Exploring Security Dynamics in SDN Controller Architectures: Threat Landscape and Implications

Software Defined Networking (SDN) has emerged as a new paradigm for managing heterogeneous networks ranging from enterprises to home network via decoupling the control plane from the data plane. In the traditional networking landscape, these two planes are tightly bound together inside a single appliance. The logically centralized and distributed control plane and programmability offer a great opportunity to improve network security, such as by implementing new mechanisms to detect and mitigate various threats, and also enable security as a service in an SDN paradigm. Due to the ever increasing and fast development of SDN, this paper provides an extensive survey of SDN controllers, SDN-related security threats, and solutions to mitigate the security threats. This study provides a comprehensive survey of 53 SDN controllers from different aspects, including language, architecture, organization, open source, scalability, consistency, reliability, API used, library, and their description. We have also provided a detailed security analysis of SDN architecture with an extensive classification of security threats endangering its different architectural components and the solutions to effectively mitigate them. This paper also identifies challenges and promising future directions on SDN deployment, standardization, implementation, and security issues that should be addressed in this field.