Security of Topology Discovery Service in SDN: Vulnerabilities and Countermeasures

Software-Defined Network (SDN) controller needs comprehensive visibility of the whole network to provide effective routing and forwarding decisions in the data layer. However, the topology discovery service in the SDN controller is vulnerable to the Topology Poisoning Attack (TPA), which targets corrupting the controller's view on the connected devices (e.g., switches or hosts) to the network and inter-switch link connections. The attack could cause dramatic impacts on the network's forwarding policy by changing the traffic path and even opening doors for Man-in-the-Middle (MitM) and Denial of Service (DoS) attacks. Recent studies presented sophisticated types of TPA, which could successfully bypass several well-known defence mechanisms for SDN. However, the scientific literature lacks a comprehensive review and survey of existing TPAs against topology discovery services and corresponding defence mechanisms. This paper provides a thorough survey to review and analyse existing threats against topology discovery services and a security assessment of the current countermeasures. For this aim, first, we propose a taxonomy for TPAs and categorise the attacks based on different parameters, including the attack aim, exploited vulnerability, location of the adversary, and communication channel. In addition, we provide a detailed root cause analysis per attack. Second, we perform a security assessment on the state-of-the-art security measurements that mitigate the risk of TPAs in SDN and discuss the advantages and disadvantages of each defence concerning the detection capability. Finally, we figure out several open security issues and outline possible future research directions to motivate security research on SDN. The rapid growth of the SDN market and the evolution of mobile networks, including components like the RAN Intelligent Controller (RIC) acting like SDN controller, highlight the critical need for SDN security in the future.