Research Article
Free to Read
Software-defined networking (SDN): a survey
Kamal Benzekki,
Abdeslam El Fergougui,
Abdelbaki Elbelrhiti Elalaoui,
Corresponding Author
Kamal Benzekki
Laboratory of Computer Networks and Systems, Department of Mathematics and Computer Science, Faculty of Sciences, Moulay Ismail University, Meknes, Morocco
Correspondence
Kamal Benzekki, Laboratory of Computer Networks and Systems, Department of Mathematics and Computer Science, Faculty of Sciences, Moulay Ismail University, Meknes, Morocco.
E-mail: [email protected]
Search for more papers by this authorAbdeslam El Fergougui
Laboratory of Computer Networks and Systems, Department of Mathematics and Computer Science, Faculty of Sciences, Moulay Ismail University, Meknes, Morocco
Search for more papers by this authorAbdelbaki Elbelrhiti Elalaoui
Laboratory of Computer Networks and Systems, Department of Mathematics and Computer Science, Faculty of Sciences, Moulay Ismail University, Meknes, Morocco
Search for more papers by this authorKamal Benzekki,
Abdeslam El Fergougui,
Abdelbaki Elbelrhiti Elalaoui,
Corresponding Author
Kamal Benzekki
Laboratory of Computer Networks and Systems, Department of Mathematics and Computer Science, Faculty of Sciences, Moulay Ismail University, Meknes, Morocco
Correspondence
Kamal Benzekki, Laboratory of Computer Networks and Systems, Department of Mathematics and Computer Science, Faculty of Sciences, Moulay Ismail University, Meknes, Morocco.
E-mail: [email protected]
Search for more papers by this authorAbdeslam El Fergougui
Laboratory of Computer Networks and Systems, Department of Mathematics and Computer Science, Faculty of Sciences, Moulay Ismail University, Meknes, Morocco
Search for more papers by this authorAbdelbaki Elbelrhiti Elalaoui
Laboratory of Computer Networks and Systems, Department of Mathematics and Computer Science, Faculty of Sciences, Moulay Ismail University, Meknes, Morocco
Search for more papers by this authorAbstract
With the advent of cloud computing, many new networking concepts have been introduced to simplify network management and bring innovation through network programmability. The emergence of the software-defined networking (SDN) paradigm is one of these adopted concepts in the cloud model so as to eliminate the network infrastructure maintenance processes and guarantee easy management. In this fashion, SDN offers real-time performance and responds to high availability requirements. However, this new emerging paradigm has been facing many technological hurdles; some of them are inherent, while others are inherited from existing adopted technologies. In this paper, our purpose is to shed light on SDN related issues and give insight into the challenges facing the future of this revolutionary network model, from both protocol and architecture perspectives. Additionally, we aim to present different existing solutions and mitigation techniques that address SDN scalability, elasticity, dependability, reliability, high availability, resiliency, security, and performance concerns. Copyright © 2017 John Wiley & Sons, Ltd.
References
- 1Naudts B, Kind M, Westphal FJ, Verbrugge S, Colle D, Pickavet M. Techno-economic analysis of software defined networking as architecture for the virtualization of a mobile network. Software Defined Networking (EWSDN), European Workshop on. IEEE, 2012, pp. 67–72.
- 2Benson T, Akella A, Maltz D. Unraveling the complexity of network management. Proc. 6th USENIX Symp. Networked Syst. Design Implement. USENIX Association, 2009, pp. 335–348.
- 3 Floodlight controller, Floodlight documentation, for developers, architecture. [Online]. Retrieved from: http://www.projectfloodlight.org/floodlight/.
- 4 OpenDaylight: a Linux Foundation Collaborative Project, 2014. [Online]. Retrieved from: http://www.opendaylight.org.
- 5Erickson D. The Beacon OpenFlow controller. Proceedings of the Second ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking. ACM, 2013, pp. 13–18.
- 6Casado M, Freedman M, Pettit J, Luo J, McKeown N, Shenker S. Ethane: Taking control of the enterprise. Proceedings of the 2007 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications. ACM, 2007, pp. 12.
- 7McKeown N, Anderson T, Balakrishnan H, et al. OpenFlow: enabling innovation in campus networks. ACM SIGCOMM Computer Communication Review 2008; 38(2): 69–74.
- 8 Open Networking Foundation Security Working Group. [Online]. Retrieved from: https://www.opennetworking.org/technical-communities/areas/services.
- 9Doria A, Salim JH, Haas R, et al. Forwarding and Control Element Separation (ForCES) protocol specification, RFC 5810 (proposed standard), 2010. [online]. Available: https://datatracker.ietf.org/doc/rfc5810/.
- 10Yang L, Dantu R, Anderson T, Gopal R. Forwarding and Control Element Separation (ForCES) framework, RFC 3746 (Informational), 2004. Available [online] : http://datatracker.ietf.org/doc/rfc3746/.
- 11Farrel A, Vasseur JP, Ash J. A path computation element (PCE)-based architecture (No. RFC 4655). 2006.
- 12Rodriguez-Natal A, Barkai S, Ermagan V, Lewis D, Maino F, Farinacci D. Software defined networking extensions for the locator/ID separation protocol, internet draft (experimental), 2014. Available [online]: http://wiki.tools.ietf.org/id/draft-rodrigueznatal-lisp-sdn-00.txt.
- 13Lakshman TV, Nandagopal T, Ramjee R, Sabnani K, Woo T. The SoftRouter architecture. Proceedings of the ACM Workshop on Hot Topics in Networks (HotNets), San Diego, CA, USA, 2004.
- 14 Brocade Communications Systems, Network transformation with software-defined networking and Ethernet fabrics, California, USA. [online]. Available: http://www.brocade.com/downloads/documents/positioningpapers/network-transformation-sdn-wp.pdf, 2012.
- 15Benzekki K, El Fergougui A, ElBelrhiti ElAlaoui A. A secure cloud computing architecture using homomorphic encryption. International Journal of Advanced Computer Science & Applications 2016; 1(7): 293–298.
- 16Yu M, Rexford J, Freedman MJ, Wang J. Scalable flow-based networking with DIFANE. SIGCOMM Computer Communication Review 2010; 41(4): 351–362.
- 17Tootoonchian A, Ganjali Y. HyperFlow: a distributed control plane for OpenFlow. Proceedings of the 2010 Internet Network Management Conference on Research on Enterprise Networking. USENIX Association, 2010, p. 3.
- 18Cai Z. Maestro: achieving scalability and coordination in centralized network control plane, Ph.D. dissertation, Rice Univ., Houston, TX, USA, 2011.
- 19Shalimov A, Zuikov D, Zimarina D, Pashkov V, Smeliansky R. Advanced study of SDN/OpenFlow controllers. Proceedings of the 9th Central and Eastern European Software Engineering Conference in Russia. ACM, 2013, p. 1.
- 20Rimal BP, Jukan A, Katsaros D, Goeleven Y. Architectural requirements for cloud computing systems: an enterprise cloud approach. Journal of Grid Computing 2011; 9: 3–26.
- 21Armbrust M, Fox A, Griffith R, et al. A view of cloud computing. Communication of the ACM, ACM 2010; 53(4): 50–58.
- 22Dixit A, Hao F, Mukherjee S, Lakshman T, Kompella R. Towards an elastic distributed SDN controller. In Proceedings of the Second ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, ser. HotSDN' 13. ACM: New York, NY, USA, 2013; 7–12.
10.1145/2491185.2491193 Google Scholar
- 23Dixit A, Hao F, Mukherjee S, Lakshman TV, Kompella R. ElastiCon: an elastic distributed SDN controller. Proceedings of the Tenth ACM/IEEE Symposium on Architectures for Networking and Communications Systems. ACM, 2014, pp. 17–28.
- 24Scott-Hayward S, O'Callaghan G, Sezer S. SDN security: a survey, IEEE SDN for Future Networks and Services (SDN4FNS), 2013, pp. 1–7.
- 25Kloeti R. OpenFlow: a security analysis. April 2013. [Online]. Available: ftp://yosemite.ee.ethz.ch/pub/students/2012-HS/MA-2012-20signed.pdf.
- 26Jarschel M, Oechsner S, Schlosser D, Pries R, Goll S, TranGia P. Modeling and performance evaluation of an OpenFlow architecture. Teletraffic Congress (ITC), 2011 23rd International, Sept 2011, pp. 1–7.
- 27 Cbench (Controller Benchmarker). [Online]. Available: http://www.openflow.org/wk/index.php/Oflops
- 28Jarschel M, Lehrieder F, Magyari Z, Pries R. A flexible OpenFlow-controller benchmark. Proc. EWSDN, 2012, pp. 48–53
- 29Tipper D. Resilient network design: challenges and future directions. Telecommunication Systems 2014; 56(1): 5–16.
- 30Avižienis A, Laprie JC, Randell B, Landwehr C. Basic concepts and taxonomy of dependable and secure computing, Dependable and Secure Computing, IEEE Transactions on. IEEE, 2004, pp. 11–33.
- 31Patel P, Ranabahu AH, Sheth AP. Service level agreement in cloud computing, 2009.
- 32Gude N, Koponen T, Pettit J, et al. NOX: towards an operating system for networks. ACM SIGCOMM Computer Communication Review 2008; 38(3): 105–110.
- 33 Maestro platform. [Online]. Available: http://code.google.com/p/maestro-platform/.
- 34 Trema, full-stack OpenFlow framework in Ruby and C. [Online]. Available: http://trema.github.com/trema/.
- 35Manthena MPV, van Adrichem NL, van den Broek C, Kuipers F. An SDN-based architecture for network-as-a-service.
- 36Pfaff B, Pettit J, Amidon K, Casado M, Koponen T, Shenker S. Extending networking into the virtualization layer. Proc. HotNets. 2009.
- 37Wang A, Iyer M, Dutta R, Rouskas GN, Baldine I. Network virtualization: technologies, perspectives, and frontiers. Journal of Lightwave Technology 2013; 31(4): 523–537.
- 38Manthena MPV. Network-as-a-service architecture with SDN and NFV: a proposed evolutionary approach for service provider networks, Doctoral dissertation, TU Delft, Delft University of Technology. 2015.
- 39Curtis AR, Mogul JC, Tourrilhes J, Yalagandula P, Sharma P, Banerjee S. DevoFlow: scaling flow management for high-performance networks. Comput. Commun. Rev. 2011; 41(4): 254–265.
- 40Mogul JC, Congdon P. Hey, you darned counters!: Get off my ASIC!. Proceedings of the First Workshop on Hot Topics in Software Defined Networks, ser. HotSDN '12. New York, NY, USA. ACM, 2012, pp. 25–30.
- 41Koponen T, Casado M, Gude N, et al. Onix: a distributed control platform for large-scale production networks. In Proceedings of the 9th USENIX Conference on Operating Systems Design and Implementation, ser. OSDI'10. USENIX Association: Berkeley, CA, USA, 2010; 1–6.
- 42Hassas Yeganeh S, Ganjali Y. Kandoo: a framework for efficient and scalable offloading of control applications. In Proceedings of the First Workshop on Hot Topics in Software Defined Networks, ser. HotSDN'12. ACM: New York, NY, USA, 2012; 19–24.
10.1145/2342441.2342446 Google Scholar
- 43Tootoonchian A, Gorbunov S, Ganjali Y, Casado M, Sherwood R. On controller performance in software-defined networks. Proc. 2nd USENIX Conf. Hot-ICE Netw. Serv.USENIX Association, 2012, p. 10.
- 44Sherwood R, Gibb G, Yap K-K, et al. FlowVisor: a network virtualization layer, Deutsche Telekom Inc. R&D Lab, Stanford, Nicira Networks, Tech. Rep., 2009.
- 45Luo T, Tan H-P, Quan P, Law YW, Jin J. Enhancing responsiveness and scalability for OpenFlow networks via control-message quenching. Proceedings of International Conference on ICT Convergence (ICTC).IEEE, 2012, pp. 348–353.
- 46Kempf J, Bellagamba E, Kern A, Jocha D, Takacs A, Skoldstrom P. Scalable fault management for OpenFlow. Proceedings of IEEE International Conference on Communications (ICC). IEEE, 2012, pp. 6606–6610.
- 47Veisllari R, Stol N, Bjornstad S, Raffaelli C. Scalability analysis of SDN-controlled optical ring MAN with hybrid traffic. Communications (ICC), IEEE International Conference on. IEEE, 2014, pp. 3283–3288.
- 48Park SH, Lee B, You J, Shin J, Kim T, Yang S. RAON: recursive abstraction of OpenFlow networks. Proceedings of the Third European Workshop on Software Defined Networks (EWSDN). IEEE, 2014, pp. 115–116.
- 49Benzekki K, El Fergougui A, ElBelrhiti ElAlaoui A. Devolving IEEE 802.1X authentication capability to data plane in software defined networking (SDN) architecture. Security and Communication Networks, 9(17), 4369–4377.
- 50Voellmy A, Wang J. Scalable software defined network controllers. Proc. ACM SIGCOMM Conf. Appl., Technol., Archit., Protocols Comput. Commun. ACM, 2012, pp. 289–290.
- 51Krishnamurthy A, Chandrabose SP, Gember-Jacobson A. Pratyaastha: An efficient elastic distributed SDN control plane. Proceedings of the Third Workshop on Hot Topics in Software Defined Networking, ser. HotSDN'14. New York, NY, USA. ACM, 2014, pp. 133–138.
- 52Bari MF, Roy AR, Chowdhury SR, et al. Dynamic controller provisioning in software defined networks. 9th International Conference on Network and Service Management, ser. CNSM'13, 2013.
- 53Rajagopalan S, Williams D, Jamjoom H, Warfield A. Split/merge: system support for elastic execution in virtual middleboxes. NSDI. USENIX Association, 2013, pp. 227–240.
- 54Fang L, Chiussi F, Bansal D, et al. Hierarchical SDN for the hyper-scale, hyper-elastic data center and cloud. Proceedings of the 1st ACM SIGCOMM Symposium on Software Defined Networking Research. ACM, 2015, p. 7.
- 55Aissioui A, Ksentini A, Gueroui A, Taleb T. Towards elastic distributed SDN/NFV controller for 5G mobile cloud management systems, IEEE. 2015.
- 56Mueller J, Wierz A, Vingarzan D, Magedanz T. Elastic network design and adaptive flow placement in software defined networks. Computer Communications and Networks (ICCCN), 2013 22nd International Conference on. IEEE, 2013, pp. 1–6.
- 57Vegad M. Elasticity in virtual middleboxes using NFV/SDN, Doctoral dissertation, Indian Institute of Technology, Bombay. 2015.
- 58Longo F, Distefano S, Bruneo D, Scarpa M. Dependability modeling of software defined networking. Computer Networks 2015; 83.
- 59Wu J, Huang Y, Kong J, Tang Q, Huang X. A study on the dependability of software defined networks. International Conference on Materials Engineering and Information Technology Applications (MEITA 2015). Atlantis Press. 2015.
- 60Kreutz D, Ramos F, Verissimo P. Towards secure and dependable software-defined networks. Proceedings of the Second ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking. ACM, 2013, pp. 55–60.
- 61Jansen W. Cloud hooks: security and privacy issues in cloud computing. System Sciences (HICSS), 44 the Hawaii International Conference on. IEEE, 2011, 1–10.
- 62Ahuja SP, Komathukattil D. A survey of the state of cloud security. Network and Communication Technologies 2012; 1(2): 66.
- 63 Link aggregation control protocol (LACP), http://www.cisco.com/c/en/us/td/docs/ios/122sb/feature/guide/gigeth.html, Mar. 2007.
- 64 EtherChannels, http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3550/software/release/12-113ea1/configuration/guide/3550scg /?swethchl.html.
- 65 IP multicast load splitting–equal cost multipath (ECMP), http://www.cisco.com/c/en/us/td/docs/ios/122sr/122srb/feature/guide/srbmpath.html.
- 66 Virtual router redundancy protocol (VRRP) version 3 for IPv4 and IPv6, http://tools.ietf.org/html/rfc5798, Mar. 2010.
- 67 Cisco hot standby router protocol (HSRP), https://www.ietf.org/rfc/rfc2281.txt, Mar. 1998.
- 68 Resilient packet ring (RPR), http://www.ieee802.org/17/docu-ments.htm.
- 69 Non-stop routing (NSR), http://www.cisco.com/c/en/us/td/docs/iosxml/ios/iprouteospf/configuration/15-e/iro-15-e-book/iro-nsr-ospf.html.
- 70 Graceful OSPF restart: non-stop forwarding (NSF), http://tools.ietf.org/html/rfc3623, Nov. 2003.
- 71 Stateful switch-over (SSO), http://www.cisco.com/c/en/us/td/docs/ios/12 0s/feature/guide/sso120s.html.
- 72 Ethernet automatic protection switching (EAPS), https://tools.ietf.org/html/rfc3619, Oct. 2003.
- 73 Ethernet ring protection switching (ERPS), http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/cether/configuration/xe-3s/ce-xe-3s-book/ceg8032-ering-pro.html.
- 74 Fast re-routing (FRR), http://tools.ietf.org/html/rfc4090, May 2005.
- 75Kim H, Santos JR, Turner Y, Schlansker M, Tourrilhes J, Feamster N. CORONET: fault tolerance for software defined networks. Network Protocols (ICNP), 20th IEEE International Conference on. IEEE, 2012, pp. 1–2.
- 76Borokhovich M, Schiff L, Schmid S. Provable data plane connectivity with local fast failover: introducing OpenFlow graph algorithms. Proc. 3rd Workshop Hot Topics Softw. Defined Netw. ACM, 2014, pp. 121–126.
- 77Heller B, Sherwood R, McKeown N. The controller placement problem. Proceedings of the ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking (HotSDN). ACM, 2012, pp. 7–12.
- 78Sharma S, Staessens D, Colle D, Pickavet M, Demeester P. Enabling fast failure recovery in OpenFlow networks. Design of Reliable Communication Networks (DRCN), 8th International Workshop on the. IEEE, 2011, pp. 164–171.
- 79Park H, Song S, Choi BY, Choi T. Toward control path high availability for software-defined networks. Design of Reliable Communication Networks (DRCN), 11th International Conference on. IEEE, 2015, pp. 165–172.
- 80Kuroki K, Fukushima M, Hayashi M, Matsumoto N. Redundancy method for highly available OpenFlow controller. International Journal on Advances in Internet Technology 2014; 7(1 and 2).
- 81Su Z, Wang T, Xia Y, Hamdi M. CheetahFlow: towards low latency software-defined network. Communications (ICC), 2014 IEEE International Conference on. IEEE, 2014, pp. 3076–3081.
- 82He K, Khalid J, Gember-Jacobson A, et al. Measuring control plane latency in SDN-enabled switches. Proceedings of the 1st ACM SIGCOMM Symposium on Software Defined Networking Research. ACM, 2015, Article No 25.
- 83Williams D, Jamjoom H. Cementing high availability in OpenFlow with RuleBricks. Proc. of ACM SIGCOMM Workshop on HotSDN. ACM, 2013, pp. 139–144.
- 84Desai M, Nandagopal T. Coping with link failures in centralized control plane architecture. Proceedings of IEEE COMmunication Systems and NETworks (COMSNET). IEEE, 2010, pp. 79–88.
- 85Berde P, Gerola M, Hart J, et al. ONOS: towards an open, distributed SDN OS. Proceedings of the Third Workshop on Hot Topics in Software Defined Networking. ACM, 2014, pp. 1–6.
- 86Hu Y, Wang W, Gong X, Que X, Cheng S. On reliability-optimized controller placement for software-defined networks. China Communications 2014; 11: 38–54.
- 87Yao G, Bi J, Guo L. On the cascading failures of multi-controllers in software defined networks. Network Protocols (ICNP), 2013 21st IEEE International Conference on. IEEE, 2013, pp. 1–2.
- 88Ros FJ, Ruiz PM. Five nines of southbound reliability in software-defined networks. Proceedings of the Third Workshop on Hot Topics in Software Defined Networking. ACM, 2014, pp. 31–36.
- 89Xiao P, Qu W, Qi H, Li Z, Xu Y. The SDN controller placement problem for WAN. Communications in China (ICCC), IEEE/CIC International Conference on. IEEE, 2014, pp. 220–224.
- 90Capone A, Cascone C, Nguyen AQ, Sansò B. Detour planning for fast and reliable failure recovery in SDN with OpenState, arXiv preprint arXiv:1411.7711. 2014.
- 91Pfeiffenberger T, Du JL, Arruda PB, Anzaloni A. Reliable and flexible communications for power systems: fault-tolerant multicast with SDN/OpenFlow. New Technologies, Mobility and Security (NTMS), 7th International Conference on. IEEE, 2015, pp. 1–6.
- 92Guan X, Choi BY, Song S. Reliability and scalability issues in software defined network frameworks. Research and Educational Experiment Workshop (GREE), 2013 Second GENI. IEEE. 2013, pp. 102–103.
- 93Dong M, Kimata T, Sugiura K, Zettsu K. Quality-of-experience (QoE) in emerging mobile social networks. IEICE Transactions on Information and Systems 2010; E97-D: 2606–2612.
- 94Jeong K, Kim J, Kim Y. QoS-aware network operating system for software defined networking with generalized OpenFlows. Proc. IEEE NOMS. IEEE, 2012, pp. 1167–1174.
- 95Handigol N, Seetharaman S, Flajslik M, Johari R, McKeown N. Asterix: load-balancing as a network primitive. Proc. 9th GENI Eng. Conf. (Plenary), 2010, pp. 1–2.
- 96M. Ghobadi, S. Yeganeh, and Y. Ganjali, Rethinking end-to-end congestion control in software-defined networks. Proc. 11th ACM Workshop Hot Topics Netw. ACM, 2012, pp. 61–66.
- 97Al-Fares M, Radhakrishnan S, Raghavan B, Huang N, Vahdat A. Hedera: dynamic flow scheduling for data center networks. Proc. 7th USENIX Conf. NSDI. USENIX Association, 2010, p. 19.
- 98Marcial F. Evaluating OpenFlow controller paradigms. ICN 2013, The Twelfth International Conference on Networks, 2013, pp. 151–157.
- 99Syed AS, Jannet F, Maham F, Aamir S, Syed MA. An architectural evaluation of SDN controllers. Communications (ICC), 2013 IEEE International Conference on. IEEE, 2013. pp. 3504–3508.
- 100Cai Z, Cox AL, Ng TE. Maestro: a system for scalable OpenFlow control, Rice Univ., Houston, TX, USA, Tech. Rep. TR10-08, Dec. 2010.
- 101Khattak ZK, Awais M, Iqbal A. Performance evaluation of OpenDaylight SDN controller.
- 102Bianco A, Birke R, Giraudo L, Palacin M. OpenFlow switching: data plane performance. Proc. IEEE ICC. IEEE, 2010, pp. 1–5.
- 103Tanyingyong V, Hidell M, Sjodin P. Improving PC-based OpenFlow switching performance. Proceedings of the 6th ACM/IEEE Symposium on Architectures for Networking and Communications Systems, New York, NY, USA, 2010, p. 13:1.
- 104Luo Y, Cascon P, Murray E, Ortega J. Accelerating OpenFlow switching with network processors. Proceedings of the 5th ACM/IEEE Symposium on Architectures for Networking and Communications Systems, New York, NY, USA, 2009, pp. 70–71.
- 105Rotsos C, Sarrar N, Uhlig S, Sherwood R, Moore AW. OFLOPS: an open framework for OpenFlow switch evaluation. Proc. 13th Int. Conf. PAM, 2012, pp. 85–95.
- 106Zhou W, Li L, Chou W. SDN northbound REST API with efficient caches. IEEE International Conference on Web Services (ICWS), 2014, pp. 257–264.
- 107Egilmez H, Dane S, Bagci K, Tekalp A. OpenQoS: an OpenFlow controller design for multimedia delivery with end-to-end quality of service over software-defined networks. Asia-Pacific Signal Information Processing Association Annual Summit and Conference (APSIPA ASC), 2012, pp. 1–8.
- 108Xiong P, Hacigumus H, Naughton JF. A software-defined networking based approach for performance management of analytical queries on distributed data stores. Proceedings of the 2014 ACM SIGMOD International Conference on Management of Data, SIGMOD '14, ACM, New York, NY, USA, Snowbird, Utah, USA, 2014, pp. 955–966.
- 109Wendong W, Qinglei Q, Xiangyang G, Yannan H, Xirong Q. Autonomic QoS management mechanism in software defined network. China Communications 2014; 11: 13–23.
10.1109/CC.2014.6895381 Google Scholar
- 110Cleder Machado C, Zambenedetti Granville L, Schaeffer-Filho A, Araujo Wickboldt J. Towards SLA policy refinement for QoS management in software-defined networking, in IEEE 28th International Conference on Advanced Information Networking and Applications (AINA).IEEE, 2014, pp. 397–404.
- 111 Openflow controller performance comparison. [Online]. Available: http://www.openflow.org/wk/index.php/Controller_Performance_Comparisons.
- 112Liu L, Tsuritani T, Morita I, Guo H, Wu J. Experimental validation and performance evaluation of OpenFlow-based wavelength path control in transparent optical networks. Optics Express 2011; 19: 26578–26593.
- 113Fonseca P, Bennesby R, Mota E, Passito A. A replication component for resilient OpenFlow-based networking. Proc. IEEE Network Operations and Management Symposium (NOMS 2012). IEEE, 2012, pp. 933–939.
- 114Zhang X, Phillips C. Network operator independent resilient overlay for mission critical applications (ROMCA). Communications and Networking in China COM. Fourth International Conference on. IEEE, 2009, pp. 1–5.
- 115Han J, Watson D, Jahanian F. Enhancing end-to-end availability and performance via topology-aware overlay networks. Computer Networks 2008; 52(16): 3029–3046.
- 116Akella A, Maggs B, Seshan S, Shaikh A, Sitaraman R. A measurement-based analysis of multihoming. Proceedings of the 2003 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications, ser. SIGCOMM '03. New York, NY, USA. ACM, 2003, pp. 353–364.
- 117Rohrer JP, Jabbarand A, Sterbenz JP. Path diversification: a multipath resilience mechanism. Design of Reliable Communication Networks (DRCN). 7th International Workshop on. IEEE. 2009, pp. 343–351.
- 118Li Y, Zhang Y, Qiu L, Lam S. SmartTunnel: achieving reliability in the Internet. INFOCOM 2007. 26th IEEE International Conference on Computer Communications. IEEE, 2007, pp. 830–838.
- 119Chiu AL, Choudhury G, Clapp G, Doverspike R, Feuer M, Gannett JW, Xu D. Architectures and protocols for capacity efficient, highly dynamic and highly resilient core networks. Journal of Optical Communications and Networking, IEEE/OSA 2012; 4(1): 1–14.
- 120Benton K, Camp LJ, Small C. OpenFlow vulnerability assessment. Proceedings of the Second ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking. ACM, 2013, pp. 151–152.
- 121Kreutz D, Ramos F, Verissimo P, Rothenberg CE, Azodolmolky S, Uhlig S. Software-defined networking: a comprehensive survey, arXiv preprint arXiv:1406.0440, 2014.
- 122Kreutz D, Ramos F, Verissimo P. Towards secure and dependable software-defined networks. Proceedings of the Second ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking. ACM, 2013, pp. 55–60.
- 123Li D, Hong X, Bowman J. Evaluation of security vulnerabilities by using ProtoGENI as a launchpad. Global Telecommunications Conference (GLOBECOM 2011). IEEE, 2011, pp. 1–6.
- 124Shin S, Gu G. Attacking software-defined networks: the first feasibility study. Proceedings of the Second ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking. ACM, 2013, pp. 165–166.
- 125Smeliansky R. SDN for network security. Science and Technology Conference (Modern Networking Technologies) (MoNeTeC), First International. IEEE, 2014, pp. 1–5.
- 126Schehlmann L, Abt S, Baier H. Blessing or curse? Revisiting security aspects of software-defined networking. Network and Service Management (CNSM), 10th International Conference on. IEEE, 2014, pp. 382–387.
- 127Porras P, Shin S, Yegneswaran V, Fong M, Tyson M, Gu G. A security enforcement kernel for OpenFlow networks. Proceedings of the First Workshop on Hot Topics in Software Defined Networks. ACM, 2012, pp. 121–126.
- 128Shin S, Song Y, Lee T, et al. Rosemary: a robust, secure, and high-performance network operating system. Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security. ACM, 2014, pp. 78–89.
- 129Chandrasekaran B, Benson T. Tolerating SDN application failures with LegoSDN. Proceedings of the 13th ACM Workshop on Hot Topics in Networks. ACM, 2014, p. 22.
- 130Othman MM, Okamura K. Securing distributed control of software defined networks. International Journal of Computer Science and Network Security 2013; 13(9).
- 131Li H, Li P, Guo S, Yu S. Byzantine-resilient secure software defined networks with multiple controllers. Communications (ICC), 2014 IEEE International Conference on. IEEE, 2014, pp. 695–700.
- 132Yu D, Moore AW, Hall C, Anderson R. Authentication for resilience: the case of SDN, ser. Security Protocols XXI. Springer, 2013, pp. 39–44.
- 133Schlesinger C, Story A, Gutz S, Foster N, Walker D. Splendid isolation: language-based security for software-defined networks. Proceedings of the First Workshop on Hot Topics in Software Defined Networks. ACM, 2012, pp. 79–84.
- 134Skowyra RW, Lapets A, Bestavros A, Kfoury A. Verifiably safe software-defined networks for CPS. Proceedings of the 2nd ACM International Conference on High Confidence Networked Systems. ACM, 2013, pp. 101–110.
- 135Guha A, Reitblatt M, Foster N. Machine-verified network controllers. ACM SIGPLAN Notices 2013; 48: 483–494.
- 136Ball T, Bjrner N, Gember A, et al. VeriCon: towards verifying controller programs in software-defined networks. Proceedings of the 35th ACM SIGPLAN Conference on Programming Language Design and Implementation. ACM, 2014, p. 31.
- 137Wen X, Chen Y, Hu C, Shi C, Wang Y. Towards a secure controller platform for OpenFlow applications. Proceedings of the Second ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking. ACM, 2013, pp. 171–172.
- 138 OpenFlowSec.org. Security-enhanced Floodlight. [Online]. Available: www.openflowsec.org.
- 139Porras P, Cheung S, Fong M, Skinner K, Yegneswaran V. Securing the software-defined network control layer. Proceedings of the Network and Distributed System Security Symposium (NDSS), San Diego, California. 2015.
- 140Foster N, Harrison R, Freedman MJ, et al. Frenetic: a network programming language. ACM SIGPLAN Notices 2011; 46(9): 279–291.
- 141Al-Shaer E, Al-Haj S. FlowChecker: configuration analysis and verification of federated OpenFlow infrastructures. Proceedings of the 3rd ACM Workshop on Assurable and Usable Security Configuration. ACM, 2010, pp. 37–44.
- 142Mai H, Khurshid A, Agarwal R, Caesar M, Godfrey P, King ST. Debugging the data plane with Anteater. ACM SIGCOMM Computer Communication Review 2011; 41(4): 290–301.
- 143Namal S, Ahmad I, Gurtov A, Ylianttila M. Enabling secure mobility with OpenFlow. IEEE Software Defined Networks for Future Networks and Services. IEEE, 2013.
- 144Scott-Hayward S, Kane C, Sezer S. Operation Checkpoint: SDN application control. 22nd IEEE International Conference on Network Protocols (ICNP). IEEE, 2014, pp. 618–623
- 145Khurshid A, Zhou W, Caesar M, Godfrey P. VeriFlow: verifying network-wide invariants in real time. ACM SIGCOMM Computer Communication Review 2012; 42(4): 467–472.
- 146Mehdi SA, Khalid J, Khayam SA. Revisiting traffic anomaly detection using software defined networking. In Recent Advances in Intrusion Detection. Springer Berlin Heidelberg, 2011; 161–180.
10.1007/978-3-642-23644-0_9 Google Scholar
- 147Hand R, Michael T, Eric K. Active security. In Twelfth ACM Workshop on Hot Topics in Networks (HotNets-XII). ACM: College Park, MD, 2013; 79–108.
- 148Jafarian JH, Al-Shaer E, Duan Q. OpenFlow random host mutation: transparent moving target defense using software defined networking. Proceedings of the First Workshop on Hot Topics in Software Defined Networks. ACM, 2012, pp. 127–132.
- 149Kampanakis P, Perros H, Beyene T. SDN-based solutions for moving target defense network protection. A World of Wireless, Mobile and Multimedia Networks (WoWMoM), IEEE 15th International Symposium on. IEEE, 2014, pp. 1–6.
- 150Giotis K, Argyropoulos C, Androulidakis G, Kalogeras D, Maglaris V. Combining OpenFlow and sFlow for an effective and scalable anomaly detection and mitigation mechanism on SDN environments. Journal of Computer Networks 2014; 62: 122–136.
- 151Matias J, Tornero B, Mendiola A, Jacob E, Toledo N. Implementing layer 2 network virtualization using OpenFlow: challenges and solutions. Software Defined Networking (EWSDN), 2012 European Workshop on. IEEE, 2012, pp. 30–35.
- 152Yao G, Bi, Xiao P. Source address validation solution with OpenFlow/NOX architecture. Network Protocols (ICNP), 2011 19th IEEE International Conference on. IEEE, 2011, pp. 7–12.
- 153Yao G, Bi J, Feng T, Xiao P, Zhou D. Performing software defined route-based IP spoofing filtering with SEFA. Computer Communication and Networks (ICCCN), 23rd International Conference on. IEEE, 2014,pp. 1–8.
- 154Feng T, Bi J, Hu H, Yao G, Xiao P. InSAVO: intra-AS IP source address validation solution with OpenRouter. Proceedings of the IEEE International Conference on Computer Communications (INFOCOM). Orlando Bi J, Liu B, Wu J, Shen Y USA. IEEE, 2012, pp. 33–34.
- 155Meyer C, Schwenk J. Lessons learned from previous SSL/TLS Attacks—a brief chronology of attacks and weaknesses. IACR Cryptology ePrint Archive, 2013, p. 49.
- 156Hernan S, Lambert S, Ostwald T, Shostack. Threat modeling uncover security design flaws using the stride approach. MSDN Magazine-Louisville, 2006, pp. 68–75.
- 157Casado M, Garfinkel T, Akella A, et al. SANE: a protection architecture for enterprise networks. Usenix Security Symposium. ser. USENIXSS '06, Berkeley, CA, USA, vol. 15. 2006.
- 158Jia X, Wang JK. Distributed firewall for P2P network in data center. ICCE-China Workshop (ICCE-China). IEEE, 2013, pp. 15–19.
- 159Katta NP, Rexford J, Walker D. Logic programming for software-defined networks. Workshop on Cross-Model Design and Validation (XLDI). Vol. 412. ACM, 2012.
- 160Dangovas V, Kuliesius F. SDN-driven authentication and access control system. The International Conference on Digital Information, Networking, and Wireless Communications (DINWC2014). The Society of Digital Information and Wireless Communication, 2014, pp. 20–23.
- 161Zhu S, Bi J, Sun C. SFA: stateful forwarding abstraction in SDN data plane. USENIX/?Open Networking Summit Research Track (ONS14), Santa Clara, USA 2014.
- 162Stoenescu R, Popovici M, Negreanu L, Raiciu C. Symnet: static checking for stateful networks. Proceedings of the 2013 Workshop on Hot Topics in Middleboxes and Network Function Virtualization. ACM, 2013, pp. 31–36
- 163Fayaz SK, Sekar V. Testing stateful and dynamic data planes with FlowTest. Proceedings of the Third Workshop on Hot Topics in Software Defined Networking. ACM, 2014, pp. 79–84.
- 164Skowyra R, Bahargam S, Bestavros A. Software-defined IDS for securing embedded mobile devices. High Performance Extreme Computing Conference (HPEC).IEEE, 2013, pp. 1–7.
- 165Shin S, Porras P, Yegneswaran V, Fong M, Gu G, Tyso M. FRESCO: modular composable security services for software-defined networks. Proceedings of Network and Distributed Security Symposium, 2013.
- 166Liyanage M, Ylianttila M, Gurtov A. Securing the control channel of software-defined mobile networks. World of Wireless, Mobile and Multimedia Networks (WoWMoM), IEEE 15th International Symposium on. IEEE, 2014, pp. 1–6.
- 167Handigol N, Heller B, Jeyakumar V, Mazieres D, McKeown N. Where is the debugger for my software-defined network?. Proceedings of the First Workshop on Hot Topics in Software Defined Networks. ACM, 2012, pp. 55–60.
- 168 OpenFlowSec.org. Security-enhanced FloodLight. [Online]. Available: www.openflowsec.org.
- 169Fayazbakhsh SK, Sekar V, Yu M, Mogul JC. FlowTags: enforcing network-wide policies in the presence of dynamic middlebox actions. Proceedings of the Second ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking. ACM, 2013, pp. 19–24.
- 170Mattos DMF, Ferraz LHG, Duarte OCMB. AuthFlow: authentication and access control mechanism for software defined networking.
- 171Shin S, Yegneswaran V, Porras P, Gu G. AVANT-GUARD: scalable and vigilant switch flow management in software-defined networks. Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security. ACM, 2013, pp. 413–424.
- 172Yao G, Bi J, Xiao P. Source address validation solution with OpenFlow/NOX architecture. 19th IEEE International Conference on Network Protocols (ICNP). IEEE, 2011, pp. 7–12.
- 173Naous J, Stutsman R, Mazieres D, McKeown N, Zeldovich N. Delegating network security with more information. Proceedings of the 1st ACM Workshop on Research on Enterprise Networking. ACM, 2009, pp. 19–26.
- 174Braga R, Mota E, Passito A. Lightweight DDoS flooding attack detection using NOX/?OpenFlow. IEEE 35th Conference on Local Computer Networks (LCN). IEEE, 2010, pp. 408–415.
- 175Suh J, Choi H, Yoon W, You T, Kwon T, Choi Y. Implementation of content-oriented networking architecture (CONA): a focus on DDoS countermeasure. European NetFPGA Developers Workshop, 2010.
- 176YuHunag C, MinChi T, YaoTing C, YuChieh C, YanRen C. A novel design for future on-demand service and security. Communication Technology (ICCT), 12th IEEE International Conference on. IEEE, 2010, pp. 385–388.
- 177Lim S, Ha J, Kim H, Kim Y, Yang S. A SDN-oriented DDoS blocking scheme for botnet-based attacks. Ubiquitous and Future Networks (ICUFN), 2014 Sixth International Conf on. IEEE, 2014, pp. 63–68.
- 178Zaalouk A, Khondoker R, Marx R, Bayarou K. OrchSec: an orchestrator-based architecture for enhancing network-security using network monitoring and SDN control functions. Network Operations and Management Symposium (NOMS). IEEE, 2014, pp. 1–9.
- 179Schehlmann L, Baier H. COFFEE: a concept based on OpenFlow to filter and erase events of botnet activity at high-speed nodes. GI-Jahrestagung, 2013, pp. 2225–2239.
