What Are Software Defined Network Security Threats

What Are Software Defined Network Security Threats

As the software defined network developed security issues are also increased. Whereas,software defined networks become more open due to which attackers can get the information about networks and policies. DoS an attack also becomes higher as compare to earlier single router system. New entities and protocols also introduced new security threats.

Software Defined Network Security Threats in different layers are as under:

A- Application Layer Security Threats

Malicious network policies may be enforced by the attacker by manipulation of applications and have impact on software defined network control layer. Security threats for the application layer listed in the below table.

Security Threats Description
Spoofing Attackers got the user data and use them for further attack and do this by disguise the administrator.
Repudiation Malicious network policies which were enforced by the user can be denied by the user and data can be copied and forwarded to the malicious server.
Information Disclosure Attacker can disguise himself as a user and forged flows can be injected in network by software defined network application.
Application Vulnerability Vulnerabilities in software defined networks applications like insecure coder and flaws in code may lead to access resources by the attackers.

B- Control Layer Security Threats

Software defined network controller is the main thing in network so is security level must be maximum. If software defined networks controller is compromised then it will lead to destroy the whole network.  Security threats of this layer given in the below table.

Security Threats Description
Confliction of Flow rules   Malicious flows can bypass the security detection and conflict with previously configured security and can affect the software defined network controller adversely.
Insertion of Fake flow rules   Attacker may hijack the software defined network application and can insert some fake rules.
Spoofing Attacker can get the control of the software defined network by disguising himself as administrator and can modify or remove the sensitive data.
DoS attack Spoofed traffic can be created by an attacker and can make DoS attack and can fail the network.
Repudiation Malicious flow rule which were inserted earlier by the software defined network application can be denied by the administrator.
Vulnerability of Operating system   As the software defined network controller run on operating system so the vulnerabilities of the operating system becomes the vulnerabilities of the software defined network controller.

C- Resource Layer Security Threats

Security threats of the resource layer listed in the below table. 

Security Threats Description
Spoofing Attacker can disguise to administrator and can delete and modify the sensitive data and can get sensitive data from the flow table.
Eavesdropping Attacker can eavesdrop of flow software defined network switches to acquire the information of the traffic and device.
Overflow of Flow table   Capacity bottleneck of the flow table may lead to some flow table overflow.
Repudiation Incorrect configuration may be denied by the administrator that he made earlier.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top