Modelling cyber security for software-defined networks those grow strong when exposed to threats: Analysis and propositions

Abstract

With each passing day, the information and communication technologies are evolving with more and more information shared across the globe using the internet superhighway. The threats to information, while connected to the cyber world are getting more targeted, voluminous, and sophisticated requiring new antifragile and resilient network security mechanisms. Whether the information is being processed in the application, in transit within the network or residing in the storage, it is equally susceptible to attack at every level of abstraction and cannot be handled in isolation as the case has been with conventional security mechanisms. The advent of Software-Defined Networks (SDN) has given a new outlook to information protection, where the network can aid in the design of a system that is secure and dependable in case of cyber threats. The nature of SDN, mainly its programmability and centrality of network information and control has led us to think of security in an antifragile perspective. Our networks can now thrive and grow stronger when they are exposed to volatility by overwhelming cyber threats. However, SDN infrastructure itself is susceptible to severe threats that may mutilate the provision of its usability as security provider. Both these perspectives of “Security with SDN” and “Security for SDN” have invited research and innovations, yet both these approaches remain disintegrated, failing to support each other. The contribution of this paper is threefold, with first reviewing the current state of the art work for both perspectives of SDN security. Second, it advocates the necessity and introduces a novel approach of antifragile cyber security within SDN paradigm and finally it proposes a unified model for integrating both approaches of “Security with SDN” and “Security for SDN” to achieve the overall objective of protecting our information from cyber threats in this globally connected internetwork.