Zobrazit v EDS

An Overview of SDN Issues—A Case Study and Performance Evaluation of a Secure OpenFlow Protocol Implementation.

Uloženo v:
Podrobná bibliografie
Název: An Overview of SDN Issues—A Case Study and Performance Evaluation of a Secure OpenFlow Protocol Implementation.
Autoři: Riggs, Hugo, Khalid, Asadullah, Sarwat, Arif I.
Zdroj: Electronics (2079-9292); Aug2025, Vol. 14 Issue 16, p3244, 35p
Témata: SOFTWARE-defined networking, OPENFLOW (Computer network protocol), COMPUTER network architectures, RESEARCH evaluation, COMPUTER network security, SECURITY management, ANOMALY detection (Computer security), DENIAL of service attacks
Abstrakt: Software-Defined Networking (SDN) is a network architecture that decouples the control plane from the data plane, enabling centralized, programmable management of network traffic. SDN introduces centralized control and programmability to modern networks, improving flexibility while also exposing new security vulnerabilities across the application, control, and data planes. This paper provides a comprehensive overview of SDN security threats and defenses, covering recent developments in controller hardening, trust management, route optimization, and anomaly detection. Based on these findings, we present a comparative analysis of SDN controllers in terms of performance, scalability, and deployment complexity. This culminates in the introduction of the Cloud-to-Edge Layer Two (CELT)-Secure switch, a virtual OpenFlow-based data-plane security mechanism. CELT-Secure detects and blocks Internet Control Message Protocol flooding attacks in approximately two seconds and actively disconnects hosts engaging in Address Resolution Protocol-based man-in-the-middle attacks. In comparative testing, it achieved detection performance 10.82 times faster than related approaches. [ABSTRACT FROM AUTHOR]
Copyright of Electronics (2079-9292) is the property of MDPI and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)
Databáze: Complementary Index
Popis
Abstrakt:Software-Defined Networking (SDN) is a network architecture that decouples the control plane from the data plane, enabling centralized, programmable management of network traffic. SDN introduces centralized control and programmability to modern networks, improving flexibility while also exposing new security vulnerabilities across the application, control, and data planes. This paper provides a comprehensive overview of SDN security threats and defenses, covering recent developments in controller hardening, trust management, route optimization, and anomaly detection. Based on these findings, we present a comparative analysis of SDN controllers in terms of performance, scalability, and deployment complexity. This culminates in the introduction of the Cloud-to-Edge Layer Two (CELT)-Secure switch, a virtual OpenFlow-based data-plane security mechanism. CELT-Secure detects and blocks Internet Control Message Protocol flooding attacks in approximately two seconds and actively disconnects hosts engaging in Address Resolution Protocol-based man-in-the-middle attacks. In comparative testing, it achieved detection performance 10.82 times faster than related approaches. [ABSTRACT FROM AUTHOR]
ISSN:20799292
DOI:10.3390/electronics14163244