With the development of the software-defined networking (SDN), centralized and open network management has brought many security problems. In this paper, we analyzed the security problems in SDN architecture, and then designed a SDN security controller architecture. We verified the feasibility and effectiveness of the architecture by using DDoS attack defense as an example, and analyzed the influence of the architecture on the network performance. Introduction Since the software-defined networking (SDN) was put forward, it received great attention. Related theories and technologies are also evolving and developing continuously. In the traditional network, the expansion of the network scale and large quantities of applications lead to the complexity of network structure. In order to solve the problems of TCP/IP network architecture, a lot of researches are carried out for the future network architectures. Redesign and redeployment of network core devices should be the first consideration of future network research [1]. The characteristic of SDN is that control function is independent. This conform to the developing direction of future network. Although SDN technology has many advantages such as centralized control, fine-grained network control, and the reduction of management complexity, but as a new kind of network architecture, SDN technology is still in the development and test phase. It faces many new security issues. Security is the key to the development and popularization of SDN. Through the improvement of controller, development of security applications and innovation of security architecture, it can improve the security performance of SDN network and give full play to the characteristics of this SDN. SDN Architecture The core of SDN is separating control and data plane. Based on this, researchers at Stanford University proposed OpenFlow [2] technology as a way to the realization of SDN. Then ONF was established, it developed the OpenFlow protocol standard and the SDN white paper [3]. SDN network architecture is composed of infrastructure layer, control layer and application layer. Infrastructure layer consists of network devices which support SDN technology standard. Control layer shield the difference of the underlying devices by control data plane interface (Southbound Interface) to communicate with network devices. Control layer provides programmable network management environment, through the centralized control of the network devices, network resources can be configured flexibly and dynamically. Application layer can realize more web services through the Northbound Interface which is provided by control layer. Researchers designed many implementation scheme of control layer based on SDN architecture and OpenFlow protocol. NOX [4] first introduced the concept of network operating system (NOS). NOS is the control software in SDN. In the OpenFlow network based on NOX, NOX is the control core. Because of NOX is the first SDN control layer based on OpenFlow, it has become a design template of OpenFlow controller [1]. Cisco, IBM and many companies developed OpenDaylight [5] controller. It supports both the “classic” OpenFlow-based approach and emerging model-driven network management and programmability technologies. The Open Networking Lab (ON.LAB) 4th International Conference on Machinery, Materials and Computing Technology (ICMMCT 2016) © 2016. The authors Published by Atlantis Press 229 developed an Open Network Operating System (ONOS) [6]. ONOS implements an open distributed control plane, it can provide scalable, high performance and high reliability NOS for large networks. Security Analyses of SDN Security Problems of Controller. In the SDN based on OpenFlow, the direct manager of network is controller. So the running state of controller is related to the running of whole network. But the number of controller is limited, the centralizing of management device will be a weakness of network. When network is encountering with DDoS attack, large amount of traffic in network will be processed by controller. This may lead to the load of controller increases sharply, even lost processing capacity. Security Problems of Flow Table. Flow table is the basic guarantee of OpenFlow network. So the stability and reliability of flow table are also important to the security of SDN. In the process of network configuration, many flow tables may already exist in network devices. Each configuration may conflict with the existing policy. If controller do not coordinate the conflicts, configuration of network will be very confusing. And attackers can disable forwarding function or create a channel for malicious attacks by adding malicious flow entries through Northbound Interface. Security Problems of Application. As a feature of SDN, open Northbound Interface allows developers develop applications which could run on controller. But open interface can be used to attack network and cause other issues. If the Northbound Interface can be used freely, the attack to network will be so easily. Attacker can develop malicious application to break controller. Even non-malicious applications can also cause problems of flow table. Security Problems of Southbound Interface. The reliability of Southbound Interface is also an important indicator of security. At present, Southbound Interface mainly refers to OpenFlow protocol. SSL/TLS protocol is adopted for the secure channel between controller and switch. But SSL/TLS protocol is not enough to establish and assure trust between controllers and switches. Attacker can gains access to the control plane by exploit the weaknesses of SSL/TLS [7]. A Security Controller Architecture In this section, we design a security controller architecture. The architecture is shown in Fig. 1. This architecture is composed of basic control module and customizable multi-granularity security module. The basic control module implement basic functions, following the SDN architecture. And customizable multi-granularity security module provides customizable security features. Basic control module Device manager Flow table read-write Topology discoverer Routing service Customizable multi-granularity security module Application manager Authority Manager Code auditor Behavior detector Sandbox