A Centralized Reputation Management Scheme for Isolating Malicious Controller(s) in Distributed Software-Defined Networks
This addresses security vulnerabilities in SDN controllers for network administrators, but it is incremental as it builds on existing trust and reputation systems.
The paper tackles the problem of securing controllers in distributed Software-Defined Networks by proposing a centralized reputation management scheme to identify rogue or malicious controllers, achieving this through trust-based ratings and central reporting to administrators.
Software-Defined Networks have seen an increasing in their deployment because they offer better network manageability compared to traditional networks. Despite their immense success and popularity, various security issues in SDN remain open problems for research. Particularly, the problem of securing the controllers in distributed environment is still short of any solutions. This paper proposes a scheme to identify any rogue/malicious controller(s) in a distributed environment. Our scheme is based on trust and reputation system which is centrally managed. As such, our scheme identifies any controllers acting maliciously by comparing the state of installed flows/policies with policies that should be installed. Controllers rate each other on this basis and report the results to a central entity, which reports it to the network administrator.