Denial-of-service attacks in OpenFlow SDN networks

Denial-of-service attacks in OpenFlow SDN networks Software-Defined Networking (SDN) has recently gained significant momentum. However, before any large scale deployments, it is important to understand security issues arising from this new technology. This paper discusses two types of Denial-of-Service (DoS) attacks specific to OpenFlow SDN networks. We emulate them on Mininet and provide an analysis on the effect of these attacks. We find that the timeout value of a flow rule, and the control plane bandwidth have a significant impact on the switch’s capability. If not configured appropriately, they may allow successful DoS attacks. Finally, we highlight possible mitigation strategies to address such attacks.