loading page

Systematizing Attacks and Defenses in Software-Defined Networking: A Survey
  • +5
  • Jinwoo Kim ,
  • Minjae Seo ,
  • Seungsoo Lee ,
  • Jaehyun Nam ,
  • Vinod Yegneswaran ,
  • Phillip Porras ,
  • Guofei Gu ,
  • Seungwon Shin
Jinwoo Kim
Kwangwoon University

Corresponding Author:[email protected]

Author Profile
Minjae Seo
Author Profile
Seungsoo Lee
Author Profile
Jaehyun Nam
Author Profile
Vinod Yegneswaran
Author Profile
Phillip Porras
Author Profile
Guofei Gu
Author Profile
Seungwon Shin
Author Profile


Software-Defined Networking (SDN) has manifested both its bright and dark sides so far. On the one hand, it has been advocated by research communities and industry for its open nature and programmability. Every stakeholder, such as researcher, practitioner, and developer, can design an innovative networking service with a rich set of APIs and a global network view by escaping from the vendor-dependent control plane. On the other hand, its new architecture has introduced many security challenges that did not exist in the legacy environment. However, while new attacks and vulnerabilities within SDN have been steadily discovered, fewer efforts have been made to systematize the vulnerabilities from security aspects. In this paper, we aim to scrutinize prior literature that disclosed attack cases in SDN from an architectural perspective through identifying their root causes, penetration routes, and outcomes. Then, we conduct an in-depth yet comprehensive discussion of their underlying problems and introduce countermeasures proposed by researchers to mitigate those attacks. We believe that this study can contribute to revisiting various security problems around the current SDN architecture and envisioning a guideline for security research for SDN in the future.