Cross-layer design in Software Defined Networks

Cross-layer design in Software Defined Networks (SDNs): issues and possible solutions. Ambika Sharma [email protected] Student id: 101056533 28-December-2016 Abstract—Internet creates a digital society in which everyone are connected to each other. The smart devices which uses IP address such as smart phones, laptops, notepad and all other devices are using internet to connect to each other. It give anytime, anywhere connectivity. Software Defined Networks is a new paradigm which is flexible enough as compared to traditional networks which are very complex and hard to manage. In Software Define Networks it decouples the control plane and data plane. The logical centralized controller is good for the scalability, reliability issues which most often dealt in traditional networks. SDN can be used in the network in two ways that is to improve security in the current network and improving the security of SDN itself. Security with SDN means security applications based on SDN such as centralized SDN firewall, centralized SDN based IDS/IPS systems, SDN-based access control, and filtering. Whereas, Security for SDN means security issues in SDN itself such as single-point-of-failure, rule conflicts, and flooding problems. In this paper, the issues and its solution in cross-layer design in Software Defined Networks are discussed. Separating control plane make it more attractive point for attacker to attack on that layer also called as brain of SDN by inserting malicious applications or large number of forged IP packets or using any other malicious techniques. In this paper, in section I introduction to SDN, section II Application layer (issues and their solutions), section III Control layer (issues and their solutions), section IV data plane (issues and their solutions) and Section V related work, Section VI conclusion. In a nutshell, this paper presents challenges and possible solution in cross-layer design in SDN.

I. I NTRODUCTION In traditional networks when administrators want to deploy new network policy, then operators need to configure each network device using low level and vendor specific commands. Due to this reason the traditional networks are hard to manage also there is high probability for incorrect configuration done by administrator. Whereas, SDN is emerging as one of the most promising and disruptive networking technologies of recent years. It has the potential to enable network innovation and create choice, and thus help realize new capabilities and address persistent problems with networking. It also promises to give network operators more control of their infrastructure, allowing customization and optimization, therefore reducing overall capital and operational costs [17]. SDN decouple control plane and data plane. In control plane or

SDN controller is a logically centralized for whole network which give reliability, scalability and reduce latency issues. Separation of the control and data planes, network switches become simple forwarding devices and the control plane is implemented as a logically centralized controller (or network operating system NOS), simplifying policy enforcement and network(re)configuration and evolution. Over legacy networks, adopting SDN has shown a lot of benefits such as simpler control with greater flexibility, faster network innovation, and ease of management. Software Defined Network is a technology that increases the performance of the network and reduces the hardware usage and also provides a better security and privacy compare to the traditional networks. Also, TCP is one of the most important transport protocols that are used by many of the Internet applications, including World Wide Web (www),File Transfer Protocol (FTP), and some streaming media applications [2]. TCP/IP contains five layers application layer, transport layer, network layer, data link layer, and physical layer which design to have limited interference with neighboring layers. Cross layer design is introduce which provides the inter-layer communication between two nonadjacent layers [16]. By combining the cross layer design and SDN architecture called cross-layer software-defined 5G architecture [31] used to solve heterogeneous network issues, poor computing capability in baseband data processing which is faced by mobile communication networks. Cognitive Radio networks have a significant impact on the TCP throughput as it concerned about the usage of the spectrum by primary and secondary users [2] [7]. Cognitive Radio is widely considered as a promising technology that deals with the spectrum shortage problem caused by the current inflexible spectrum-allocation policy [1]. SDN can combine with cloud to provide better performance, scalability, controllability and dynamism [40]. Alone with that Internet Of Things which is a revolution of Information technology which connects all the smart devices such as smart phones, laptops, sensors, DVRs, and other devices. However, this leads to increase the loads of traffic in the network to reduces the negative impact of traffic SDN is combined with IoTs. SDN interconnect with IoT to monitor and manage the traffic. There is interaction between the SDN controller and the IoT devices. There is proper architecture introduced by [32] which works together to provide high interaction services for IoT devices. Smart grid are also use to consume less energy from power grid infrastructure and less

emission of CO2 in green wireless cellular system [5] as in most studies the energy efficiency aspect is largely ignored [8]. Moreover, SDN technology currently used in various ways such as in multimedia technology it provides user with the updates such as train schedules, live news, live matches, finance and economics, and weather forecasts, in stations or on trains via Passenger Information System (PIS). Also, when an emergency situation occurs such as fire, an earthquake, or a terrorist attack occurs, metro Passenger Information System (PIS) is used to broadcast various kinds of dynamic emergency evacuation instructions [4]. Virtualization is a technique where number of virtual machine run on one physical system and it can be server based, client based or network based. SDN is considered as one of the most promising technologies to realize virtual networks, especially in network control [28]. As in Fig: 1 it is the basic diagram for understanding the ar-

data plane is nothing more than forwarding layer in which it forwards or drop the packet according to the rule mentioned by control plane. If new packet arrives in data plane then it forward the query to control plane for the flow entry. The flow table in data plane is of limited size and the old entry need to be deleted from flow table for making space for frequent or new entry. Many manufacturers, such as HP, NEC, IBM, produce the commercial OpenFlow switch, and several kinds OpenFlow controllers, e.g. NOX and floodlight, are available. The OpenFlow protocol is sustainably released by Open Networking Foundation (ONF), and SDN is becoming ever-increasingly popular in networking today [2]. II. A PPLICATION L AYER Application layer is the topmost layer in Software Defined Network (SDN). There are number of security issues in application layer especially related to access control and authentication. In this following section there is a discussion about the application layer issues and its various solutions for lack of authentication and authorization and access control and accountability issues. A. Issues on Application layer •

Fig. 1. SDN Architecture

chitecture of SDN layers. There are three layer in SDN that are Application layer, Control Layer/plane and Data layer/plane. In between the data plane and control plane the southbound interface is present whereas northbound interface lies between control plane and application layer. The applications layer as shown in Fig: 1 it is the set of applications such as Intrusion Detection technique, MAC learning, Load balance and others that take full use of the functions offered by the northbound interface to control plane for implementation of network control and operation logic. Routing, firewalls, load balance, monitoring and other operations is done by applications called Open Flow application [39]. Along with that the policies are applied to southbound interface to program the behavior of the forwarding devices in data plane. However, there are some threats that is policy conflict and policy inconsistency. SDN controller or control plane is the main logically centralized controller also called brain of the SDN. SDN Controller is the brain of the network which decides the flow control, routing, packet dropping and so on. The forwarding devices are programmed by the control plane. As it is logically centralized controller and any failure occur on SDN controller it effect the whole network. The ubiquitous attack for controller is denial of service or distributed attack in which attacker is able to make controller busy with the bogus request. The

Lack of Authentication and Authorization: Authentication is a process to check the identity of the user whether that user is legitimate or an intruder. Authorization defines the access privilege to the legitimate user. Typically, the application which is implemented on the controller is developed by the third party other than controller vendors especially in Open-Flow. The application protects the system from malicious activities but it access to network resources and network behavior manipulation is done without proper security mechanisms [13]. Moreover, the application from third party can be installed on the application layer [39]. Authorization related attacks taken place by unauthorized access to controller which affect the control and data layer as well as southbound interface. The security concerns rise to the threshold when it is on the large network with number of different third party application implemented on the controller [20]. Development and deployment of malicious application to the controller is the new entity introduced in SDN when compared to the traditional networks [26]. The unauthentic application affects the three SDN layers that are application layer, northbound interface and controller [36]. The weak authentication between application and controller leads to spoofing attack for instance forged or fake IP address or MAC address which later became a reason for Denial Of Services attack(DOS). The other major issues which can cause when weak authentication and authorization is on SDN are generating false alarm for having anomaly detection on the system [27], modifying flow entries [24], gaining control access to any legitimate system and so on. There are various techniques such as certificates which can prove the authenticity for network equipments but no mechanism is present to

•

certify network applications [20]. Therefore, malicious application is a great threat in SDN. Lack of Access control and Accountability:[21] Access control and accountability mechanisms are needed to ensure the security of a network as implementation of application is done from various resources on SDN network. In paper [40] they mentioned that lack of mechanisms to ensure trust between the controller and management applications is one of the major issues in SDN. Also, in paper [11] have given possible security threats related to access control and accountability in SDN by identify different classes of applications that can affect network security in SDN. For instance application that provides services for the network such as access control or firewall, and content inspection or intrusion detection services. The malicious application can bypass by using that application. Also, access control and accountability of nested applications will be a threat in SDN. The applications in SDNs can be either SDN-aware or unaware of SDN [9]. SDN aware applications are capable to communicate with the SDN controllers whereas the unaware SDN applications communicate indirectly with application programs in specific formats. Also, Unaware SDN authentic application which is compromised by inserting malicious code into it can become a gateway for unauthorized access to the network control plane. Therefore, maintaining access control and accountability list is most challenging issue in SDN.

•

•

Fig. 2. Issues and solutions on Application layer

B. Solutions on Application Layer: •

Switch based Rule Verification (SRV): In application layer when malicious application injected into the system then intruder tries to create mess by overwriting policy which cause policy conflict and policy inconsistency. The policy with lowest priority can cause havoc by manipulating the whole SDN network. By increasing the header field, the attacker have more chances to launch this attack. In paper [39] introduces a technique called Switch based Rule Verification (SRV) to deal with priority based mechanism issue in SDN network. It is implemented for mediating the Open Flow rules insertion requests in or among the Open Flow application. It leverages the centralized management in SDN network to have a global view of network topology and to detect the malicious behavior. It detects the conflict in two ways. Firstly, it examines the topology change and if it detect the security rule violation it generate the warning message

•

to administrator. Secondly, it checks for the malicious rule introduce by application. Once the malicious rule is detected then it shows the error message and rejects that rule. FLOVER: FLOVER is able to resolve all intermediate actions during the flow rule verification phase. Flover is an Open Flow application deployed on controller to check the new flow created by the controller lies under domain of the rules specified. In other words, it is used as a checking model that determines and verifies flow policies against the network security policy. It is the type of enforcement of security policy [36] and use for real time verification. It works on application layer, control layer as well as southbound and northbound interface. It is facilitating design of sophisticated threat detection and mitigation modules. It have a capability to identify a wider range of policy violation by verify set and goto actions which make it superior from Veri-Flow and FlowChecker [22]. Perm Open-Flow [21]: It is a fine grained permission system for applications for using open flow controller and data path. Application is required to work under controlled access. Set of permissions and isolation mechanisms are designed to enforce the permission control. Also [29] proposed Perm Open-Flow with a set of permissions and an isolation mechanism to enforce the permissions at the Application Programming Interface (API) entry. The solution effectively applies minimum privilege on the applications protecting the network from control-plane attacks. The permission set is categorized into read, notification, write, and system permissions. Availability of sensitive information to the application is done by read permission. Updating about the particular events in real time is done by notification permission. Write permission, as name implies it is use to modify the state in controller and system permission application access to local resources by operating system. According to [36] this is design to consider the concept like Control messages in Open-Flow, Application functional requirements, Threat vendor Model, Isolation Mechanism. The SDN layers affected by this design are application layer and control layer (or plane). Fine Grained naming scheme for flow entry: This is achieved by three step of rule. Firstly, the creator of the new flow rule should defined their identity that is administrator, user or agent. Secondly, the security privilege level of role is used to specify different security privilege levels for different roles of policy creators. The role with the relatively higher security privilege level is given more rights to access the SDN controller. For example, the policy created by the creator with relatively low security privilege level is replaced by the policy created by the creator with a higher level. Lastly, the policy firstly converted into flow entries, updated in flow tables, and then synchronized with the SDN switches. Firewall, DPI and IDP can be used to check the authenticity of these

•

policies. This method is also beneficial for the system performance as well. In paper [31] they presented an example by combining 5G with SDN technology in that example they consider the QoS for a user at cell boundary deteriorates. To determine the appropriate routing and bandwidth requirements as well as to schedule the beamforming and interference cancelling. After the decision has been made, the control plane decomposes the decision into two parts corresponding to the two layers, and then leverages the flow based “match-action” strategy for the both layers to make rules and control behaviors of each virtual element. Correspondingly, each data plane device integrates a SDN agent, which complies with the control strategy, resolves the control flow, and communicates with the control plane. Virtual elements constantly report the real-time status to the control plane, which may then dynamically refresh the global-view database. Auth-Flow: It is the authentication and access control mechanism which uses three components that are Open Flow controller, an authenticator and RADIUS server (authentication server). This technique work on host based credentials. Firstly, authenticator captures Extensible Authentication Protocol (EAP) messages between the requesting host and the RADIUS server and provides an authentication response to the Open Flow controller. The controller forward or drop packet based on the response from server. Access control is implemented by pairing host credentials with a set of host flows. The solution presented by Auth-Flow challenges the SDN security issue of unauthorized access [18] [29]. III. C ONTROL P LANE OR C ONTROL L AYER OR SDN CONTROLLER :

In Software Defined Network (SDN) the decoupling of data plane and control plane is done. The control plane is also called as SDN controller in which it decides different actions and events to perform on network. Unlike distributed system, SDN is a logically centralized where control plane is brain of the SDN. Due to this reason control plane appeals intruder as it became single point of failure for whole system if intruder succeed in manipulating control plane because after manipulation all control eventually goes on intruder hands. A. Issues on control plane •

DDoS or DoS [40]: The Distributed Denial of service or Denial of Service is a cyber attack in which intruder able to make the network busy by sending acknowledgement to bogus requests and make legitimate user wait for long period. DoS can be launch by one host whereas DDoS is launch by more than one host or compromised host (also known as bots). The DDoS can be implemented by exhausting network bandwidth or server resource (CPU, memory, socket etc). Nowadays, cloud is use vastly and on demand services is need anytime anywhere. Moreover, in virtualization technology the attacker get more success by building malicious virtual machine which consumes

•

little memory and disk space similar to legitimate Virtual Machine. These sophisticated DDoS attack are harder to detect. Also, the Fraudulent Resource Consumption (FRC) attack which consumes the bandwidth of the particular service by acting as legal cloud service clients, by continuously send requests to website hosting in cloud servers, which bills to the cloud customer owning the website; seems to the web server, those traffic does not reach the level of service denial, and it is difficult to distinguish malicious traffic from other legitimate traffic. This attack succeeds when it causes financial burden on the victim [40] [14].The DDoS can also occur by sending large amount of unknown packets to data plane from number of different compromised hosts and as there is no entry in flow table data plane equipment send query to control plane asking for the forwarding path which eventually make controller busy to resolve it [35]. A DoS attack on the SDN controller is also demonstrated in [6] where an attacker continuously sends IP packets with random headers to put the controller in non-responsive state. Threats due to Scalability: In cross-layer design, SDN manages the number of different heterogeneous forwarding devices to cope up with the latency issue by single controller. If the network grows then the sojourn time increase which increase the processing time of the SDN controller. This can became a cause of SDN controller failure. To avoid this multiple controller is implemented which divide network into sub-domains. In paper [15] demonstrated that implementing multiple controllers in SDNs cannot protect the network from failure. The reason is that the load of controllers carrying the load of the failed controller can exceed their capacity and hence will result in a worse situation, e.g., cascading failures of controllers. Having multiple controllers divides network into sub-domain also need information aggregation and maintaining different privacy rules in each sub-network will be a challenge [21]. In [6], the authors discussed a model where managed service providers (MSPs) provide network services to applications. In this case, an application traversing multiple network domains may pose serious security threats related to authorization, authentication and privacy by acquiring network resource information of third party networks without having proper service-level agreements (SLAs) in place.

Fig. 3. Issues and solutions

B. Solutions on Control Plane: •

•

•

•

Implementing SDN Guard [35]: It is an effective technique to protect network from DoS attack by dynamically rerouting potential malicious traffic, adjusting flow timeouts and aggregating flow rules associated with the malicious traffic. In this the SDN Guard set high hard timeout for malicious packet-in message so the switches do not have to request new flow rules much often for the same flow. This eliminates the time needed to send the request to the controller and waiting the flow entry. Also, the malicious traffic is forwarded to the least utilized link which means that flow entries will be inserted through switches of different paths (i.e., not only the switches of the shortest path). Moreover, the aggregation module is use to minimize the number of flow entries of the malicious flow by aggregating them using common properties. Defense Flow [22]: This mechanism is introduced by Radware to address the DoS attack. This obviates the need of middle-boxes in the physical network. It directs the control plane to collect specific flow statistics from forwarding devices (data plane) in the network at a per second resolution. The application measures normal traffic and then monitors for the anomaly patterns that suggests for DoS attack on the system. If threat is occur then a traffic diversion mechanism programmatically redirects malicious traffic to a dedicated center (running Radware’s DefensePro network behavioral analysis system) for detailed traffic inspection, signature analysis, and threat neutralization. Hyper Flow : SDN have single centralized controller and there are number of different rules defined for each connection leads to heavy load on controller. There are various methods to either minimize the load on a controller, distribute control plane functionalities, or maximize the processing power and memory of controllers. HyperFlow [3] is a physically distributed and logically centralized event-based scalable control platform. HyperFlow allows network operators to deploy multiple controllers, being capable of local decision making, in order to maximize controller scalability and minimize flow-setup time. In paper they provided a trade-off between availability, state distribution and suggest to place controllers to minimize latency as a starting point, and then use load balancing algorithms to balance the load among the controllers. ROSEMARY: It is proposed by [19] which provides robust, secure and high performance operating system (NOX). It main objective is to support control plane and resilience as well. It is use to protect system from common application failure which eventually leads to loss of network control [29]. A micro NOS architecture is introduced in this paper. Each application is run within an independent instance of ROSEMARY effectively sandboxing the application to protect the control layer from any vulnerability or malicious application. The solution

•

separates network applications from the trusted computing base of the Network Operating System, monitors and controls network resources consumed by each application also monitors and controls application operations such as privileged system calls, and implements a safe NOS restart process to carefully restart each service. It is an effective way to protect against malicious/compromised software defined network applications. Flow Checker [22] [17]: It is used to detect the misconfiguration within the network. It is a property-based verifier. Flow Checker uses the model checker technique to validate correctness of the interconnected network by comparing each pairs of flow table rules. It can be use by Network administrators to analyze the impact of new applications on the network before installation on the system. IV. DATA P LANE :

The data plane contains the network equipment which is use to forward or drop the packet. Due to integration of data plane and control plane, the data plane just use to route the packet according to the control plane inform it to do. The control plane acts like brain whereas data plane obey it. On data plane there are security threats which can cause security concern on the system. A. Issues on Data plane •

•

•

Data modification: Data plane and control plane communicate with each other for updating new flow table entry. However, the conversation between two of them happen is done in plain-text. Encryption is one way of preventing control data from being leaked. The different encryption algorithm such as DES. 3DES, AES are available through which encryption can be done. But, even together with integrity protection, encryption is not sufficient to protect against man-in-the-middle-type attacks [27]. Controller hijacking: The mutual authentication is required between switches in data plane and controller. The trust between the two is the requirement for ensuring that malicious element cannot harm the network without detected. It is a possibility that attacker can spoof the IP address of the controller and urge switches to connect with malicious controller. This is currently the case since most controllers and switches establish insecure TCP connections. If this happen then it can create havoc in the system. Furthermore, the attacker can exploit the vulnerabilities of the forwarding devices as well. Security of flow rules: In the SDN network, the Open Flow controller installs flow rules in the Open-Flow switch’s flow tables. Since, the decision making capability has been taken out of switches, so firstly the security concern is recognizing genuine flow rules and differentiating them from false or malicious rules. Then another challenge is based on the number of flow entries a switch can maintain. As switch has a limited number of flow tables where flow rules are installed according to the

•

controller’s view of the network. Switch has to wait until the controller issues flow rules. This makes the data plane prone to saturation attacks, since it has limited resources to buffer unsolicited (TCP/UDP) flows. Information disclosure: As per the name implies it is disclosing the confidential information such as flow rules on the SDN networks. In paper [25] they proposed a Data Flow Diagram (DFD) for how the attacker implement the information disclosure attack on controller. In Fig. 4

erates numerous network-wide instability and insecurity. When a switch tries to connect with the controller having same Data plane Identifier (DPID) few controller such as ONOS gives priority to first switch however sends packet to every switch which can be abused as packet sniffing or packet spoofing.

Fig. 5. Issues and solutions on Data plane

B. Solutions for data plane: •

Fig. 4. Data Flow Diagram showing Information disclosure attack on open flow controller

•

the attacker tries to intercept the nature of the controller working such as aggregated flow rule use for certain flow by measuring total time taken by a particular packet from starting to end point. The main purpose for this attack is to cause delay in the system by introducing new flow so data plane switch send the query to control plane and it check for the path for that flow. To release this attack the attacker either gain access to the multiple access (compromising hosts) or urging client to reproduce the response. Alone with that, an attacker selects the packet contents associated with the information they wish to disclose, sends the packet and measures the round-trip time(RTT). The main objective for this attack is to exploit the flow aggregation as it is not visible to the attacker in some cases so discover the network state. Duplication of Data Plane Identifier (DPID): The Data plane identifier is a new challenge because in traditional networks there is no decoupling of data and control plane as it done in SDN. In paper [10] it introduced the DPID security issue in SDN which cause when switches having same DPID. The Duplication of Data plane identifier name is used because it not only concerns with the attacker with malicious intent into the system, but also when simply an administrator misconfigures SDN switches. It is claimed that DPID duplication is fundamental security issue because DPID is an identifier of the data plane, and when DPID is not unique, it gen-

•

Mutual Authentication: Open Flow provides optional support for encrypted Transport Layer Security (TLS) communication and a certificate exchange between the switches and the controller(s) [15]. IP sec is another security protocol which can be used instead of TLS. IP sec and TLS provides not only mutual authentication but also confidentiality, integrity and replay attack protection. In paper [12] TLS/SSL does not guarantee secure communications, and it may compromise the controller device link. Moreover, the TLS/SSL model is not enough to establish and assure trust between controllers and switches. Once an attacker gains access to the control plane, it may be capable of aggregating enough power force (in terms of the number of switches under its control) to launch DDoS attacks. This lack of trust guarantees could even enable the creation of a virtual black hole network (e.g., by using OpenFlow-based slicing techniques allowing data leakage while the normal production traffic flows)[12]. Implementing trust between controllers and forwarding is essential requirement for detected the malicious elements. Complementary, integrity checks on controller and application software can help to ensure that safe code is being bootstrapped, which eliminates harmful software from being started once the system restarts [26]. Besides integrity checks, other things such as highly specialized malware detection systems or intrusion detection technique should be developed for SDN. Third party network applications should always be scanned for bad code and vulnerabilities because a malicious application represents a significant security threat to the network. Rate limiting, Packet dropping, Shorter timeouts, and Flow aggregations: [26] These are techniques that can be applied on controllers and forwarding devices to mitigate different types of attacks, such as denial of service and information disclosure. For instance, reduced timeouts can be used to mitigate the effect of an attack exploring the reactive operation mode of the network to make the

•

•

•

•

controller install rules that divert traffic to a malicious machine. With reduced timeouts, the attacker would be forced to constantly generate a number of forged packets to avoid timeout expiration, making the attack more likely to be detected. Whereas, rate limiting and packet dropping can be applied to avoid Denial of Service (DOS) attacks on the control plane or stop ongoing attacks directly on the data plane by installing specific rules on the devices where the attacks is being originated. SAVSH: In paper [34] SAVSH is introduced to validate IP source address for Software Defined Network. It uses global topological view and central control pattern, to locate nodes for the SDN switch replacement and deploy filtering rules onto them with desirable IP prefix-level filtering accuracy. In the meantime, SAVSH also takes network dynamics (e.g., topology changes) into account. The advantage of SAVSH is that it can gain the maximal IP source address validation effect by deploying the minimal SDN switches into traditional networks, which can keep existing network assets to the maximal degree so as to promote system incremental deployment. Veri-Flow [9]: It is a solution which verifies network correctness in real-time. Veri-Flow is situated as a layer between the controller and the switches and checks the validity of network whenever a new forwarding rule is installed by the controller. Veri-Flow divides the network into a set of equivalence classes on the basis of existing rules. Packets falling into a class undergo the same forwarding decisions throughout the network. When a new rule is to be introduced, the classes that will be altered by such a rule are located and network invariants are verified within those classes. Veri-Flow maintains forwarding graphs for the equivalence classes and traverses them to query the invariants. Each flow modification is thus verified in real-time before it is implemented. However, it is not yet feasible to implement Veri-flow in a network with multiple controllers because it is hard to obtain a complete view of network state in few cases. Data plane Isolation: It is a logical method to isolate the different data sharing same infrastructure. Tagging is one of the ways for data isolation. The data can be tagged by unique code and the traffic can be carried over a shared infrastructure. Tunnels tagged for a given tenant are then forwarded to the virtual network for that tenant. Moreover, encryption of the data can be done by symmetric or asymmetric method. Randomization: In information disclosure attacker can stealthy view the timing analysis to detect the network state and controller strategies. By using randomization technique it can be assuring that the internal system state remain confidential. In this technique, by increasing the variance of measurable response time can increase the statistical uncertainty of the attacker and reduce the strength of the attack considerably. A way to implement is to randomize the timeouts of the installed flow rules, so it increase the probability of unpredictable behavior that

•

will prevent the attacker to predict the logical view of the network state[10]. Along with that dropping of suspicious traffic on the network can also prevent the system from the intruders. Mynah[25]: It is a technique use to authenticate the data plane switches when connected to controller. It consists of various modules. Firstly, encryption modules which is use to encrypt or decrypt the session key with asymmetric or symmetric algorithm. This module can leverage open source encryption libraries such as OpenSSL library to make a use of various available encryption mechanisms. This module do encryption and decryption when request generated by mynah. Secondly, mynah controller module is the modulator by taking out the connection to making them by going through proper authentication process. Thirdly, mynah switch controller, which generates the session key with DPID, a time-stamp and transaction ID and then encrypt it by using encrypting algorithm. Finally when controller receives a connection with same DPID the controller decrypts the session key and checks if the containing DPID, time-stamp, transaction ID are valid. If any of these three is invalid, the controller rejects the connection from the switch. If all the information is valid, but there is a connection with the same DPID, then the controller still rejects the connection. In this way, the entire system can be free from DPID duplication. V. R ELATED W ORK

•

•

•

•

In paper [38] they propose Software Defined Networking (SDN) framework to a fleet of naval ships that relies on multiple satellite communication systems for on-board communication. They concluded a solution addresses practical issues in current shipboard naval networks such as sharing and load balancing of multiple satellite communication links as well as overcoming limited bandwidth constraints. In paper [33] Software Defined Network (SDN) technologies and cross layer design combined to enabled the introduction of new services such as dynamic Layer-1 (L1) circuits and Layer-2 (L2) virtual circuits (VCs). This work presents a cross-layer design that hold transportand link layer protocols to enable the full use of highrate circuits/Virtual Circuits to achieve high-throughput transfers. In paper [30] they introduce a principled approach to building a cross-layer architecture using the basic building blocks of Software Defined Radio and the principles of Software Defined Networking (SDN). SDN provides a great level of programmability into devices through the separation of the control and data planes. In paper [37] they studied the performance of MPTCP over SDN-enabled LEO satellite networks. Low Earth Orbiting (LEO) networks (Satellite systems) play an important role in the next generation 5G networks. To facilitate the integration of satellite and terrestrial networks, software-defined networking (SDN) is embraced which

•

brings flexibility, user-customized services and reduces the cost of network configurations. In paper [23] the Cross-Layer Orchestrator (CLO) presented which establishes a bond between the Application and the Network Layers. Through the proposed Cross Layer API, the CLO provides an interface for client and server side applications to reserve, alter and release network resources. By this network became more dynamic for on demands network services as well as for network flow. VI. C ONCLUSION

In this paper the issues and solutions for cross layer design in SDN are discussed. In this paper, there are number of solutions introduced for one particular issues. In Software Defined Network it consists of three different layer that are Application layer, control layer and data layer. In each layer there are different attacks and different techniques are use to secure the whole system from malicious user. R EFERENCES [1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

Quansheng Guan et al. “Prediction-based topology control and routing in cognitive radio mobile ad hoc networks”. In: IEEE Transactions on Vehicular Technology 59.9 (2010), pp. 4443–4452. Changqing Luo et al. “Cross-layer design for TCP performance improvement in cognitive radio networks”. In: IEEE Transactions on Vehicular Technology 59.5 (2010), pp. 2485–2495. Amin Tootoonchian and Yashar Ganjali. “HyperFlow: A distributed control plane for OpenFlow”. In: Proceedings of the 2010 internet network management conference on Research on enterprise networking. 2010, pp. 3–3. Li Zhu et al. “Cross-layer design for video transmissions in metro passenger information systems”. In: IEEE Transactions on Vehicular Technology 60.3 (2011), pp. 1171–1181. Shengrong Bu et al. “When the smart grid meets energy-efficient communications: Green wireless cellular networks powered by the smart grid”. In: IEEE Transactions on Wireless Communications 11.8 (2012), pp. 3014–3024. Paulo Fonseca et al. “A replication component for resilient OpenFlow-based networking”. In: 2012 IEEE Network Operations and Management Symposium. IEEE. 2012, pp. 933–939. Renchao Xie, F Richard Yu, and Hong Ji. “Dynamic resource allocation for heterogeneous services in cognitive radio networks with imperfect channel sensing”. In: IEEE Transactions on Vehicular Technology 61.2 (2012), pp. 770–780. Renchao Xie et al. “Energy-efficient resource allocation for heterogeneous cognitive radio networks with femtocells”. In: IEEE Transactions on Wireless Communications 11.11 (2012), pp. 3910–3920.

[9]

[10]

[11]

[12]

[13]

[14]

[15]

[16]

[17]

[18]

[19]

[20]

[21]

[22]

[23]

[24]

Ahmed Khurshid et al. “Veriflow: verifying networkwide invariants in real time”. In: Presented as part of the 10th USENIX Symposium on Networked Systems Design and Implementation (NSDI 13). 2013, pp. 15–27. Rowan Kl¨oti, Vasileios Kotronis, and Paul Smith. “Openflow: A security analysis”. In: 2013 21st IEEE International Conference on Network Protocols (ICNP). IEEE. 2013, pp. 1–6. M. Wasserman S. Hartman and D. Zhang. “Software driven networks problem statement”. In: Network Working Group Internet-Draft (2013). Pascal Urien. “LLCPS: A new security framework based on TLS for NFC P2P applications in the Internet of Things”. In: 2013 IEEE 10th Consumer Communications and Networking Conference (CCNC). IEEE. 2013, pp. 845–846. Xitao Wen et al. “Towards a secure controller platform for openflow applications”. In: Proceedings of the second ACM SIGCOMM workshop on Hot topics in software defined networking. ACM. 2013, pp. 171–172. Zhifeng Xiao and Yang Xiao. “Security and privacy in cloud computing”. In: IEEE Communications Surveys & Tutorials 15.2 (2013), pp. 843–859. Guang Yao, Jun Bi, and Luyi Guo. “On the cascading failures of multi-controllers in Software Defined Networks”. In: 2013 21st IEEE International Conference on Network Protocols (ICNP). IEEE. 2013, pp. 1–2. Bo Fu et al. “A survey of cross-layer designs in wireless networks”. In: IEEE Communications Surveys & Tutorials 16.1 (2014), pp. 110–126. Robert M. Hinden. “SDN AND SECURITY: Why Take Over the Hosts When You Can Take Over the Network”. In: RSA Conference (2014). Diogo Menezes Ferrazani Mattos and Otto Carlos Muniz Bandeira Duarte. “AuthFlow: authentication and access control mechanism for software defined networking”. In: Annals of Telecommunications (2014), pp. 1–9. Seungwon Shin et al. “Rosemary: A robust, secure, and high-performance network operating system”. In: Proceedings of the 2014 ACM SIGSAC conference on computer and communications security. ACM. 2014, pp. 78–89. Ijaz Ahmad et al. “Security in software defined networks: A survey”. In: IEEE Communications Surveys & Tutorials 17.4 (2015), pp. 2317–2346. Ijaz Ahmad et al. “Security in software defined networks: A survey”. In: IEEE Communications Surveys & Tutorials 17.4 (2015), pp. 2317–2346. Syed Taha Ali et al. “A survey of securing networks using software defined networking”. In: IEEE transactions on reliability 64.3 (2015), pp. 1086–1097. Giuseppe Carella et al. “Cross-layer service to network orchestration”. In: 2015 IEEE International Conference on Communications (ICC). IEEE. 2015, pp. 6829–6835. Zhiyuan Hu et al. “A comprehensive security architecture for SDN”. In: Intelligence in Next Generation

[25]

[26]

[27] [28]

[29]

[30]

[31]

[32]

[33]

[34]

[35]

[36]

[37] [38] [39]

Networks (ICIN), 2015 18th International Conference on. IEEE. 2015, pp. 30–37. Jin Won Kang, Sae Hyong Park, and Jaeho You. “Mynah: Enabling Lightweight Data Plane Authentication for SDN Controllers”. In: 2015 24th International Conference on Computer Communication and Networks (ICCCN). IEEE. 2015, pp. 1–6. Diego Kreutz et al. “Software-defined networking: A comprehensive survey”. In: Proceedings of the IEEE 103.1 (2015), pp. 14–76. Daniel Migault Kristian Slavov Makan Pourzandi. “ERICSSON TECHNOLOGY REVIEW”. In: (2015). Chengchao Liang and F Richard Yu. “Wireless network virtualization: A survey, some research issues and challenges”. In: IEEE Communications Surveys & Tutorials 17.1 (2015), pp. 358–380. Sandra Scott-Hayward, Sriram Natarajan, and Sakir Sezer. “A survey of security in software defined networks”. In: IEEE Communications Surveys & Tutorials 18.1 (2015), pp. 623–654. Prithviraj Shome et al. “CrossFlow: A cross-layer architecture for SDR using SDN principles”. In: Network Function Virtualization and Software Defined Network (NFV-SDN), 2015 IEEE Conference on. IEEE. 2015, pp. 37–39. Mao Yang et al. “Cross-layer software-defined 5G network”. In: Mobile Networks and Applications 20.3 (2015), pp. 400–409. Fatma Al Shuhaimi, Manju Jose, and Ajay Vikram Singh. “Software defined network as solution to overcome security challenges in IoT”. In: Reliability, Infocom Technologies and Optimization (Trends and Future Directions)(ICRITO), 2016 5th International Conference on. IEEE. 2016, pp. 491–496. Fatma Alali and Malathi Veeraraghavan. “A cross-layer design for large transfers in SDNs”. In: Ubiquitous and Future Networks (ICUFN), 2016 Eighth International Conference on. IEEE. 2016, pp. 769–774. Guolong Chen et al. “SAVSH: IP source address validation for SDN hybrid networks”. In: Computers and Communication (ISCC), 2016 IEEE Symposium on. IEEE. 2016, pp. 409–414. Lobna Dridi and Mohamed Faten Zhani. “SDN-Guard: DoS Attacks Mitigation in SDN Networks”. In: Cloud Networking (Cloudnet), 2016 5th IEEE International Conference on. IEEE. 2016, pp. 212–217. Ramanpreet Kaur et al. “Security of Software Defined Networks: Taxonomic Modeling, Key Components and Open research area”. In: (2016). SOBHAN NAZARI. “SDN in wireless environments. Role of satellite systems & MPTCP”. In: (2016). Sobhan Nazari et al. “Software Defined Naval Network for Satellite Communications (SDN-SAT)”. In: (2016). Yuchia Tseng, Zonghua Zhang, and Farid NatAbdesselam. “SRV: Switch-based rules verification in software defined networking”. In: NetSoft Conference

[40]

and Workshops (NetSoft), 2016 IEEE. IEEE. 2016, pp. 477–482. Qiao Yan et al. “Software-defined networking (SDN) and distributed denial of service (DDoS) attacks in cloud computing environments: A survey, some research issues, and challenges”. In: IEEE Communications Surveys & Tutorials 18.1 (2016), pp. 602–622.