sesa 18(17): e1

Research Article

Bridging the Gap Between Security Tools and SDN Controllers

Download248 downloads
  • @ARTICLE{10.4108/eai.10-1-2019.156242,
        author={Li Wang and Dinghao Wu},
        title={Bridging the Gap Between Security Tools and SDN Controllers},
        journal={EAI Endorsed Transactions on Security and Safety},
        keywords={Software-defined networking (SDN), Network Function Virtualization (NFV), OpenFlow, SDN security application, SDN controller},
  • Li Wang
    Dinghao Wu
    Year: 2018
    Bridging the Gap Between Security Tools and SDN Controllers
    DOI: 10.4108/eai.10-1-2019.156242
Li Wang1, Dinghao Wu1,*
  • 1: College of Information Sciences and Technology, The Pennsylvania State University, University Park, PA, USA
*Contact email:


Software-Defined Networking (SDN) is a promising paradigm to improve network security protections. However, current SDN-based security solutions can hardly provide suÿcient protections in a real SDN network, due to several reasons: 1) they are implemented at either the centralized SDN controllers or the decentralized network devices, which are subject to a performance limitation; 2) their designs are confined by the SDN network characteristics and can only provide limited security functions; and 3) many solutions have deployment challenges and compatibility issues. In this paper, we propose SecControl, a practical network protection framework combining the existing security tools and SDN technologies, to produce a comprehensive network security solution in an SDN environment. We implement a SecControl prototype with OpenFlow and evaluate its effectiveness and performance. Our experiment shows that SecControl can cooperate with many mainstream security tools and provide effective defense responses over SDN-supported networks.