Software Security in Software-Defined Networking: A Systematic Literature Review

TL;DR

This paper provides a comprehensive systematic review of software security issues in SDN, analyzing 58 publications to identify trends, vulnerabilities, and research gaps in SDN controller, APIs, and applications.

Contribution

It offers the most extensive analysis of SDN software security, categorizing vulnerabilities and methodologies, and highlighting areas for future research.

Findings

Identified key vulnerabilities in SDN software components

Analyzed prevalent testing and analysis methodologies

Mapped research trends and gaps in SDN security

Abstract

Software-defined networking (SDN) has shifted network management by decoupling the data and control planes. This enables programmatic control via software applications using open APIs. SDN's programmability has fueled its popularity but may have opened issues extending the attack surface by introducing vulnerable software. Therefore, the research community needs to have a deep and broad understanding of the risks posed by SDN to propose mitigating measures. The literature, however, lacks a comprehensive review of the current state of research in this direction. This paper addresses this gap by providing a comprehensive overview of the state-of-the-art research in SDN security focusing on the software (i.e., the controller, APIs, applications) part. We systematically reviewed 58 relevant publications to analyze trends, identify key testing and analysis methodologies, and categorize studied vulnerabilities. We further explore areas where the research community can make significant contributions. This work offers the most extensive and in-depth analysis of SDN software security to date.