Security Evaluation in Software-Defined Networks

TL;DR

This paper presents a framework for evaluating security in Software-Defined Networks (SDN), helping administrators identify threats, assess risks, and implement mitigation strategies to enhance SDN security in cloud data centers.

Contribution

It introduces a novel framework for security evaluation in SDN architectures, including an experimental study demonstrating its effectiveness in threat identification and risk assessment.

Findings

Framework effectively identifies SDN threats and vulnerabilities.

Allows calculation of threat risks and severity levels.

Provides mitigation strategies for SDN security issues.

Abstract

Cloud computing has grown in importance in recent years which has led to a significant increase in Data Centre (DC) network requirements. A major driver of this change is virtualisation, which allows computing resources to be deployed on a large scale. However, traditional DCs, with their network topology and proliferation of network endpoints, are struggling to meet the flexible, centrally managed requirements of cloud computing applications. Software-Defined Networks (SDN) promise to offer a solution to these growing networking requirements by separating control functions from data routing. This shift adds more flexibility to networks but also introduces new security issues. This article presents a framework for evaluating security of SDN architectures. In addition, through an experimental study, we demonstrate how this framework can identify the threats and vulnerabilities, calculate their risks and severity, and provide the necessary measures to mitigate them. The proposed framework helps administrators to evaluate SDN security, address identified threats and meet network security requirements.