FlowSec: DOS attack mitigation strategy on SDN controller

Abstract

Software-Defined Networking (SDN) introduces a centralized control logic and separated data plane from the control plane. Controller is the brain of a SDN network. Hence, the SDN make it easier for network engineers to monitor traffic and diagnose threats, insert and change security policies. However, it also creates security challenges which didn't exist before. In this paper, we first describe layers of an SDN structure using layered approach. Then we analyze the effect of DOS attack on controller plane. Finally we proposed a strategy to mitigate DOS attacks on SDN controllers.