Enhancing security in SDN: Systematizing attacks and defenses from a penetration perspective

Over the past 15 years, Software-Defined Networking (SDN) has garnered widespread support in research and industry due to its open and programmable nature. This paradigm enables various stakeholders, such as researchers, practitioners, and developers, to innovate networking services using robust APIs and a global network view, eliminating dependence on vendor-specific control planes. However, the adaptable architecture of SDN has introduced numerous security challenges not present in traditional network environments. While several surveys have highlighted existing attacks, there is a notable absence of a systematic penetration perspective, essential for understanding the attacks and their origins. This paper seeks to analyze prior literature that has exposed instances of attacks in SDN, examining their vulnerabilities, penetration routes, and root causes. Furthermore, we offer a thorough and comprehensive discussion of the underlying issues associated with these attacks, presenting defenses proposed by researchers to mitigate them and analyzing how the root causes are addressed. We also explore how our survey can assist practitioners in preparing suitable defenses by providing insights into penetration routes. Through this study, our goal is to shed light on existing security issues within the current SDN architecture, prompting a reassessment of various security problems and offering a guideline for future research in SDN security.