Security Control and Data Planes of SDN: A Comprehensive Review of Traditional, AI, and MTD Approaches to Security Solutions
Software-Defined Networking (SDN) is a groundbreaking technology that has transformed network management significantly. By integrating data and control, SDN offers unparalleled flexibility and responsiveness, thereby overcoming the limitations of conventional network architectures. However, a centra...
Saved in:
| Main Authors: | , , , , , , |
|---|---|
| Format: | Article |
| Language: | en |
| Published: |
Ieee Acces
2024
|
| Subjects: | |
| Online Access: | http://eprints.uthm.edu.my/12382/1/J17838_4d1a83a3e126df94c9c2b22e89df37a5.pdf http://eprints.uthm.edu.my/12382/ https://doi.org/10.1109/ACCESS.2024.3393548 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1833419779185049600 |
|---|---|
| author | Hirsi Abdi, Abdinasir Audah, Lukman Salh, Adeb A. Alhartomi, Mohammed Rasheed, Haroon Ahmed, Salman Tahir, Ahmed |
| author_facet | Hirsi Abdi, Abdinasir Audah, Lukman Salh, Adeb A. Alhartomi, Mohammed Rasheed, Haroon Ahmed, Salman Tahir, Ahmed |
| author_sort | Hirsi Abdi, Abdinasir |
| building | UTHM Library |
| collection | Institutional Repository |
| content_provider | Universiti Tun Hussein Onn Malaysia |
| content_source | UTHM Institutional Repository |
| continent | Asia |
| country | Malaysia |
| description | Software-Defined Networking (SDN) is a groundbreaking technology that has transformed network management significantly. By integrating data and control, SDN offers unparalleled flexibility and responsiveness, thereby overcoming the limitations of conventional network architectures. However, a centralized controller, which is a hallmark of SDN, is a double-edged security sword that offers easy control. This also becomes a dangerous point of failure for the entire network. To the best of our knowledge, this
is the first comprehensive study to explore traditional-based, artificial intelligence (AI)-based, and moving target defense (MTD) approaches to securing SDN. The study begins with a survey of traditional security solutions for SDN, encompassing authentication, authorization, encryption, security protocols, firewalls, and flow verification, by addressing security threats and vulnerabilities in both data and control planes. The study then investigates the application of AI-based security solutions in an SDN environment, focusing on how Machine Learning (ML) and Deep Learning (DL) techniques are leveraged to address advanced security threats. Additionally, the survey examines MTD mechanisms within data and control plane security. Several in-depth techniques, including the randomization of Internet Protocol (IP) and Media Access Control (MAC)
addresses, port numbers, and flow tables, and delving into the relationship between security threats, MTD strategies, and the specific controllers employed in experimental implementations. We utilized the widely recognized STRIDE cybersecurity framework to systematically identify and evaluate the potential threats to SDN security. Our analysis resulted in a comprehensive list of security challenges, and we propose future research directions aimed at addressing emerging threats in both the data and control planes. |
| format | Article |
| id | my.uthm.eprints-12382 |
| institution | Universiti Tun Hussein Onn Malaysia |
| language | en |
| publishDate | 2024 |
| publisher | Ieee Acces |
| record_format | eprints |
| spelling | my.uthm.eprints-123822025-05-05T04:58:38Z http://eprints.uthm.edu.my/12382/ Security Control and Data Planes of SDN: A Comprehensive Review of Traditional, AI, and MTD Approaches to Security Solutions Hirsi Abdi, Abdinasir Audah, Lukman Salh, Adeb A. Alhartomi, Mohammed Rasheed, Haroon Ahmed, Salman Tahir, Ahmed QA Mathematics Software-Defined Networking (SDN) is a groundbreaking technology that has transformed network management significantly. By integrating data and control, SDN offers unparalleled flexibility and responsiveness, thereby overcoming the limitations of conventional network architectures. However, a centralized controller, which is a hallmark of SDN, is a double-edged security sword that offers easy control. This also becomes a dangerous point of failure for the entire network. To the best of our knowledge, this is the first comprehensive study to explore traditional-based, artificial intelligence (AI)-based, and moving target defense (MTD) approaches to securing SDN. The study begins with a survey of traditional security solutions for SDN, encompassing authentication, authorization, encryption, security protocols, firewalls, and flow verification, by addressing security threats and vulnerabilities in both data and control planes. The study then investigates the application of AI-based security solutions in an SDN environment, focusing on how Machine Learning (ML) and Deep Learning (DL) techniques are leveraged to address advanced security threats. Additionally, the survey examines MTD mechanisms within data and control plane security. Several in-depth techniques, including the randomization of Internet Protocol (IP) and Media Access Control (MAC) addresses, port numbers, and flow tables, and delving into the relationship between security threats, MTD strategies, and the specific controllers employed in experimental implementations. We utilized the widely recognized STRIDE cybersecurity framework to systematically identify and evaluate the potential threats to SDN security. Our analysis resulted in a comprehensive list of security challenges, and we propose future research directions aimed at addressing emerging threats in both the data and control planes. Ieee Acces 2024 Article PeerReviewed text en http://eprints.uthm.edu.my/12382/1/J17838_4d1a83a3e126df94c9c2b22e89df37a5.pdf Hirsi Abdi, Abdinasir and Audah, Lukman and Salh, Adeb and A. Alhartomi, Mohammed and Rasheed, Haroon and Ahmed, Salman and Tahir, Ahmed (2024) Security Control and Data Planes of SDN: A Comprehensive Review of Traditional, AI, and MTD Approaches to Security Solutions. Digital Object Identifier. pp. 1-40. https://doi.org/10.1109/ACCESS.2024.3393548 |
| spellingShingle | QA Mathematics Hirsi Abdi, Abdinasir Audah, Lukman Salh, Adeb A. Alhartomi, Mohammed Rasheed, Haroon Ahmed, Salman Tahir, Ahmed Security Control and Data Planes of SDN: A Comprehensive Review of Traditional, AI, and MTD Approaches to Security Solutions |
| title | Security Control and Data Planes of SDN: A Comprehensive Review of Traditional, AI, and MTD Approaches to Security Solutions |
| title_full | Security Control and Data Planes of SDN: A Comprehensive Review of Traditional, AI, and MTD Approaches to Security Solutions |
| title_fullStr | Security Control and Data Planes of SDN: A Comprehensive Review of Traditional, AI, and MTD Approaches to Security Solutions |
| title_full_unstemmed | Security Control and Data Planes of SDN: A Comprehensive Review of Traditional, AI, and MTD Approaches to Security Solutions |
| title_short | Security Control and Data Planes of SDN: A Comprehensive Review of Traditional, AI, and MTD Approaches to Security Solutions |
| title_sort | security control and data planes of sdn: a comprehensive review of traditional, ai, and mtd approaches to security solutions |
| topic | QA Mathematics |
| url | http://eprints.uthm.edu.my/12382/1/J17838_4d1a83a3e126df94c9c2b22e89df37a5.pdf http://eprints.uthm.edu.my/12382/ https://doi.org/10.1109/ACCESS.2024.3393548 |
| url_provider | http://eprints.uthm.edu.my/ |