Exploring Security Dynamics in SDN Controller Architectures: Threat Landscape and Implications

Software Defined Networking (SDN) has emerged as a new paradigm for managing heterogeneous networks ranging from enterprises to home network via decoupling the control plane from the data plane. In traditional networking landscape, these two planes are tightly bounded together inside a single appliance. The logically centralized and distributed control plane and programmability offers a great opportunity to improve network security, such as implementing new mechanisms to detect and mitigate various threats, and also enables security as a service in an SDN paradigm. Due to ever increasing and fast development of SDN, this paper provides an extensive survey on SDN controllers, SDN related security threats, and the solutions to mitigate the security threats. This study provides a comprehensive survey on 53 SDN controllers from different aspects including language, architecture, organization, open source, scalability, consistency, reliability, API used, library, and their description. We have also provided a detailed security analysis of SDN architecture with an extensive classification of security threats endangering its different architectural components, and the solutions to effectively mitigate them. This paper also identifies challenges and promising future direction on SDN deployment, standardization, implementation and security issues that should be addressed in this field.