Improving Software Defined Network Security via sFLow and IPSec Protocol

Abstract

Software Defined Network (SDN) has found its footprints in modern networking practices. Thanks to its abstraction of the control plane from the infrastructural plane and its ability to enhance programmability in networking. Despite its aptness, security is still a major concern for this technology. This study proposes a secure method for the SDN network based on the sFlow and the IPSec protocol. The proposed method ensures a real-time detection and mitigation of attacks such as Distributed Denial of Service (DDoS) attacks, Man in the Middle attacks (MITM), replay attacks, etc. on the SDN network. To prove the effectiveness of the proposed method, the SDN network was emulated on MININET and analyzed. It was shown that attacks were detected and curbed early on the network before any damage could be done to the network.