Full Text:   <288>

Summary:  <170>

CLC number: TP393

On-line Access: 2019-01-07

Received: 2018-09-17

Revision Accepted: 2018-11-14

Crosschecked: 2018-12-17

Cited: 0

Clicked: 1047

Citations:  Bibtex RefMan EndNote GB/T7714

 ORCID:

Jun Wu

http://orcid.org/0000-0003-2483-6980

-   Go to

Article info.
Open peer comments

Frontiers of Information Technology & Electronic Engineering  2018 Vol.19 No.12 P.1500-1521

http://doi.org/10.1631/FITEE.1800575


Novel architectures and security solutions of programmable software-defined networking: a comprehensive survey


Author(s):  Shen Wang, Jun Wu, Wu Yang, Long-hua Guo

Affiliation(s):  Research Center for Modern Governance, Zhejiang University of Science and Technology, Hangzhou 310023, China; more

Corresponding email(s):   junwuhn@sjtu.edu.cn

Key Words:  Software-defined networking (SDN), Security, Programmable


Shen Wang, Jun Wu, Wu Yang, Long-hua Guo. Novel architectures and security solutions of programmable software-defined networking: a comprehensive survey[J]. Frontiers of Information Technology & Electronic Engineering, 2018, 19(12): 1500-1521.

@article{title="Novel architectures and security solutions of programmable software-defined networking: a comprehensive survey",
author="Shen Wang, Jun Wu, Wu Yang, Long-hua Guo",
journal="Frontiers of Information Technology & Electronic Engineering",
volume="19",
number="12",
pages="1500-1521",
year="2018",
publisher="Zhejiang University Press & Springer",
doi="10.1631/FITEE.1800575"
}

%0 Journal Article
%T Novel architectures and security solutions of programmable software-defined networking: a comprehensive survey
%A Shen Wang
%A Jun Wu
%A Wu Yang
%A Long-hua Guo
%J Frontiers of Information Technology & Electronic Engineering
%V 19
%N 12
%P 1500-1521
%@ 2095-9184
%D 2018
%I Zhejiang University Press & Springer
%DOI 10.1631/FITEE.1800575

TY - JOUR
T1 - Novel architectures and security solutions of programmable software-defined networking: a comprehensive survey
A1 - Shen Wang
A1 - Jun Wu
A1 - Wu Yang
A1 - Long-hua Guo
J0 - Frontiers of Information Technology & Electronic Engineering
VL - 19
IS - 12
SP - 1500
EP - 1521
%@ 2095-9184
Y1 - 2018
PB - Zhejiang University Press & Springer
ER -
DOI - 10.1631/FITEE.1800575


Abstract: 
Nowadays, cyberspace has become a vital part of social infrastructure. With the rapid development of the scale of networks, applications and services have become enriched, and the bearing function of the underlying network devices (such as switches and routers) has also been extended. To promote the dynamics architecture, high-level security, and high quality of service of the network, control network architecture forward separation is a development trend of the networking technology. Currently, software-defined networking (SDN) is one of the most popular and promising technologies. In SDN, high-level strategies are deployed by the proprietary equipment, which is used to guide the data forwarding of the network equipment. This can reduce many complicated functions of the network equipment and improve the flexibility and operability of the implementation and deployment of new network technologies and protocols. However, this novel networking technology faces novel challenges in term of architecture and security. The aim of this study is to offer a comprehensive review of the state-of-the-art research on novel advances of programmable SDN, and to highlight what has been investigated and what remains to be addressed, particularly, in terms of architecture and security.

可编程软件定义网络的新架构与安全技术:综述

摘要:当前,网络空间已经成为社会基础设施的一个重要组成部分。随着网络规模快速发展,应用程序和服务日益丰富,底层网络设备(如交换机和路由器)承载功能被不断扩展。为提升网络动态架构、安全性和服务质量,网络控制平面与数据平面的解耦是网络技术发展趋势。目前,软件定义网络(SDN)是新兴网络领域最热门、最具前景的技术之一。在SDN中,通过在专有设备部署高级别策略指导网络设备数据转发,减少网络设备复杂功能。SDN有利于实现网络新技术、新协议,提升部署功能灵活性和可操作性。然而,该新型网络技术面临架构和安全方面的新挑战。本文为可编程SDN最新进展相关研究提供一个全面综述,分析已被研究和有待解决的问题,并分析在框架架构和安全领域的发展趋势。

关键词:软件定义网络(SDN);安全;可编程

Darkslateblue:Affiliate; Royal Blue:Author; Turquoise:Article

Reference

[1]Ali ST, Sivaraman V, Radford A, et al., 2015. A survey of securing networks using software defined networking. IEEE Trans Reliab, 64(3):1086-1097.

[2]Benton K, Camp LJ, Small C, 2013. OpenFlow vulnerability assessment. 2nd ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, p.151-152.

[3]Botelho F, Bessani A, Ramos FMV, et al., 2014. On the design of practical fault-tolerant SDN controllers. 3rd European Workshop on Software Defined Networks, p.73-78.

[4]Braga R, Mota E, Passito A, 2010. Lightweight DDoS flooding attack detection using NOX/OpenFlow. IEEE Local Computer Network Conf, p.408-415.

[5]Casado M, Freedman MJ, Pettit J, et al., 2007. Ethane: taking control of the enterprise. Conf on Applications, Technologies, Architectures, and Protocols for Computer Communications, p.1-12.

[6]Cheng YN, Dong C, Chu LW, et al., 2015. Design and implementation of software-defined networking based firewall system. Comput Appl Softw, 32(1):286-288, 312 (in Chinese).

[7]David K, Berndt H, 2018. 6G vision and requirements: is there any need for beyond 5G? IEEE Veh Technol Mag, 13(3): 72-80.

[8]European Telecommunications Standards Institute, 2012. Network Functions Virtualisation. https://portal.etsi.org/nfv/nfv_white_paper.pdf

[9]Fayazbakhsh SK, Sekar V, Yu ML, et al., 2013. FlowTags: enforcing network-wide policies in the presence of dynamic middlebox actions. 2nd ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, p.19-24.

[10]Feng MJ, Mao SW, Jiang T, 2016. Enhancing the performance of future wireless networks with software-defined networking. Front Inform Technol Electron Eng, 17(7):606- 619.

[11]Gelberger A, Yemini N, Giladi R, 2013. Performance analysis of software-defined networking (SDN). IEEE 21st Int Symp on Modelling, Analysis and Simulation of Computer and Telecommunication Systems, p.389-393.

[12]Greenberg A, Hjalmtysson G, Maltz DA, et al., 2005. A clean slate 4D approach to network control and management. ACM SIGCOMM Comput Commun Rev, 35(5):41-54.

[13]Guan ZT, Zhang Y, Wu LF, et al., 2019. APPA: an anonymous and privacy preserving data aggregation scheme for fog-enhanced IoT. J Netw Comput Appl, 125:82-92.

[14]Gude N, Koponen T, Pettit J, et al., 2008. NOX: towards an operating system for networks. ACM SIGCOMM Comput Commun Rev, 38(3):105-110.

[15]Handigol N, Heller B, Jeyakumar V, et al., 2012. Where is the debugger for my software-defined network? 1st Workshop on Hot Topics in Software Defined Networks, p.55- 60.

[16]Hata H, 2013. A study of requirements for SDN switch platform. Int Symp on Intelligent Signal Processing and Communication Systems, p.79-84.

[17]Heller B, Sherwood R, McKeown N, 2012. The controller placement problem. 1st Workshop on Hot Topics in Software Defined Networks, p.7-12.

[18]Hu ZY, Wang MW, Yan XQ, et al., 2015. A comprehensive security architecture for SDN. 18th Int Conf on Intelligence in Next Generation Networks, p.30-37.

[19]Jafarian JH, Al-Shaer E, Duan Q, 2012. OpenFlow random host mutation: transparent moving target defense using software defined networking. 1st Workshop on Hot Topics in Software Defined Networks, p.127-132.

[20]Keller E, Ghorbani S, Caesar M, et al., 2012. Live migration of an entire network (and its hosts). 11th ACM Workshop on Hot Topics in Networks, p.109-114.

[21]Kim H, Feamster N, 2013. Improving network management with software defined networking. IEEE Commun Mag, 51(2):114-119.

[22]Kreutz D, Ramos FMV, Verissimo P, 2013. Towards secure and dependable software-defined networks. 2nd ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, p.55-60.

[23]Li GL, Wu J, Li JH, et al., 2017. Battery status sensing software-defined multicast for V2G regulation in smart grid. IEEE Sens J, 17(23):7838-7848.

[24]Linux Foundation, 2015. OpenDaylight. http://www.opendaylight.org

[25]Liu B, Chen M, Xu B, et al., 2016. An OpenFlow-based performance-oriented multipath forwarding scheme in datacenters. Front Inform Technol Electron Eng, 17(7): 647-660.

[26]Liu CF, Samarakoon S, Bennis M, et al., 2018. Fronthaul- aware software-defined wireless networks: resource allocation and user scheduling. IEEE Trans Wirel Commun, 17(1):533-547.

[27]Liu ZJ, Li Y, Su L, et al., 2014. TCAM-efficient flow table mapping scheme for OpenFlow multiple-table pipelines. J Tsinghua Univ (Sci Technol), 54(4):437-442 (in Chinese).

[28]McKeown N, Anderson T, Balakrishnan H, et al., 2008. OpenFlow: enabling innovation in campus networks. ACM SIGCOMM Comput Commun Rev, 38(2):69-74.

[29]Narayana S, Rexford J, Walker D, 2014. Compiling path queries in software-defined networks. 3rd Workshop on Hot Topics in Software Defined Networking, p.181-186.

[30]Nayak AK, Reimers A, Feamster N, et al., 2009. Resonance: dynamic access control for enterprise networks. 1st ACM Workshop on Research on Enterprise Networking, p.11-18.

[31]Nunes BBA, Mendonca M, Nguyen XN, et al., 2014. A survey of software-defined networking: past, present, and future of programmable networks. IEEE Commun Surv Tutor, 16(3):1617-1634.

[32]Open Networking Foundation, 2012. Software-Defined Networking: the New Norm for Networks. http://www.valleytalk.org/wp-content/uploads/2012/05/wp-sdn-newnorm.pdf

[33]Pan H, Guan HT, Liu JJ, et al., 2013. The FlowAdapter: enable flexible multi-table processing on legacy hardware. 2nd ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, p.85-90.

[34]Porras P, Shin S, Yegneswaran V, et al., 2012. A security enforcement kernel for OpenFlow networks. 1st Workshop on Hot Topics in Software Defined Networks, p.121-126.

[35]Qazi ZA, Tu CC, Chiang L, et al., 2013. SIMPLE-fying middlebox policy enforcement using SDN. ACM SIGCOMM Comput Commun Rev, 43(4):27-38.

[36]Reitblatt M, Foster N, Rexford J, et al., 2011. Consistent updates for software-defined networks: change you can believe in! 10th ACM Workshop on Hot Topics in Networks, Article 7.

[37]Reitblatt M, Foster N, Rexford J, et al., 2012. Abstractions for network update. ACM SIGCOMM Comput Commun Rev, 42(4):323-334.

[38]Scott-Hayward S, 2015. Design and deployment of secure, robust, and resilient SDN controllers. 1st IEEE Conf on Network Softwarization, p.1-5.

[39]Scott-Hayward S, O’Callaghan G, Sezer S, 2013. SDN security: a survey. IEEE SDN for Future Networks and Services, p.1-7.

[40]Sezer S, Scott-Hayward S, Chouhan PK, et al., 2013. Are we ready for SDN? Implementation challenges for software- defined networks. IEEE Commun Mag, 51(7):36-43.

[41]Shin S, Gu GF, 2012. CloudWatcher: network security monitoring using OpenFlow in dynamic cloud networks. 20th IEEE Int Conf on Network Protocols, p.1-6.

[42]Shin S, Porras P, Yegneswaran V, et al., 2013. FRESCO: modular composable security services for software- defined networks. ISOC Network and Distributed Security Symp, p.1-16.

[43]Tavakoli A, Casado M, Koponen T, et al., 2009. Applying NOX to the datacenter. 8th ACM Workshop on Hot Topics in Networks, p.1-6.

[44]Voellmy A, Kim H, Feamster N, 2012. Procera: a language for high-level reactive network control. 1st Workshop on Hot Topics in Software Defined Networks, p. 43-48.

[45]Wang K, Li JH, Wu J, et al., 2018. QoS-predicted energy efficient routing for information-centric smart grid: a network calculus approach. IEEE Access, 6:52867-52876.

[46]Wang X, Liu Z, Qi YX, et al., 2012. LiveCloud: a lucid orchestrator for cloud datacenters. 4th IEEE Int Conf on Cloud Computing Technology and Science, p.341-348.

[47]Wen XT, Chen Y, Hu CC, et al., 2013. Towards a secure controller platform for openflow applications. 2nd ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, p.171-172.

[48]Wu J, Dong MX, Ota K, et al., 2017. FCSS: fog computing based content-aware filtering for security services in information centric social networks. IEEE Trans Emerg Top Comput, in press.

[49]Wu J, Dong MX, Ota K, et al., 2018a. Big data analysis-based secure cluster management for optimized control plane in software-defined networks. IEEE Trans Netw Serv Manag, 15(1):27-38.

[50]Wu J, Luo SB, Wang S, et al., 2018b. NLES: a novel lifetime extension scheme for safety-critical cyber-physical systems using SDN and NFV. IEEE Internet Things J, in press.

[51]Yang EZ, Zhang LK, Yao Z, et al., 2016. A video conferencing system based on SDN-enabled SVC multicast. Front Inform Technol Electron Eng, 17(7):672-681.

[52]Yeganeh SH, Ganjali Y, 2012. Kandoo: a framework for efficient and scalable offloading of control applications. 1st Workshop on Hot Topics in Software Defined Networks, p.19-24.

[53]Yeganeh SH, Tootoonchian A, Ganjali Y, 2013. On scalability of software-defined networking. IEEE Commun Mag, 51(2):136-141.

[54]Zhang D, Chang Z, Yu FR, et al., 2016a. A double auction mechanism for virtual resource allocation in SDN-based cellular network. IEEE 27th Annual Int Symp on Personal, Indoor, and Mobile Radio Communications, p.1-6.

[54]Zhang D, Chang Z, Hämäläinen T, 2016b. Reverse combinatorial auction based resource allocation in heterogeneous software defined network with infrastructure sharing. IEEE 83rd Vehicular Technology Conf, p.1-6.

[55]Zhang D, Chang Z, Hämäläinen T, et al., 2017. Double auction based multi-flow transmission in software-defined and virtualized wireless networks. IEEE Trans Wirel Commun, 16(12):8390-8404.

Open peer comments: Debate/Discuss/Question/Opinion

<1>

Please provide your name, email address and a comment





Journal of Zhejiang University-SCIENCE, 38 Zheda Road, Hangzhou 310027, China
Tel: +86-571-87952783; E-mail: cjzhang@zju.edu.cn
Copyright © 2000 - Journal of Zhejiang University-SCIENCE