Security analysis of software defined networking protocols - OpenFlow, OF-Config and OVSDB: Paper presented at Fifth IEEE International Conference on Communications and Electronics, ICCE 2014, July 30 - August 1, 2014, Da Nang

AuthorBrandt, Markus; Khondoker, Rahamatullah; Marx, Ronald; Bayarou, Kpatcha
TypePresentation, Electronic Publication
AbstractSize as well as complexity of communication networks (e.g. enterprise, backbone, data center) are increasing day-by-day. Software-Defined Networking (SDN) promises to enhance manageability of such networks by decoupling control plan of a switch/router from its data plane. However, SDN itself could also introduce security threats e.g. Denial of Service (DoS), etc. on such networks. Protocols which are used for SDN must be analyzed in terms of security or else they bear a severe security risk, if potential security threats are not recognized. This paper analyses three of the most used protocols in SDN; the OpenFlow, OF-Config and OVSDB protocol using Microsofts STRIDE Threat Modeling. Security flaws have been found in all three protocols, especially if no encryption mechanisms like TLS is used.
ConferenceInternational Conference on Communications and Electronics (ICCE) <5, 2014, Da Nang>