In: Proceedings of the 9th IEEE International Wireless Communications and Mobile Computing Conference, Cagliari, Italy Suo H, Liu Z, Wan J, Zhou K (2013) Security and privacy in mobile cloud computing. In: Proceedings of the 9th IEEE International Wireless Communications and Mobile Computing Conference, Cagliari, Italy
4.
go back to reference Cisco Inc. (2013) Software-defined networking: why we like it and how we are building on it. White Paper Cisco Inc. (2013) Software-defined networking: why we like it and how we are building on it. White Paper
5.
go back to reference McKeown N, Anderson T, Balakrishnan H, Parulkar G, Peterson L, Rexford J, Turner J (2008) OpenFlow: enabling innovation in campus networks. ACM SIGCOMM Comput Commun Rev 38(2):69–74CrossRef McKeown N, Anderson T, Balakrishnan H, Parulkar G, Peterson L, Rexford J, Turner J (2008) OpenFlow: enabling innovation in campus networks. ACM SIGCOMM Comput Commun Rev 38(2):69–74CrossRef
6.
go back to reference Liu J, Li Y, Chen M, Dong W, Jin D (2015) Software-defined internet of things for smart urban sensing. IEEE Commun Mag 53(9):55–63CrossRef Liu J, Li Y, Chen M, Dong W, Jin D (2015) Software-defined internet of things for smart urban sensing. IEEE Commun Mag 53(9):55–63CrossRef
7.
go back to reference Hong CY, Kandula S, Mahajan R, Zhang M, Gill V, Nanduri M, Wattenhofer R (2013) Achieving high utilization with software-driven WAN. ACM SIGCOMM Comput Commun Rev 43(4):15–26CrossRef Hong CY, Kandula S, Mahajan R, Zhang M, Gill V, Nanduri M, Wattenhofer R (2013) Achieving high utilization with software-driven WAN. ACM SIGCOMM Comput Commun Rev 43(4):15–26CrossRef
8.
go back to reference Google Inc. (2012) Inter-datacenter WAN with centralized TE using SDN and OpenFlow. Open Network Submit Google Inc. (2012) Inter-datacenter WAN with centralized TE using SDN and OpenFlow. Open Network Submit
9.
go back to reference Jain S, Kumar A, Mandal S, Ong J, Poutievski L, Singh A, Venkata S, Wanderer J, Zhou J, Zhou M, Zolia J, Hölzle U, Stuart S, Vahdat A (2013) B4: experience with a globally-deployed software defined WAN. In: Proceedings of the ACM SIGCOMM, pp 3–14 Jain S, Kumar A, Mandal S, Ong J, Poutievski L, Singh A, Venkata S, Wanderer J, Zhou J, Zhou M, Zolia J, Hölzle U, Stuart S, Vahdat A (2013) B4: experience with a globally-deployed software defined WAN. In: Proceedings of the ACM SIGCOMM, pp 3–14
12.
go back to reference Ahmad I, Namal S, Ylianttila M, Gurtov A (2015) Security in software defined networks: a survey. IEEE Commun Surv Tutorials 17(4):2317–2346CrossRef Ahmad I, Namal S, Ylianttila M, Gurtov A (2015) Security in software defined networks: a survey. IEEE Commun Surv Tutorials 17(4):2317–2346CrossRef
13.
14.
go back to reference Benton K, Camp L J, Small C (2013) Openflow vulnerability assessment. In: Proceedings of the second ACM SIGCOMM workshop on Hot topics in software defined networking, pp 151–152 Benton K, Camp L J, Small C (2013) Openflow vulnerability assessment. In: Proceedings of the second ACM SIGCOMM workshop on Hot topics in software defined networking, pp 151–152
15.
go back to reference Scott-Hayward S, O’Callaghan G, Sezer S (2013) Sdn security: a survey. In: IEEE SDN Future Networks and Services (SDN4FNS), pp 1–7 Scott-Hayward S, O’Callaghan G, Sezer S (2013) Sdn security: a survey. In: IEEE SDN Future Networks and Services (SDN4FNS), pp 1–7
16.
go back to reference Pan P, Nadeau T (2011) Software driven networks problem statement. IETF Internet-Draft Pan P, Nadeau T (2011) Software driven networks problem statement. IETF Internet-Draft
18.
go back to reference Gude N, Koponen T, Pettit J, Pfaff B, Casado M, McKeown N, Shenker S (2008) NOX: towards an operating system for networks. ACM SIGCOMM Comput Commun Rev 38(3):105–110CrossRef Gude N, Koponen T, Pettit J, Pfaff B, Casado M, McKeown N, Shenker S (2008) NOX: towards an operating system for networks. ACM SIGCOMM Comput Commun Rev 38(3):105–110CrossRef
20.
go back to reference Kreutz D, Ramos FM, Esteves Verissimo P, Esteve Rothenberg C, Azodolmolky S, Uhlig S (2015) Software-defined networking: a comprehensive survey. Proc IEEE 103(1):14–76CrossRef Kreutz D, Ramos FM, Esteves Verissimo P, Esteve Rothenberg C, Azodolmolky S, Uhlig S (2015) Software-defined networking: a comprehensive survey. Proc IEEE 103(1):14–76CrossRef
21.
go back to reference Lara A, Kolasani A, Ramamurthy B (2014) Network innovation using openflow: a survey. IEEE Commun Surv Tutorials 16(1):493–512CrossRef Lara A, Kolasani A, Ramamurthy B (2014) Network innovation using openflow: a survey. IEEE Commun Surv Tutorials 16(1):493–512CrossRef
22.
go back to reference Bernardo DV (2014) Software-defined networking and network function virtualization security architecture. Internet Engineering Task Force. [Online]. Available: https://tools.ietf.org/html/ draft-bernardo-sec-arch- sdnnvfarchitecture-00 Bernardo DV (2014) Software-defined networking and network function virtualization security architecture. Internet Engineering Task Force. [Online]. Available: https://​tools.​ietf.​org/​html/​ draft-bernardo-sec-arch- sdnnvfarchitecture-00
23.
go back to reference Yang M, Li Y, Jin D, Zeng L, Wu X, Vasilakos A (2015) Software-defined and virtualized future mobile and wireless networks: a survey. ACM/Springer Mob Netw Appl 20(1):4–18CrossRef Yang M, Li Y, Jin D, Zeng L, Wu X, Vasilakos A (2015) Software-defined and virtualized future mobile and wireless networks: a survey. ACM/Springer Mob Netw Appl 20(1):4–18CrossRef
25.
go back to reference Jing Q, Vasilakos A, Wan J, Lu J, Qiu D (2014) Security of the internet of things: perspectives and challenges. Wirel Netw 20(8):2481–2501CrossRef Jing Q, Vasilakos A, Wan J, Lu J, Qiu D (2014) Security of the internet of things: perspectives and challenges. Wirel Netw 20(8):2481–2501CrossRef
26.
go back to reference Namal S, Ahmad I, Gurtov A, Ylianttila M (2013) SDN based inter-technology load balancing leveraged by flow admission control. In: IEEE SDN for Future Networks and Services (SDN4FNS), pp 1–5 Namal S, Ahmad I, Gurtov A, Ylianttila M (2013) SDN based inter-technology load balancing leveraged by flow admission control. In: IEEE SDN for Future Networks and Services (SDN4FNS), pp 1–5
28.
go back to reference Wasserman M, Hartman S (2013) Security analysis of the open networking foundation (ONF) OpenFlow switch specification. Internet Engineering Task Force. [Online]. Available: https://tools.ietf.org/html/ draft-mrw-SDNec-openflow-analysis-02 Wasserman M, Hartman S (2013) Security analysis of the open networking foundation (ONF) OpenFlow switch specification. Internet Engineering Task Force. [Online]. Available: https://​tools.​ietf.​org/​html/​ draft-mrw-SDNec-openflow-analysis-02
29.
go back to reference Al-Shaer E, Al-Haj S (2010) FlowChecker: configuration analysis and verification of federated OpenFlow infrastructures. In: Proceedings of the 3rd ACM Workshop on Assurable and Usable Security Configuration, pp 37–44 Al-Shaer E, Al-Haj S (2010) FlowChecker: configuration analysis and verification of federated OpenFlow infrastructures. In: Proceedings of the 3rd ACM Workshop on Assurable and Usable Security Configuration, pp 37–44
30.
go back to reference Porras P, Shin S, Yegneswaran V, Fong M, Tyson M, Gu G (2012) A security enforcement kernel for OpenFlow networks. In: Proceedings of the First Workshop on Hot Topics in Software Defined Networks, pp 121–126 Porras P, Shin S, Yegneswaran V, Fong M, Tyson M, Gu G (2012) A security enforcement kernel for OpenFlow networks. In: Proceedings of the First Workshop on Hot Topics in Software Defined Networks, pp 121–126
31.
go back to reference Khurshid A, Zhou W, Caesar M, Godfrey P (2012) Veriflow: verifying network-wide invariants in real time. ACM SIGCOMM Comput Commun Rev 42(4):467–472CrossRef Khurshid A, Zhou W, Caesar M, Godfrey P (2012) Veriflow: verifying network-wide invariants in real time. ACM SIGCOMM Comput Commun Rev 42(4):467–472CrossRef
32.
go back to reference Fonseca P, Bennesby R, Mota E, Passito A (2012) A replication component for resilient OpenFlow-based networking. In: IEEE Network Operations and Management Symposium (NOMS), pp 933–939 Fonseca P, Bennesby R, Mota E, Passito A (2012) A replication component for resilient OpenFlow-based networking. In: IEEE Network Operations and Management Symposium (NOMS), pp 933–939
33.
go back to reference Sherwood R, Gibb G, Yap K K, Appenzeller G, Casado M, McKeown N, Parulkar G (2009) Flowvisor: a network virtualization layer. OpenFlow Switch Consortium, Tech. Rep Sherwood R, Gibb G, Yap K K, Appenzeller G, Casado M, McKeown N, Parulkar G (2009) Flowvisor: a network virtualization layer. OpenFlow Switch Consortium, Tech. Rep
34.
go back to reference Yao G, Bi J, Xiao P (2011) Source address validation solution with OpenFlow/NOX architecture. In: 19th IEEE International Conference on Network Protocols (ICNP), pp 7–12 Yao G, Bi J, Xiao P (2011) Source address validation solution with OpenFlow/NOX architecture. In: 19th IEEE International Conference on Network Protocols (ICNP), pp 7–12
35.
go back to reference Braga R, Mota E, Passito A (2010) Lightweight DDoS flooding attack detection using NOX/OpenFlow. In: IEEE 35th Conference on Local Computer Networks (LCN), pp 408–415 Braga R, Mota E, Passito A (2010) Lightweight DDoS flooding attack detection using NOX/OpenFlow. In: IEEE 35th Conference on Local Computer Networks (LCN), pp 408–415
36.
go back to reference Nayak A K, Reimers A, Feamster N, Clark R (2009). Resonance: dynamic access control for enterprise networks. In: Proceedings of the 1st ACM Workshop on Research on Enterprise Networking, pp 11–18 Nayak A K, Reimers A, Feamster N, Clark R (2009). Resonance: dynamic access control for enterprise networks. In: Proceedings of the 1st ACM Workshop on Research on Enterprise Networking, pp 11–18
37.
go back to reference Shin S, Yegneswaran V, Porras P, Gu G (2013) Avant-guard: scalable and vigilant switch flow management in software-defined networks. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, pp 413–424 Shin S, Yegneswaran V, Porras P, Gu G (2013) Avant-guard: scalable and vigilant switch flow management in software-defined networks. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, pp 413–424
38.
go back to reference Wang H, Xu L, Gu G (2015) FloodGuard: a dos attack prevention extension in software-defined networks. In: 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), pp 239–250 Wang H, Xu L, Gu G (2015) FloodGuard: a dos attack prevention extension in software-defined networks. In: 45th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), pp 239–250
39.
go back to reference Lim S, Ha J I, Kim H, Kim Y, Yang S (2014) A SDN-oriented DDoS blocking scheme for botnet-based attacks. In: IEEE Sixth International Conference on Ubiquitous and Future Networks (ICUFN), pp 63–68 Lim S, Ha J I, Kim H, Kim Y, Yang S (2014) A SDN-oriented DDoS blocking scheme for botnet-based attacks. In: IEEE Sixth International Conference on Ubiquitous and Future Networks (ICUFN), pp 63–68
41.
go back to reference Suh J, Choi H G, Yoon W, You T, Kwon T, Choi Y (2010) Implementation of a Content-Oriented Networking Architecture (CONA): a focus on DDoS Countermeasure. In: Proceedings of European NetFPGA Developers Workshop Suh J, Choi H G, Yoon W, You T, Kwon T, Choi Y (2010) Implementation of a Content-Oriented Networking Architecture (CONA): a focus on DDoS Countermeasure. In: Proceedings of European NetFPGA Developers Workshop
42.
go back to reference Scott-Hayward S (2015) Design and deployment of secure, robust, and resilient SDN Controllers. In: 1st IEEE Conference on Network Softwarization (NetSoft), pp 1–5 Scott-Hayward S (2015) Design and deployment of secure, robust, and resilient SDN Controllers. In: 1st IEEE Conference on Network Softwarization (NetSoft), pp 1–5
43.
go back to reference Li H, Li P, Guo S, Nayak A (2014) Byzantine-resilient secure software-defined networks with multiple controllers in cloud. IEEE Trans Cloud Comput 2(4):436–447CrossRef Li H, Li P, Guo S, Nayak A (2014) Byzantine-resilient secure software-defined networks with multiple controllers in cloud. IEEE Trans Cloud Comput 2(4):436–447CrossRef
44.
go back to reference Phemius K, Bouet M, Leguay J (2014) Disco: distributed multi-domain sdn controllers. In: IEEE Network Operations and Management Symposium (NOMS), pp 1–4 Phemius K, Bouet M, Leguay J (2014) Disco: distributed multi-domain sdn controllers. In: IEEE Network Operations and Management Symposium (NOMS), pp 1–4
45.
go back to reference Big Switch Inc. (2012) Developing floodlight modules. floodlight OpenFlow controller Tech. Rep. Big Switch Inc. (2012) Developing floodlight modules. floodlight OpenFlow controller Tech. Rep.
47.
go back to reference Voellmy A, Wang J (2012) Scalable software defined network controllers. In: Proceedings of the ACM SIGCOMM 2012 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communication, pp 289–290 Voellmy A, Wang J (2012) Scalable software defined network controllers. In: Proceedings of the ACM SIGCOMM 2012 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communication, pp 289–290
48.
go back to reference Tootoonchian A, Ganjali Y (2010) HyperFlow: a distributed control plane for OpenFlow. In: Proceedings of the 2010 Internet Network Management Conference on Research on Enterprise Networking. USENIX Association, pp 3–3 Tootoonchian A, Ganjali Y (2010) HyperFlow: a distributed control plane for OpenFlow. In: Proceedings of the 2010 Internet Network Management Conference on Research on Enterprise Networking. USENIX Association, pp 3–3
49.
go back to reference Liu J et al (2016) Leveraging software-defined networking for security policy enforcement. Inf Sci 327:288–299CrossRef Liu J et al (2016) Leveraging software-defined networking for security policy enforcement. Inf Sci 327:288–299CrossRef
50.
go back to reference Heller B, Sherwood R, McKeown N (2012) The controller placement problem. In: Proceedings of the First Workshop on Hot Topics in Software Defined Networks, ACM, pp 7–12 Heller B, Sherwood R, McKeown N (2012) The controller placement problem. In: Proceedings of the First Workshop on Hot Topics in Software Defined Networks, ACM, pp 7–12
51.
go back to reference Bari MF, Roy AR, Chowdhury SR, Zhang Q, Zhani MF, Ahmed R, Boutaba R (2013) Dynamic controller provisioning in software defined networks. In: 2013 9th IEEE International Conference on Network and Service Management (CNSM), pp 18–25 Bari MF, Roy AR, Chowdhury SR, Zhang Q, Zhani MF, Ahmed R, Boutaba R (2013) Dynamic controller provisioning in software defined networks. In: 2013 9th IEEE International Conference on Network and Service Management (CNSM), pp 18–25
52.
go back to reference Hock D, Hartmann M, Gebert S, Jarschel M, Zinner T, Tran-Gia P (2013) Pareto-optimal resilient controller placement in SDN-based core networks. In: 25th IEEE International Conference on Teletraffic Congress (ITC), pp 1–9 Hock D, Hartmann M, Gebert S, Jarschel M, Zinner T, Tran-Gia P (2013) Pareto-optimal resilient controller placement in SDN-based core networks. In: 25th IEEE International Conference on Teletraffic Congress (ITC), pp 1–9
53.
go back to reference Security-enhanced floodlight. [Online]. Available: http://www. sdncentral.com/education/toward-secure-sdn-controllayer/2013/10/ Security-enhanced floodlight. [Online]. Available: http://​www.​ sdncentral.com/education/toward-secure-sdn-controllayer/2013/10/
54.
go back to reference Shin S, Porras P, Yegneswaran V, Fong M, Gu G, Tyson M (2013) FRESCO: Modular Composable Security Services for Software-Defined Networks. In : Proceedings of Network and Distributed Security Symposium, pp 1-16 Shin S, Porras P, Yegneswaran V, Fong M, Gu G, Tyson M (2013) FRESCO: Modular Composable Security Services for Software-Defined Networks. In : Proceedings of Network and Distributed Security Symposium, pp 1-16
55.
go back to reference Shin S, Porras P, Yegneswaran V, Gu G (2013) A framework for integrating security services into software-defined networks. In: Proceedings of the 2013 Open Networking Summit (Research Track poster paper) Shin S, Porras P, Yegneswaran V, Gu G (2013) A framework for integrating security services into software-defined networks. In: Proceedings of the 2013 Open Networking Summit (Research Track poster paper)
56.
go back to reference Kreutz D, Ramos F, Verissimo P (2013) Towards secure and dependable software-defined networks. In: Proceedings of the Second ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, pp 55–60 Kreutz D, Ramos F, Verissimo P (2013) Towards secure and dependable software-defined networks. In: Proceedings of the Second ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, pp 55–60
57.
go back to reference Wen X, Chen Y, Hu C, Shi C, Wang Y (2013) Towards a secure controller platform for openflow applications. In: Proceedings of the Second ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, pp 171–172 Wen X, Chen Y, Hu C, Shi C, Wang Y (2013) Towards a secure controller platform for openflow applications. In: Proceedings of the Second ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, pp 171–172
58.
go back to reference Canini M, Venzano D, Peresini P, Kostic D, Rexford J (2012) A NICE way to test OpenFlow applications. In: Proceedings of the 9th USENIX Conference on Networked Systems Design and Implementation Canini M, Venzano D, Peresini P, Kostic D, Rexford J (2012) A NICE way to test OpenFlow applications. In: Proceedings of the 9th USENIX Conference on Networked Systems Design and Implementation
59.
go back to reference Skowyra R, Lapets A, Bestavros A, Kfoury A (2013) Verifiably-safe software-defined networks for CPS. In: Proceedings of the 2nd ACM International Conference on High Confidence Networked Systems, pp. 101–110 Skowyra R, Lapets A, Bestavros A, Kfoury A (2013) Verifiably-safe software-defined networks for CPS. In: Proceedings of the 2nd ACM International Conference on High Confidence Networked Systems, pp. 101–110
60.
go back to reference Ball T, Bjmer N, Gember A, Itzhaky S, Karbyshev A, Sagiv M, Valadarsky A (2014) Vericon: towards verifying controller programs in software-defined networks. ACM SIGPLAN Not 49(6):282–293CrossRef Ball T, Bjmer N, Gember A, Itzhaky S, Karbyshev A, Sagiv M, Valadarsky A (2014) Vericon: towards verifying controller programs in software-defined networks. ACM SIGPLAN Not 49(6):282–293CrossRef
61.
go back to reference Son S, Shin S, Yegneswaran V, Porras P, Gu G (2013) Model checking invariant security properties in OpenFlow. In: 2013 I.E. International Conference on Communications (ICC), pp 1974–1979 Son S, Shin S, Yegneswaran V, Porras P, Gu G (2013) Model checking invariant security properties in OpenFlow. In: 2013 I.E. International Conference on Communications (ICC), pp 1974–1979
62.
go back to reference Mai H, Khurshid A, Agarwal R, Caesar M, Godfrey P, King S (2011) Debugging the data plane with anteater. ACM SIGCOMM Comput Commun Rev 41(4):290–301CrossRef Mai H, Khurshid A, Agarwal R, Caesar M, Godfrey P, King S (2011) Debugging the data plane with anteater. ACM SIGCOMM Comput Commun Rev 41(4):290–301CrossRef
63.
go back to reference Kazemian P, Chan M, Zeng H, Varghese G, McKeown N, Whyte S (2013) Real time network policy checking using header space analysis. In: USENIX Symposium on Networked Systems Design and Implementation, pp 99–111 Kazemian P, Chan M, Zeng H, Varghese G, McKeown N, Whyte S (2013) Real time network policy checking using header space analysis. In: USENIX Symposium on Networked Systems Design and Implementation, pp 99–111
64.
go back to reference Kazemian P, Varghese G, McKeown N (2012) Header space analysis: static checking for networks. In: USENIX Symposium on Networked Systems Design and Implementation NSDI, pp 113–126 Kazemian P, Varghese G, McKeown N (2012) Header space analysis: static checking for networks. In: USENIX Symposium on Networked Systems Design and Implementation NSDI, pp 113–126
65.
go back to reference Wang J, Wang Y, Hu H, Sun Q, Shi H, Zeng L (2013) Towards a security-enhanced firewall application for openflow networks. In: Cyberspace Safety and Security, Springer International Publishing, pp. 92–103 Wang J, Wang Y, Hu H, Sun Q, Shi H, Zeng L (2013) Towards a security-enhanced firewall application for openflow networks. In: Cyberspace Safety and Security, Springer International Publishing, pp. 92–103
Metadata
Title
Security in Software-Defined Networking: Threats and Countermeasures
Authors
Zhaogang Shu
Jiafu Wan
Di Li
Jiaxiang Lin
Athanasios V. Vasilakos
Muhammad Imran
Publication date
12-01-2016
Publisher
Springer US
Published in
Mobile Networks and Applications / Issue 5/2016
Print ISSN: 1383-469X
Electronic ISSN: 1572-8153
DOI
https://doi.org/10.1007/s11036-016-0676-x

Other articles of this Issue 5/2016

Mobile Networks and Applications 5/2016 Go to the issue