pith. sign in

arxiv: 1906.09546 · v1 · pith:WWYM3DTFnew · submitted 2019-06-23 · 💻 cs.NI · cs.CR

Experimental Security Analysis of Controller Software in SDNs: A Review

Tiago V. Ortiz , Bruno Kimura , J\'o Ueyama , Val\'erio Rosset This is my paper

Pith reviewed 2026-05-25 17:58 UTC · model grok-4.3

classification 💻 cs.NI cs.CR
keywords SDNcontroller securityexperimental analysisvulnerabilitiestaxonomystandardizationONF requirementscontrol plane
0
0 comments X

The pith

SDN controller security analysis requires standardized methodologies to meet requirements and support reliable software.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

This paper surveys existing experimental approaches to testing the security of controller software in software-defined networks. It organizes the techniques into a taxonomy and evaluates them against the security requirements specified by the Open Network Foundation. The review finds that current methods vary widely and often fail to cover the necessary requirements. The authors conclude that standardization of these automated analysis methodologies is essential. This would help prevent controller malfunctions that could collapse entire networks.

Core claim

Through a comprehensive review of the literature on experimental security analysis of the SDN control plane with emphasis on controller software vulnerabilities, the authors introduce a taxonomy of the techniques and conduct a comparative study against ONF security requirements, resulting in the claim that standardization of methodologies for automated security analysis is needed to support the development of reliable and secure SDN software.

What carries the argument

Taxonomy of experimental security analysis techniques for SDN controller software, applied in a comparative evaluation against ONF-defined security requirements.

If this is right

  • Existing experimental approaches fall short of fully addressing ONF security requirements for SDN controllers.
  • Standardized methodologies would enable more consistent assessment of controller vulnerabilities before deployment.
  • Without standardization, developing reliable and secure SDN software remains difficult.
  • A malfunction in non-standardized controller analysis could still lead to network collapse.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

  • Standardized methods could be adapted to security testing in other programmable network systems.
  • The taxonomy provides a starting point for creating shared benchmarks or tools for SDN security evaluation.
  • Future research might focus on automating the standardized approaches identified as gaps in the review.

Load-bearing premise

The surveyed literature is representative of the field and the ONF security requirements form an appropriate and complete benchmark for evaluating the approaches.

What would settle it

A broader survey of additional papers or an alternative set of requirements demonstrating that existing experimental methods already achieve sufficient coverage and consistency without standardization.

Figures

Figures reproduced from arXiv: 1906.09546 by Bruno Kimura, J\'o Ueyama, Tiago V. Ortiz, Val\'erio Rosset.

Figure 1
Figure 1. Figure 1: SDN architecture abstraction. In the control plane, the controller acts as a network operating system (NOS) and provides the basic abstractions and functionalities needed for the imple￾mentation of the forward policies defined by the management entity of an Au￾tonomous System (AS). Controllers can communicate with each other to ensure distributed network control. Alternatively, a controller can interact ei… view at source ↗
Figure 2
Figure 2. Figure 2: Experimental security analysis of SDN Controller [PITH_FULL_IMAGE:figures/full_fig_p006_2.png] view at source ↗
Figure 3
Figure 3. Figure 3: List of supporting tools and occurrences by year fo [PITH_FULL_IMAGE:figures/full_fig_p019_3.png] view at source ↗
Figure 4
Figure 4. Figure 4: Methods for security analysis and the related amou [PITH_FULL_IMAGE:figures/full_fig_p020_4.png] view at source ↗
Figure 5
Figure 5. Figure 5: The number of papers, found in our literature revie [PITH_FULL_IMAGE:figures/full_fig_p021_5.png] view at source ↗
Figure 6
Figure 6. Figure 6: The amount of papers, found in our literature revie [PITH_FULL_IMAGE:figures/full_fig_p022_6.png] view at source ↗
Figure 7
Figure 7. Figure 7: Taxonomy considering the techniques used for secu [PITH_FULL_IMAGE:figures/full_fig_p025_7.png] view at source ↗
read the original abstract

The software defined networking paradigm relies on the programmability of the network to automatically perform management and reconfiguration tasks. The result of adopting this programmability feature is twofold: first by designing new solutions and, second, by concurrently making room for the exploitation of new security threats. As a malfunction in the controller software may lead to a collapse of the network, assessing the security of solutions before their deployment, is a major concern in SDNs. In light of this, we have conducted a comprehensive review of the literature on the experimental security analysis of the control plane in SDNs, with an emphasis on vulnerabilities of the controller software. Additionally, we have introduced a taxonomy of the techniques found in the literature with regard to the experimental security analysis of SDN controller software. Furthermore, a comparative study has been carried out of existing experimental approaches considering the security requirements defined by the Open Network Foundation (ONF). As a result, we highlighted that there is a need for a standardization of the methodologies employed for automated security analysis, that can meet the appropriate requirements, and support the development of reliable and secure software for SDNs.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Referee Report

3 major / 2 minor

Summary. The manuscript reviews the literature on experimental security analysis of SDN controller software, introduces a taxonomy of analysis techniques, performs a comparative evaluation of existing approaches against the Open Networking Foundation (ONF) security requirements, and concludes that standardization of automated security analysis methodologies is needed to support reliable SDN software.

Significance. A systematic survey that rigorously maps techniques to a clear benchmark could usefully identify gaps in SDN controller security analysis and motivate standardization efforts; the field would benefit from such a synthesis given the central role of controllers and the risks of unanalyzed programmability.

major comments (3)
  1. [§2] §2 (or equivalent methodology section): The claim of a 'comprehensive review' is not supported by any description of search strategy, databases, keywords, time bounds, or inclusion/exclusion criteria; without this, the representativeness of the surveyed works cannot be assessed and the call for standardization rests on an unverified sample.
  2. [§4] §4 (Comparative study): The ONF requirements are used as the sole benchmark without justification of completeness or discussion of omitted properties (e.g., timing side-channels, formal invariants of controller state machines, or resilience to specific SDN protocol attacks); this choice is load-bearing for the gap analysis and standardization recommendation.
  3. [Taxonomy and comparative table] Taxonomy presentation and Table 1 (or equivalent comparison table): The classification criteria for the taxonomy are not explicitly stated, and the mapping of individual approaches to ONF requirements lacks an auditable rubric, making it impossible to verify whether the identified deficiencies are systematic or selection-dependent.
minor comments (2)
  1. [Abstract] Abstract, final sentence: The phrasing is convoluted; reword for clarity (e.g., separate the standardization need from the supporting requirements).
  2. [Figures] Figure captions and taxonomy diagram: Ensure all branches and categories are labeled and that the diagram is referenced in the text with a clear legend.

Simulated Author's Rebuttal

3 responses · 0 unresolved

We thank the referee for their thorough review and constructive comments. We address each of the major comments below.

read point-by-point responses

  1. Referee: [§2] §2 (or equivalent methodology section): The claim of a 'comprehensive review' is not supported by any description of search strategy, databases, keywords, time bounds, or inclusion/exclusion criteria; without this, the representativeness of the surveyed works cannot be assessed and the call for standardization rests on an unverified sample.

    Authors: We agree with the referee that a description of the search strategy is necessary to support the claim of a comprehensive review. In the revised manuscript, we will include a methodology section that details the databases consulted, search keywords, time bounds, and inclusion/exclusion criteria used to select the surveyed works. revision: yes

  2. Referee: [§4] §4 (Comparative study): The ONF requirements are used as the sole benchmark without justification of completeness or discussion of omitted properties (e.g., timing side-channels, formal invariants of controller state machines, or resilience to specific SDN protocol attacks); this choice is load-bearing for the gap analysis and standardization recommendation.

    Authors: The ONF requirements were chosen because they are the de facto standard for SDN security as established by the Open Networking Foundation. Nevertheless, we recognize the value in justifying this selection and discussing omitted properties. We will revise the comparative study section to include a justification for using ONF requirements and a discussion of additional aspects such as timing side-channels and formal methods that could be incorporated in future analyses. revision: yes

  3. Referee: [Taxonomy and comparative table] Taxonomy presentation and Table 1 (or equivalent comparison table): The classification criteria for the taxonomy are not explicitly stated, and the mapping of individual approaches to ONF requirements lacks an auditable rubric, making it impossible to verify whether the identified deficiencies are systematic or selection-dependent.

    Authors: We will explicitly articulate the classification criteria employed in constructing the taxonomy. Furthermore, we will enhance the presentation of the comparative table by providing a clearer rubric or detailed explanation for the mapping of each approach to the ONF requirements, ensuring the analysis is more transparent and verifiable. revision: yes

Circularity Check

0 steps flagged

Survey paper with no derivations, equations, or self-referential modeling

full rationale

This is a literature review surveying experimental security analysis techniques for SDN controller software. It introduces a taxonomy of techniques and performs a comparative study against ONF-defined security requirements. No mathematical derivations, predictions, fitted parameters, or equations appear in the abstract or described structure. The call for standardization of methodologies is a qualitative conclusion drawn from the survey comparison, not a reduction of any output to its own inputs by construction. No self-citation chains, uniqueness theorems, or ansatzes are invoked as load-bearing steps. The paper is self-contained as a review and does not exhibit any of the enumerated circularity patterns.

Axiom & Free-Parameter Ledger

0 free parameters · 0 axioms · 0 invented entities

This paper is a literature review and does not introduce new parameters, axioms, or entities.

pith-pipeline@v0.9.0 · 5730 in / 947 out tokens · 27660 ms · 2026-05-25T17:58:00.832826+00:00 · methodology

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Lean theorems connected to this paper

Citations machine-checked in the Pith Canon. Every link opens the source theorem in the public Lean library.

What do these tags mean?
matches
The paper's claim is directly supported by a theorem in the formal canon.
supports
The theorem supports part of the paper's argument, but the paper may add assumptions or extra steps.
extends
The paper goes beyond the formal theorem; the theorem is a base layer rather than the whole result.
uses
The paper appears to rely on the theorem as machinery.
contradicts
The paper's claim conflicts with a theorem or certificate in the canon.
unclear
Pith found a possible connection, but the passage is too broad, indirect, or ambiguous to say the theorem truly supports the claim.

Reference graph

Works this paper leans on

56 extracted references · 56 canonical work pages

  1. [1]

    Sezer, S

    S. Sezer, S. Scott-Hayward, P. K. Chouhan, B. Fraser, D. La ke, J. Finnegan, N. Viljoen, M. Miller, N. Rao, Are we ready for sdn? implementation challenges for software-defined networks, IEEE Communications Magazine 51 (7) (2013) 36–43

    work page 2013

  2. [2]

    B. A. A. Nunes, M. Mendonca, X. N. Nguyen, K. Obraczka, T. Tu rletti, A survey of software-defined networking: Past, present, and f uture of programmable networks, IEEE Communications Surveys Tutorials 1 6 (3) (2014) 1617–1634

    work page 2014

  3. [3]

    Kreutz, F

    D. Kreutz, F. M. V. Ramos, P. E. Ver ´ ıssimo, C. E. Rothenberg, S. Azodol- molky, S. Uhlig, Software-defined networking: A comprehensive su rvey, Proceedings of the IEEE 103 (1) (2015) 14–76

    work page 2015

  4. [4]

    McKeown, T

    N. McKeown, T. Anderson, H. Balakrishnan, G. Parulkar, L. Pet erson, J. Rexford, S. Shenker, J. Turner, Openflow: Enabling innovation in cam- pus networks, SIGCOMM Comput. Commun. Rev. 38 (2) (2008) 69– 74

    work page 2008

  5. [5]

    Z. Shu, J. Wan, D. Li, J. Lin, A. V. Vasilakos, M. Imran, Security in software-defined networking: Threats and countermeasures, Mobile Net- works and Applications 21 (5) (2016) 764–776

    work page 2016

  6. [6]

    Abdou, P

    A. Abdou, P. C. van Oorschot, T. Wan, Comparative analysis of c ontrol plane security of sdn and conventional networks, IEEE Communica tions Surveys Tutorials 20 (4) (2018) 3542–3559

    work page 2018

  7. [7]

    Ahmad, S

    I. Ahmad, S. Namal, M. Ylianttila, A. Gurtov, Security in software defined networks: A survey, IEEE Communications Surveys Tutorials 17 (4 ) (2015) 2317–2346

    work page 2015

  8. [8]

    M. C. Dacier, H. K¨ onig, R. Cwalinski, F. Kargl, S. Dietrich, Securit y chal- lenges and opportunities of software-defined networking, IEEE S ecurity Privacy 15 (2) (2017) 96–100

    work page 2017

  9. [9]

    Scott-Hayward, G

    S. Scott-Hayward, G. O’Callaghan, S. Sezer, Sdn security: A su rvey, in: 2013 IEEE SDN for Future Networks and Services (SDN4FNS), 201 3, pp. 1–7. 27

    work page 2013

  10. [10]

    Scott-Hayward, S

    S. Scott-Hayward, S. Natarajan, S. Sezer, A survey of sec urity in software defined networks, IEEE Communications Surveys Tutorials 18 (1) ( 2016) 623–654

    work page 2016

  11. [11]

    W. Li, W. Meng, L. F. Kwok, A survey on openflow-based softwa re defined networks: Security challenges and countermeasures, Journal o f Network and Computer Applications 68 (Supplement C) (2016) 126 – 139

    work page 2016

  12. [12]

    Dargahi, A

    T. Dargahi, A. Caponi, M. Ambrosin, G. Bianchi, M. Conti, A surve y on the security of stateful sdn data planes, IEEE Communications Su rveys Tutorials 19 (3) (2017) 1701–1725

    work page 2017

  13. [13]

    I. Guo, M. Pourzandi, S. Scott-Haywar, H. Song, C. Wangke, F. Xialiang, X. Z. Dacheng Zhang, Security foundation requirements for sdn c ontrollers, Tech. Rep. TR-529, ONF (July 2016)

    work page 2016

  14. [14]

    Danping, M

    A. Danping, M. Pourzandi, S. Scott-Hayward, H. Song, M. Wina ndy, D. Zhang, Threat analysis for the sdn architecture, Tech. Rep. T R-511, ONF (July 2016)

    work page 2016

  15. [15]

    Akhunzada, A

    A. Akhunzada, A. Gani, N. B. Anuar, A. Abdelaziz, M. K. Khan, A . Hayat, S. U. Khan, Secure and dependable software defined networks, J ournal of Network and Computer Applications 61 (2016) 199 – 221

    work page 2016

  16. [16]

    Shalimov, D

    A. Shalimov, D. Zuikov, D. Zimarina, V. Pashkov, R. Smeliansky, A d- vanced study of sdn/openflow controllers, in: Proceedings of the 9th Cen- tral & Eastern European Software Engineering Conference in Rus sia, CEE- SECR ’13, ACM, New York, NY, USA, 2013, pp. 1–6

    work page 2013

  17. [17]

    Hernan, S

    S. Hernan, S. Lambert, T. Ostwald, A. Shostack, Threat mod eling-uncover security design flaws using the stride approach, MSDN Magazine-Lo uisville (2006) 68–75

    work page 2006

  18. [18]

    Hakiri, A

    A. Hakiri, A. Gokhale, P. Berthou, D. C. Schmidt, T. Gayraud, S oftware- defined networking: Challenges and research opportunities for fu ture inter- net, Computer Networks 75 (2014) 453–471

    work page 2014

  19. [19]

    Doria, J

    A. Doria, J. H. Salim, R. Haas, H. Khos- ravi, W. Wang, L. Dong, R. Gopal, J. Halpern, Forwarding and control element separation (forces) protocol s pecification (RFC 5810). URL https://tools.ietf.org/html/rfc5810

    work page

  20. [20]

    B. Pfaff, B. Davie, The open vswitch database management pro tocol (RFC 7047). URL https://tools.ietf.org/html/rfc7047

    work page

  21. [21]

    H. Song, Protocol-oblivious forwarding: Unleash the power of s dn through a future-proof forwarding plane, in: Proceedings of the second A CM SIG- COMM workshop on Hot topics in software defined networking, ACM, 2013, pp. 127–132. 28

    work page 2013

  22. [22]

    J. P. Vasseur, J. L. Le Roux, Path computation element (pce) communica- tion protocol (pcep), Tech. Rep. RFC 5440 (2009)

    work page 2009

  23. [23]

    R. Enns, M. Bjorklund, J. Schoenwaelder, A. Bierman, Networ k configura- tion protocol (netconf), Tech. Rep. RFC 6241 (2011)

    work page 2011

  24. [24]

    Bosshart, D

    P. Bosshart, D. Daly, G. Gibb, M. Izzard, N. McKeown, J. Rexf ord, C. Schlesinger, D. Talayco, A. Vahdat, G. Varghese, et al., P4: Pro gram- ming protocol-independent packet processors, ACM SIGCOMM Com puter Communication Review 44 (3) (2014) 87–95

    work page 2014

  25. [25]

    Hares, R

    S. Hares, R. White, Software-defined networks and the inter face to the routing system (i2rs), IEEE Internet Computing 17 (4) (2013) 84 –88

    work page 2013

  26. [26]

    Brandt, R

    M. Brandt, R. Khondoker, R. Marx, K. Bayarou, Security ana lysis of soft- ware defined networking protocols—openflow, of-config and ovsd b, in: The 2014 IEEE Fifth International Conference on Communications and Elec- tronics (ICCE 2014), DA NANG, Vietnam, 2014

    work page 2014

  27. [27]

    H. T. N. Tri, K. Kim, Assessing the impact of resource attack in s oft- ware defined network, in: 2015 International Conference on Inf ormation Networking (ICOIN), 2015, pp. 420–425

    work page 2015

  28. [28]

    Chi, C.-T

    P.-W. Chi, C.-T. Kuo, J.-W. Guo, C.-L. Lei, How to detect a compro mised sdn switch, in: Proceedings of the 2015 1st IEEE Conference on Ne twork Softwarization (NetSoft), 2015, pp. 1–6

    work page 2015

  29. [29]

    Nguyen, M

    T.-H. Nguyen, M. Yoo, Analysis of link discovery service attacks in sdn controller, in: 2017 International Conference on Information Ne tworking (ICOIN), 2017, pp. 259–261

    work page 2017

  30. [30]

    Chandrasekaran, T

    B. Chandrasekaran, T. Benson, Tolerating sdn application failu res with legosdn, in: Proceedings of the 13th ACM Workshop on Hot Topics in Networks, HotNets-XIII, ACM, New York, NY, USA, 2014, pp. 1– 7

    work page 2014

  31. [31]

    S. Shin, Y. Song, T. Lee, S. Lee, J. Chung, P. Porras, V. Yegn eswaran, J. Noh, B. B. Kang, Rosemary: A robust, secure, and high-perfo rmance network operating system, in: Proceedings of the 2014 ACM SIGSA C Con- ference on Computer and Communications Security, CCS ’14, ACM, N ew York, NY, USA, 2014, pp. 78–89

    work page 2014

  32. [32]

    S. Lee, C. Yoon, S. Shin, The smaller, the shrewder: A simple malic ious application can kill an entire sdn environment, in: Proceedings of the 2016 ACM International Workshop on Secur ity in Software Defined Networks & Network Function Virtualizatio n, SDN-NFV Security ’16, ACM, New York, NY, USA, 2016, pp. 23–28. URL http://doi.acm.org/10.1145/287601...

    work page doi:10.1145/2876019.2876024 2016

  33. [33]

    Alencar, M

    F. Alencar, M. Santos, M. Santana, S. Fernandes, How softw are aging affects sdn: A view on the controllers, in: 2014 Global Information I nfras- tructure and Networking Symposium (GIIS), 2014, pp. 1–6. 29

    work page 2014

  34. [34]

    Scott-Hayward, C

    S. Scott-Hayward, C. Kane, S. Sezer, Operationcheckpoint : Sdn applica- tion control, in: 2014 IEEE 22nd International Conference on Net work Protocols, 2014, pp. 618–623

    work page 2014

  35. [35]

    R¨ opke, T

    C. R¨ opke, T. Holz, Retaining control over sdn network servic es, in: 2015 International Conference and Workshops on Networked System s (NetSys), 2015, pp. 1–5

    work page 2015

  36. [36]

    Brooks, B

    M. Brooks, B. Yang, A man-in-the-middle attack against opend aylight sdn controller, in: Proceedings of the 4th Annual ACM Conference on R esearch in Information Technology, RIIT ’15, ACM, New York, NY, USA, 2015 , pp. 45–49

    work page 2015

  37. [37]

    Porras, S

    P. Porras, S. Shin, V. Yegneswaran, M. Fong, M. Tyson, G. Gu , A security enforcement kernel for openflow networks, in: Proceedings of t he First Workshop on Hot Topics in Software Defined Networks, HotSDN ’12, ACM, New York, NY, USA, 2012, pp. 121–126

    work page 2012

  38. [38]

    Porras, S

    P. Porras, S. Cheung, M. Fong, K. Skinner, V. Yegneswaran, Securing the Software-Defined Network Control Layer, in: Proceedings o f the 2015 Network and Distributed System Security Symposium (NDSS), 2015

    work page 2015

  39. [39]

    Dhawan, R

    M. Dhawan, R. Poddar, K. Mahajan, V. Mann, Sphinx: Detectin g security attacks in software-defined networks., in: Proceedings of the 20 15 Network and Distributed System Security Symposium (NDSS), 2015

    work page 2015

  40. [40]

    Bifulco, H

    R. Bifulco, H. Cui, G. O. Karame, F. Klaedtke, Fingerprinting sof tware- defined networks, in: 2015 IEEE 23rd International Conference on Network Protocols (ICNP), 2015, pp. 453–459

    work page 2015

  41. [41]

    H. Cui, G. O. Karame, F. Klaedtke, R. Bifulco, On the fingerprint ing of software-defined networks, IEEE Transactions on Informat ion Forensics and Security 11 (10) (2016) 2160–2173

    work page 2016

  42. [42]

    S. Shin, G. Gu, Attacking software-defined networks: A first feasibility study, in: Proceedings of the Second ACM SIGCOMM Workshop on Ho t Topics in Software Defined Networking, HotSDN ’13, ACM, New York, NY, USA, 2013, pp. 165–166

    work page 2013

  43. [43]

    Kl¨ oti, V

    R. Kl¨ oti, V. Kotronis, P. Smith, Openflow: A security analysis, in : 2013 21st IEEE International Conference on Network Protocols (ICN P), 2013, pp. 1–6

    work page 2013

  44. [44]

    Alharbi, M

    T. Alharbi, M. Portmann, F. Pakzad, The (in)security of topolo gy discovery in software defined networks, in: 2015 IEEE 40th Conference on L ocal Computer Networks (LCN), 2015, pp. 502–505

    work page 2015

  45. [45]

    S. Hong, L. Xu, H. Wang, G. Gu, Poisoning network visibility in soft ware- defined networks: New attacks and countermeasures., in: Netwo rk and Distributed System Security (NDSS) Symposium, 2015. 30

    work page 2015

  46. [46]

    Niyaz, W

    Q. Niyaz, W. Sun, M. Alam, Impact on sdn powered network serv ices under adversarial attacks, Procedia Computer Science 62 (2015) 228 – 235

    work page 2015

  47. [47]

    Betg´ e-Brezetz, G

    S. Betg´ e-Brezetz, G. B. Kamga, M. Tazi, Trust support for sdn controllers and virtualized network applications, in: Proceedings of the 2015 1s t IEEE Conference on Network Softwarization (NetSoft), 2015, pp. 1– 5

    work page 2015

  48. [48]

    Y. Hori, S. Mizoguchi, R. Miyazaki, A. Yamada, Y. Feng, A. Kubot a, K. Sakurai, A Comprehensive Security Analysis Checksheet for Ope nFlow Networks, Springer International Publishing, Cham, 2017, pp. 23 1–242

    work page 2017

  49. [49]

    Kreutz, F

    D. Kreutz, F. M. Ramos, P. Verissimo, Towards secure and dep endable software-defined networks, in: Proceedings of the Second ACM S IGCOMM Workshop on Hot Topics in Software Defined Networking, HotSDN ’13 , ACM, New York, NY, USA, 2013, pp. 55–60

    work page 2013

  50. [50]

    V. T. Costa, L. H. M. K. Costa, Vulnerabilities and solutions for is olation in flowvisor-based virtual network environments, Journal of Inte rnet Services and Applications 6 (1) (2015) 18

    work page 2015

  51. [51]

    Alharbi, S

    T. Alharbi, S. Layeghy, M. Portmann, Experimental evaluation of the im- pact of dos attacks in sdn, in: 2017 27th International Telecommu nication Networks and Applications Conference (ITNAC), IEEE, 2017, pp. 1–6

    work page 2017

  52. [52]

    Q. Yan, F. R. Yu, Q. Gong, J. Li, Software-defined networking (sdn) and distributed denial of service (ddos) attacks in cloud computing env iron- ments: A survey, some research issues, and challenges, IEEE Com munica- tions Surveys Tutorials 18 (1) (2016) 602–622

    work page 2016

  53. [53]

    Y. E. Oktian, S. Lee, H. Lee, J. Lam, Secure your northbound sdn api, in: 2015 Seventh International Conference on Ubiquitous and Future Networks, 2015, pp. 919–920

    work page 2015

  54. [54]

    Torr, Demystifying the threat modeling process, IEEE Secu rity & Pri- vacy 3 (5) (2005) 66–70

    P. Torr, Demystifying the threat modeling process, IEEE Secu rity & Pri- vacy 3 (5) (2005) 66–70

    work page 2005

  55. [55]

    L. Yao, P. Dong, T. Zheng, H. Zhang, X. Du, M. Guizani, Networ k security analyzing and modeling based on petri net and attack tree for sdn, in: 2016 International Conference on Computing, Networking and Commun ications (ICNC), 2016, pp. 1–5

    work page 2016

  56. [56]

    Klingel, R

    D. Klingel, R. Khondoker, R. Marx, K. Bayarou, Security analys is of soft- ware defined networking architectures: Pce, 4d and sane, in: Pro ceedings of the AINTEC 2014 on Asian Internet Engineering Conference, AI NTEC ’14, ACM, New York, NY, USA, 2014, pp. 15–22. 31

    work page 2014