Software Defined Networking (SDN) decouples the network control and network forwarding elements. The centralized controller manages the network and controls the data flow in the network elements. It has received significant attention from industry and researchers, and it has been deploying in different scenarios and environments. A centralized network plane supports programmable network management and flexibility. However, it introduces a single point of failure and scalability issues. SDN security has become a concern and many security challenges are introduced. The control plane still suffers from the number of threats such as a distributed denial of service (DDoS), man in the middle (MITM), and information modification attacks. To address these limitations, we propose a robust, secure, collaborative agent-based SDN infrastructure to detect and mitigate the attacks. We simulate and evaluate the performance of the proposed system when SDN control plan is compromised at build and run time. Simulation results show that security solutions are effective to mitigate the attacks.
Key words: Software Defined Networking(SDN);SDN Security; Distributed Denial of Service (DDoS) Attacks
|