Security analysis of OpenDayLight, ONOS, RoseMary and RYU SDN controllers

AuthorArbettu, Ramachandra Kamath; Khondoker, Rahamatullah; Bayarou, Kpatcha; Weber, Frank
TypeConference Paper, Electronic Publication
AbstractThere is an immense expectation on Software- Defined Networking (SDN) in industry as a novel approach towards potentially replacing conventional network management and control. However, SDN is not immune to security vulnerabilities which currently exist in the legacy systems or which may newly arise due to change in the network design. Since the beginning of SDN development, primary focus of research was on separation of control plane from data plane by keeping performance and operational flexibility unchanged. In the due course of achieving this, security aspects of an SDN have taken a back seat. Even though separation of control plane from a data plane is a great step towards simplification of network management, it subjects the network into a potential two way target for intruders to gain control. Due to the centralized design of SDN, compromising security of a controller will be as good as compromising the security of a whole network. Enterprises which are moving towards adapting SDN are concerned about security issues and the resulting problems. In this paper, we analyze the security issues of few of the widely used controllers. We found that the OpenDayLight controller is the most secure one compared to the others. In addition, this paper also provides a snapshot of current development in security aspect of SDN controllers such that it may help SDN controller developers to identify the issues and rectify the same in future releases.
ConferenceInternational Telecommunications Network Strategy and Planning Symposium (Networks) <17, 2016, Montreal>
PartDziong, Zbigniew (Editor): 17th International Telecommunications Network Strategy and Planning Symposium, Networks 2016. Conference Proceedings: September 26-28, 2016, Montreal, Canada. Piscataway, NJ: IEEE, 2016, pp. 37-44