DoS and DDoS attacks in Software Defined Networks: A survey of existing solutions and research challenges

Abstract

Software Defined Networking (SDN) is a new networking paradigm where forwarding hardware is decoupled from control decisions. It promises to dramatically simplify network management and enable innovation and evolution. In SDN, network intelligence is logically centralized in software-based controllers (the control plane), while network devices (OpenFlow Switches) become simple packet-forwarding devices (the data plane) that can be programmed via an open interface (OpenFlow protocol). Such decoupling of the control plane from the data plane introduces various challenges that include security, reliability, load balancing, and traffic engineering. Dreadful security challenges in SDNs are denial of service (DoS) and distributed denial of service (DDoS) attacks. For instance, in SDNs, DoS/DDoS attacks could flood the control plane, the data plane, or the communication channel. Attacking the control plane could result in failure of the entire network, while attacking the data plane or the communication channel results in packet drop and network unavailability. In this paper we deliver several contributions that shed light on the field of DoS/DDoS attacks in SDNs, providing a complete background about the area, including attacks and analysis of the existing solutions. In particular, our contributions can be summarized as follow: we review and systematize the state-of-the-art solutions that address both DoS and DDoS attacks in SDNs through the lenses of intrinsic and extrinsic approaches. Moreover, the discussed countermeasures are organized accordingly to their focus, be it on detection, mitigation, prevention, or graceful degradation. Further, we survey the different approaches and tools adopted to implement the revised solutions. Finally, we also highlight possible future research directions to address DoS/DDoS attacks in SDNs.