Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

Security analysis of OpenDayLight, ONOS, RoseMary and RYU SDN controllers

: Arbettu, Ramachandra Kamath; Khondoker, Rahamatullah; Bayarou, Kpatcha; Weber, Frank

Postprint urn:nbn:de:0011-n-4046948 (195 KByte PDF)
MD5 Fingerprint: 835e130aff863f27e89a67e57dd53345
Created on: 21.7.2016

Dziong, Zbigniew (Ed.) ; Institute of Electrical and Electronics Engineers -IEEE-; IEEE Communications Society:
17th International Telecommunications Network Strategy and Planning Symposium, Networks 2016. Conference Proceedings : September 26-28, 2016, Montreal, Canada
Piscataway, NJ: IEEE, 2016
ISBN: 978-1-4673-8992-1 (Print)
ISBN: 978-1-4673-8991-4
ISBN: 978-1-4673-8990-7
International Telecommunications Network Strategy and Planning Symposium (Networks) <17, 2016, Montreal>
Conference Paper, Electronic Publication
Fraunhofer SIT ()
Software Defined Networking (SDN); controller security; STRIDE; network security; security analysis

There is an immense expectation on Software- Defined Networking (SDN) in industry as a novel approach towards potentially replacing conventional network management and control. However, SDN is not immune to security vulnerabilities which currently exist in the legacy systems or which may newly arise due to change in the network design. Since the beginning of SDN development, primary focus of research was on separation of control plane from data plane by keeping performance and operational flexibility unchanged. In the due course of achieving this, security aspects of an SDN have taken a back seat. Even though separation of control plane from a data plane is a great step towards simplification of network management, it subjects the network into a potential two way target for intruders to gain control. Due to the centralized design of SDN, compromising security of a controller will be as good as compromising the security of a whole network. Enterprises which are moving towards adapting SDN are concerned about security issues and the resulting problems. In this paper, we analyze the security issues of few of the widely used controllers. We found that the OpenDayLight controller is the most secure one compared to the others. In addition, this paper also provides a snapshot of current development in security aspect of SDN controllers such that it may help SDN controller developers to identify the issues and rectify the same in future releases.