Research Article
CROCUS: An Objective Approach for SDN Controllers Security Assessment
@INPROCEEDINGS{10.1007/978-3-030-90019-9_22, author={Carlos Silva and Bruno Sousa and Jo\"{a}o P. Vilela}, title={CROCUS: An Objective Approach for SDN Controllers Security Assessment}, proceedings={Security and Privacy in Communication Networks. 17th EAI International Conference, SecureComm 2021, Virtual Event, September 6--9, 2021, Proceedings, Part I}, proceedings_a={SECURECOMM}, year={2021}, month={11}, keywords={SDN Security ONOS OpenDayLight DoS MADM}, doi={10.1007/978-3-030-90019-9_22} }- Carlos Silva
Bruno Sousa
João P. Vilela
Year: 2021
CROCUS: An Objective Approach for SDN Controllers Security Assessment
SECURECOMM
Springer
DOI: 10.1007/978-3-030-90019-9_22
Abstract
Software Defined Networking (SDN) facilitates the orchestration and configuration of network resources in a flexible and scalable form, where policies are managed by controller components that interact with network elements through multiple interfaces. The ubiquitous adoption of SDN leads to the availability of multiple SDN controllers, which have different characteristics in terms of performance and security support. SDN controllers are a common target in network attacks since their compromise leads to the capability of impairing the entire network. Thus, the choice of a SDN controller must be a meticulous process from early phases (design to production). CROCUS, herein proposed, provides a mechanism to enable an objective assessment of the security support of SDN controllers. CROCUS relies on the information provided by the Common Vulnerability Scoring System (CVSS) and considers security features derived from scenarios with stringent security requirements. Considering a vehicular communication scenario supported by multiple technologies, we narrow the selection of SDN controllers to OpenDayLight and ONOS choices. The results put in evidence that both controllers have security features relevant for demanding scenarios with ONOS excelling in some aspects .
