Security Threats to Software Defined Network (SDN)

3842 0

In Software Defined Network (SDN) architecture, the control plane is separated from the data plane and implemented in a software application. In this blog, we will briefly analyze the security threats to SDN because of this decoupling. The controller is the most vital component in SDN architecture mainly because it defines the data flows that occur in the Data Plane (traffic flow manager). It is the “brian” of the network and therefore the attacks on and vulnerabilities in controllers are probably the most severe threats to SDN architecture. If the controller is compromised, the attacker can disrupt the data path. For example in Figure below, the compromised controller can alter the traffic flow in the SDN device to send the traffic to Bad Guy. The communication between the controller and the SDN device is also an essential part of the SDN and can be exploited in the following ways:

– Install malicious controller to send malicious instruction to the underlying SDN devices.
– Man in the middle attack for communication between the controllers and the SDN devices to change the instruction sent by the trusted controller.

SDN treat image

These vulnerabilities can be used to launch the DoS attacks on the SDN devices or to change the data path to get access to sensitive information. The possible solutions to mitigate these threats in SDN architecture are:

– The controllers need to be placed at secure location in the network with stringent access policy.
– Out of band management to establish dedicated channel between the controller and SDN devices.
– Secure communication channel between the controller and SDN devices.
– Establish trust relationship between the controller and SDN devices.
In addition, the network will still have to cope with existing threats such as attacks on vulnerabilities in network devices and management stations.

About Dr. Muhammad Malik
14633273_10210700617655820_4121757570623647944_oCo-Founder and Editor-in-Chief Information Security Buzz

Dr. Muhammad Malik is renowned security evangelist with a record of achievement improving security posture of organizations through proven leadership in information security marketing, startegy, architecture and innovation for industry leaders IBM, EDS, HP, KPMG and Optus. Recipient of a PhD in Computer Science and Engineering from UNSW, Australia as well as Graduate Diploma in Management from AGSM, Australia with numerous technical certifications in Security: CISSP, CISM and CISA.

In this article