ControllerSEPA: A Security-Enhancing SDN Controller Plug-in for OpenFlow Applications

Abstract

Software-defined networking (SDN), as a new network paradigm, has the advantage of centralizing control and global visibility over a network. However, security issues remain a major concern and prevent SDN from being widely adopted. One of the challenges is the prevention of malicious OpenFlow application (OF app) access to the SDN controller as it opens a programmable northbound interface for third party applications. In this paper, we address app-to-control security issues with focus on five main attack vectors: unauthorized access, illegal function calling, malicious rules injection, resources exhausting and manin-the-middle attack. Based on the identified threat models, we develop a light-weight plug-in, which is called ControllerSEPA, by using RESTful API to defend SDN controller against malicious OF apps. Specifically, ControllerSEPA can provide the services including OF app-based AAA control (unlike OpenDaylight and ONOS which offer user-based or role-based AAA control), rule conflict resolution, OF app isolation, fine-grained access control and encryption. Furthermore, we study the feasibility of deploying ControllerSEPA on five open source SDN controllers: OpenDaylight, ONOS, Floodlight, Ryu and POX. Results show that the deployment operates with very low complexity, and most of time the modification of source codes is unnecessary. In our implementations, the repacked services in ControllerSEPA create negligible latency (0.1% to 0.3%) and can provide more rich services to OF apps.