Software Defined Network Security Threats


Software Defined Network Security Threats

Software Defined Network Security Threats

As the software defined network developed security issues are also increased. Software defined networks become more open due to which attackers can get the information about networks and policies. DoS an attack also becomes higher as compare to earlier single router system. New entities and protocols also introduced new security threats. In this section of the paper security threats of application, control and resource layer are analyzed.

Software Defined Network Security Threats

A- Application Layer Security Threats

Malicious network policies may be enforced by the attacker by manipulation of applications and have impact on software defined network control layer. Security threats for the application layer are listed in the below table.

 

Security

Threats

Description
Spoofing Attackers got the user data and use them for further attack and do this by disguise the administrator.
Repudiation Malicious network policies which were enforced by the user can be denied by the user and data can be copied and forwarded to the malicious server.
Information

Disclosure

Attacker can disguise himself as a user and forged flows can be injected in network by software defined network application.
Application

Vulnerability

Vulnerabilities in software defined networks applications like insecure coder and flaws in code may lead to access resources by the attackers.

 

B- Control Layer Security Threats

Software defined network controller is the main thing in network so is security level must be maximum. If software defined networks controller is compromised then it will lead to destroy the whole network.  Security threats of this layer are given in the below table.

 

Security Threats Description
Confliction of Flow rules

 

Malicious flows can bypass the security detection and conflict with previously configured security and can affect the software defined network controller adversely.
Insertion of Fake flow rules

 

Attacker may hijack the software defined network application and can insert some fake rules.
Spoofing Attacker can get the control of the software defined network by disguising himself as administrator and can modify or remove the sensitive data.
DoS attack Spoofed traffic can be created by an attacker and can make DoS attack and can fail the network.
Repudiation Malicious flow rule which were inserted earlier by the software defined network application can be denied by the administrator.
Vulnerability of Operating system

 

As the software defined network controller run on operating system so the vulnerabilities of the operating system becomes the vulnerabilities of the software defined network controller.

 

C- Resource Layer Security Threats

Security threats of the resource layer are listed in the below table.

 

Security Threats Description
Spoofing Attacker can disguise to administrator and can delete and modify the sensitive data and can get sensitive data from the flow table.
Eavesdropping Attacker can eavesdrop of flow software defined network switches to acquire the information of the traffic and device.
Overflow of Flow table

 

Capacity bottleneck of the flow table may lead to some flow table overflow.
Repudiation Incorrect configuration may be denied by the administrator that he made earlier.

For more educational stuff

For online courses

Have any Question or Comment?

Leave a Reply

Your email address will not be published. Required fields are marked *

Categories

Calendar

March 2021
M T W T F S S
1234567
891011121314
15161718192021
22232425262728
293031