Ruffy, F. (2015):
Evaluating the State of Security in Software Defined Networks
Software-Defined Networking (SDN) is currently a much discussed topic, as it promises to free network operators from the proprietary and decentralised restrictions imposed by legacy networks. The new approach to network architecture shifts the configuration and routing mechanisms from routers and switches to a central controller, a single programmable software device which is able to view and command the entirety of the network. The key player in this evolution is the OpenFlow protocol, propagated by the Open Networking Foundation (ONF). However, in the process of growing popularity and surge of interest, the security aspect of SDN has been neglected. This circumstance may become a major hindrance in the acceptance and adoption of the new paradigm. The goal of this thesis is to compile research on security regarding both vulnerabilities and opportunities and to infer requirements for a secure software-defined network. The first section aims to provide a thorough background of SDN, its architecture and main components. The general design is then inspected for flaws by analysing and identifying several security vulnerabilities and problematic trends in the attack fields of Spoofing, Tampering, Repudiation, Denial of Service, and Elevation of Privilege. The threats are summarised and visualised in attack tree models. The results of this security assessment reveal that the software-defined network based on current standards and popular control software can not be considered secure. Consequently, the second section of the thesis utilises and augments contemporary approaches to enhance the security of the OpenFlow protocol as well as the general SDN infrastructure. The security principles and concepts demonstrate that the design of SDN is ultimately capable of preventing many of the identified vulnerabilities and even selectively enhances security compared to legacy infrastructure. Nevertheless, due to the software-based and virtual nature of SDN, the network may be exposed to the constant looming threat of software bugs and exploits that may facilitate Denial of Service and Elevation of Privilege in the central controller. Furthermore, the multitude of different required solutions may heavily impact the performance and latency of the control plane or introduce new previously unconsidered vulnerabilities.