TY - JOUR
T1 - Topology discovery in software defined networks
T2 - Threats, taxonomy, and state-of-the-art
AU - Khan, Suleman
AU - Gani, Abdullah
AU - Wahid Abdul Wahab, Ainuddin
AU - Guizani, Mohsen
AU - Khan, Muhammad Khurram
PY - 2016/8/5
Y1 - 2016/8/5
N2 - The fundamental role of the software defined networks (SDNs) is to decouple the data plane from the control plane, thus providing a logically centralized visibility of the entire network to the controller. This enables the applications to innovate through network programmability. To establish a centralized visibility, a controller is required to discover a network topology of the entire SDN infrastructure. However, discovering a network topology is challenging due to: 1) the frequent migration of the virtual machines in the data centers; 2) lack of authentication mechanisms; 3) scarcity of the SDN standards; and 4) integration of security mechanisms for the topology discovery. To this end, in this paper, we present a comprehensive survey of the topology discovery and the associated security implications in SDNs. This survey provides discussions related to the possible threats relevant to each layer of the SDN architecture, highlights the role of the topology discovery in the traditional network and SDN, presents a thematic taxonomy of topology discovery in SDN, and provides insights into the potential threats to the topology discovery along with its state-of-the-art solutions in SDN. Finally, this survey also presents future challenges and research directions in the field of SDN topology discovery.
AB - The fundamental role of the software defined networks (SDNs) is to decouple the data plane from the control plane, thus providing a logically centralized visibility of the entire network to the controller. This enables the applications to innovate through network programmability. To establish a centralized visibility, a controller is required to discover a network topology of the entire SDN infrastructure. However, discovering a network topology is challenging due to: 1) the frequent migration of the virtual machines in the data centers; 2) lack of authentication mechanisms; 3) scarcity of the SDN standards; and 4) integration of security mechanisms for the topology discovery. To this end, in this paper, we present a comprehensive survey of the topology discovery and the associated security implications in SDNs. This survey provides discussions related to the possible threats relevant to each layer of the SDN architecture, highlights the role of the topology discovery in the traditional network and SDN, presents a thematic taxonomy of topology discovery in SDN, and provides insights into the potential threats to the topology discovery along with its state-of-the-art solutions in SDN. Finally, this survey also presents future challenges and research directions in the field of SDN topology discovery.
KW - Topology discovery
KW - software defined networks security
KW - vulnerabilities
KW - topology poisoning
KW - controller visibility
U2 - 10.1109/COMST.2016.2597193
DO - 10.1109/COMST.2016.2597193
M3 - Review article
VL - 19
SP - 303
EP - 324
JO - IEEE Communications Surveys and Tutorials
JF - IEEE Communications Surveys and Tutorials
SN - 1553-877X
IS - 1
ER -