{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,27]],"date-time":"2026-05-27T14:58:39Z","timestamp":1779893919938,"version":"3.53.1"},"reference-count":164,"publisher":"Springer Science and Business Media LLC","issue":"2","license":[{"start":{"date-parts":[[2022,2,8]],"date-time":"2022-02-08T00:00:00Z","timestamp":1644278400000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2022,2,8]],"date-time":"2022-02-08T00:00:00Z","timestamp":1644278400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["J Reliable Intell Environ"],"published-print":{"date-parts":[[2023,6]]},"DOI":"10.1007\/s40860-022-00171-8","type":"journal-article","created":{"date-parts":[[2022,2,8]],"date-time":"2022-02-08T18:02:51Z","timestamp":1644343371000},"page":"201-239","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":123,"title":["A comprehensive survey on SDN security: threats, mitigations, and future directions"],"prefix":"10.1007","volume":"9","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-4704-5364","authenticated-orcid":false,"given":"Yassine","family":"Maleh","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Youssef","family":"Qasmaoui","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Khalid","family":"El Gholami","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Yassine","family":"Sadqi","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Soufyane","family":"Mounir","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"297","published-online":{"date-parts":[[2022,2,8]]},"reference":[{"key":"171_CR1","doi-asserted-by":"publisher","unstructured":"Abdullaziz OI, Wang L (2019) Mitigating DoS Attacks against SDN controller using information hiding. In: 2019 IEEE Wireless Communications and Networking Conference (WCNC). pp 1\u20136.https:\/\/doi.org\/10.1109\/WCNC.2019.8885764","DOI":"10.1109\/WCNC.2019.8885764"},{"key":"171_CR2","doi-asserted-by":"publisher","unstructured":"Agborubere B, Sanchez-Velazquez E (2017) OpenFlow communications and TLS security in software-defined networks. In: 2017 IEEE International Conference on Internet of Things (IThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData). pp 560\u2013566. https:\/\/doi.org\/10.1109\/iThings-GreenCom-CPSCom-SmartData.2017.88","DOI":"10.1109\/iThings-GreenCom-CPSCom-SmartData.2017.88"},{"issue":"4","key":"171_CR3","doi-asserted-by":"publisher","first-page":"2317","DOI":"10.1109\/COMST.2015.2474118","volume":"17","author":"I Ahmad","year":"2015","unstructured":"Ahmad I, Namal S, Ylianttila M, Gurtov A (2015) Security in software defined networks: a survey. IEEE Commun Surv Tutor 17(4):2317\u20132346. https:\/\/doi.org\/10.1109\/COMST.2015.2474118","journal-title":"IEEE Commun Surv Tutor"},{"key":"171_CR4","doi-asserted-by":"publisher","unstructured":"Ahmed ME, Kim H (2017) DDoS attack mitigation in internet of things using software defined networking. In: 2017 IEEE Third International Conference on Big Data Computing Service and Applications (BigDataService). pp 271\u2013276.https:\/\/doi.org\/10.1109\/BigDataService.2017.41","DOI":"10.1109\/BigDataService.2017.41"},{"key":"171_CR5","doi-asserted-by":"publisher","unstructured":"Aizuddin AA, Atan M, Norulazmi M, Noor MM, Akimi S and Abidin Z (2017) DNS Amplification attack detection and mitigation via sflow with security-centric SDN. In: Proceedings of the 11th International Conference on Ubiquitous Information Management and Communication. https:\/\/doi.org\/10.1145\/3022227.3022230","DOI":"10.1145\/3022227.3022230"},{"key":"171_CR6","doi-asserted-by":"publisher","unstructured":"Al-Haj S, Tolone WJ (2017) FlowTable pipeline misconfigurations in Software Defined Networks. In: 2017 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS). pp 247\u2013252.https:\/\/doi.org\/10.1109\/INFCOMW.2017.8116384","DOI":"10.1109\/INFCOMW.2017.8116384"},{"key":"171_CR7","doi-asserted-by":"publisher","unstructured":"Al-Shaer E, Al-Haj S (2010) FlowChecker: configuration analysis and verification of federated openflow infrastructures. In: Proceedings of the 3rd ACM Workshop on Assurable and Usable Security Configuration, pp 37\u201344. https:\/\/doi.org\/10.1145\/1866898.1866905","DOI":"10.1145\/1866898.1866905"},{"issue":"1","key":"171_CR8","doi-asserted-by":"publisher","first-page":"104","DOI":"10.1109\/TNET.2017.2763131","volume":"26","author":"E Alasadi","year":"2018","unstructured":"Alasadi E, Al-Raweshidy HS (2018) SSED: servers under software-defined network architectures to eliminate discovery messages. IEEE\/ACM Trans Netw 26(1):104\u2013117. https:\/\/doi.org\/10.1109\/TNET.2017.2763131","journal-title":"IEEE\/ACM Trans Netw"},{"key":"171_CR9","doi-asserted-by":"publisher","unstructured":"Alcorn JA, Chow CE (2014) A framework for large-scale modeling and simulation of attacks on an OpenFlow network. In: 2014 23rd International Conference on Computer Communication and Networks (ICCCN). pp 1\u20136. https:\/\/doi.org\/10.1109\/ICCCN.2014.6911848","DOI":"10.1109\/ICCCN.2014.6911848"},{"key":"171_CR10","doi-asserted-by":"publisher","unstructured":"Allouzi M, Khan J (2018) SafeFlow: authentication protocol for software defined networks. In: 2018 IEEE 12th International Conference on Semantic Computing (ICSC). pp 374\u2013376. https:\/\/doi.org\/10.1109\/ICSC.2018.00076","DOI":"10.1109\/ICSC.2018.00076"},{"key":"171_CR11","doi-asserted-by":"publisher","unstructured":"Alparslan O, Gunes O, Hanay YS, Arakawa S, Murata M (2017) Improving resiliency against DDoS attacks by SDN and multipath orchestration of VNF services. In: 2017 IEEE International Symposium on Local and Metropolitan Area Networks (LANMAN). pp 1\u20133.https:\/\/doi.org\/10.1109\/LANMAN.2017.7972158","DOI":"10.1109\/LANMAN.2017.7972158"},{"issue":"2","key":"171_CR12","doi-asserted-by":"publisher","first-page":"1206","DOI":"10.1109\/TNET.2016.2626287","volume":"25","author":"M Ambrosin","year":"2017","unstructured":"Ambrosin M, Conti M, Gaspari FD, Poovendran R (2017) LineSwitch: tackling control plane saturation attacks in software-defined networking. IEEE\/ACM Trans Netw 25(2):1206\u20131219. https:\/\/doi.org\/10.1109\/TNET.2016.2626287","journal-title":"IEEE\/ACM Trans Netw"},{"key":"171_CR13","doi-asserted-by":"publisher","unstructured":"Aseeri A, Netjinda N, Hewett R (2017) Alleviating eavesdropping attacks in software-defined networking data plane. In: Proceedings of the 12th Annual Conference on Cyber and Information Security Research. https:\/\/doi.org\/10.1145\/3064814.3064832","DOI":"10.1145\/3064814.3064832"},{"key":"171_CR14","doi-asserted-by":"publisher","first-page":"9485","DOI":"10.1109\/ACCESS.2017.2702341","volume":"5","author":"MVO De Assis","year":"2017","unstructured":"De Assis MVO, Hamamoto AH, Abr\u00e3o T, Proen\u00e7a ML (2017) A game theoretical based system using holt-winters and genetic algorithm with fuzzy logic for DoS\/DDoS mitigation on SDN networks. IEEE Access 5:9485\u20139496. https:\/\/doi.org\/10.1109\/ACCESS.2017.2702341","journal-title":"IEEE Access"},{"key":"171_CR15","doi-asserted-by":"publisher","unstructured":"Bailey J, Budgen D, Turner M, Kitchenham B, Brereton P, Linkman S (2007) Evidence relating to object-oriented software design: a survey. In: First international symposium on empirical software engineering and measurement (ESEM 2007). pp 482\u2013484. https:\/\/doi.org\/10.1109\/ESEM.2007.58","DOI":"10.1109\/ESEM.2007.58"},{"key":"171_CR16","doi-asserted-by":"publisher","unstructured":"Banse C, Schuette J (2017) A taxonomy-based approach for security in software-defined networking. In: 2017 IEEE International Conference on Communications (ICC). pp 1\u20136. https:\/\/doi.org\/10.1109\/ICC.2017.7997245","DOI":"10.1109\/ICC.2017.7997245"},{"key":"171_CR17","doi-asserted-by":"publisher","unstructured":"Bauer R, Dittebrandt A, Zitterbart M (2019) GCMI: a generic approach for SDN control message interception. In: 2019 IEEE Conference on Network Softwarization (NetSoft). pp 360\u2013368. https:\/\/doi.org\/10.1109\/NETSOFT.2019.8806661","DOI":"10.1109\/NETSOFT.2019.8806661"},{"issue":"6","key":"171_CR18","doi-asserted-by":"publisher","first-page":"1994","DOI":"10.1109\/JIOT.2017.2746186","volume":"4","author":"S Bera","year":"2017","unstructured":"Bera S, Misra S, Vasilakos AV (2017) Software-defined networking for internet of things: a survey. IEEE Internet Things J 4(6):1994\u20132008. https:\/\/doi.org\/10.1109\/JIOT.2017.2746186","journal-title":"IEEE Internet Things J"},{"key":"171_CR19","doi-asserted-by":"publisher","DOI":"10.1109\/LCN.2010.5735752","author":"R Braga","year":"2010","unstructured":"Braga R, Mota E, Passito A (2010) Lightweight DDoS flooding attack detection using NOX\/OpenFlow. IEEE Local Comput Netw Conf. https:\/\/doi.org\/10.1109\/LCN.2010.5735752","journal-title":"IEEE Local Comput Netw Conf"},{"key":"171_CR20","doi-asserted-by":"publisher","unstructured":"Brooks M, Yang B (2015) A man-in-the-middle attack against opendaylight SDN controller. In: Proceedings of the 4th Annual ACM Conference on Research in Information Technology. pp 45\u201349. https:\/\/doi.org\/10.1145\/2808062.2808073","DOI":"10.1145\/2808062.2808073"},{"key":"171_CR21","unstructured":"Schlesinger C, Story A, Gutz S, Foster N and W D (2012). Splendid isolation: Language-based security for softwaredefined networks. In: Proceedings of the First Workshop on Hot Topics in Software Defined Networks. ACM pp 79\u201384"},{"key":"171_CR22","doi-asserted-by":"publisher","unstructured":"Carvalho RN, Bordim JL, Alchieri EAP (2019) Entropy-based DoS attack identification in SDN. In: 2019 IEEE International Parallel and Distributed Processing Symposium Workshops (IPDPSW). pp 627\u2013634.https:\/\/doi.org\/10.1109\/IPDPSW.2019.00108","DOI":"10.1109\/IPDPSW.2019.00108"},{"issue":"1","key":"171_CR23","doi-asserted-by":"publisher","first-page":"308","DOI":"10.1109\/TNSM.2018.2889842","volume":"16","author":"S Chang","year":"2019","unstructured":"Chang S, Park Y, Babu BBA (2019) Fast IP hopping randomization to secure hop-by-hop access in SDN. IEEE Trans Netw Serv Manage 16(1):308\u2013320. https:\/\/doi.org\/10.1109\/TNSM.2018.2889842","journal-title":"IEEE Trans Netw Serv Manage"},{"key":"171_CR24","doi-asserted-by":"publisher","DOI":"10.1145\/3149457.3149476","author":"M-H Chen","year":"2018","unstructured":"Chen M-H, Ciou J-Y, Chung I-H, Chou C-F (2018) FlexProtect: a SDN-based DDoS attack protection architecture for multi-tenant data centers. Proc Int Conf High Perform Comput Asia-Pacific Region. https:\/\/doi.org\/10.1145\/3149457.3149476","journal-title":"Proc Int Conf High Perform Comput Asia-Pacific Region"},{"key":"171_CR25","doi-asserted-by":"publisher","DOI":"10.1016\/j.jnca.2020.102595","volume":"159","author":"JCC Chica","year":"2020","unstructured":"Chica JCC, Imbachi JC, Vega JFB (2020) Security in SDN: a comprehensive survey. J Netw Comput Appl 159:102595","journal-title":"J Netw Comput Appl"},{"key":"171_CR26","doi-asserted-by":"publisher","unstructured":"Chi P-W, Kuo C-T, Guo J-W, Lei C-L (2015) How to detect a compromised SDN switch. In: Proceedings of the 2015 1st IEEE Conference on Network Softwarization (NetSoft). pp 1\u20136. https:\/\/doi.org\/10.1109\/NETSOFT.2015.7116184","DOI":"10.1109\/NETSOFT.2015.7116184"},{"key":"171_CR27","doi-asserted-by":"publisher","unstructured":"Chin T, Mountrouidou X, Li X, Xiong K (2015). Selective packet inspection to detect DoS flooding using software defined networking (SDN). In: 2015 IEEE 35th International Conference on Distributed Computing Systems Workshops. pp 95\u201399. https:\/\/doi.org\/10.1109\/ICDCSW.2015.27","DOI":"10.1109\/ICDCSW.2015.27"},{"key":"171_CR28","doi-asserted-by":"publisher","unstructured":"Chowdhary A, Alshamrani A, Huang D, Liang H (2018). MTD analysis and evaluation framework in software defined network (MASON). In: Proceedings of the 2018 ACM International Workshop on Security in Software Defined Networks &amp; Network Function Virtualization. pp 43\u201348. https:\/\/doi.org\/10.1145\/3180465.3180473","DOI":"10.1145\/3180465.3180473"},{"key":"171_CR29","doi-asserted-by":"publisher","unstructured":"Chowdhary A, Huang D, Ahn G-J, Kang M, Kim A, Velazquez A (2019) SDNSOC: object oriented SDN framework. In: Proceedings of the ACM International Workshop on Security in Software Defined Networks and Network Function Virtualization. pp 7\u201312. https:\/\/doi.org\/10.1145\/3309194.3309196","DOI":"10.1145\/3309194.3309196"},{"key":"171_CR30","doi-asserted-by":"crossref","unstructured":"Chung C, Member S, Khatkar P, Xing T (2013) NICE\u202f: network intrusion detection and countermeasure. IEEE Trans Depend Secure Comput 10(4):1\u201314. http:\/\/dblp.uni-trier.de\/db\/journals\/tdsc\/tdsc10.html#ChungKXLH13","DOI":"10.1109\/TDSC.2013.8"},{"issue":"2","key":"171_CR31","doi-asserted-by":"publisher","first-page":"328","DOI":"10.1109\/TETC.2018.2806977","volume":"8","author":"M Conti","year":"2020","unstructured":"Conti M, Gaspari FD, Mancini LV (2020) A novel stealthy attack to gather SDN configuration-information. IEEE Trans Emerg Top Comput 8(2):328\u2013340. https:\/\/doi.org\/10.1109\/TETC.2018.2806977","journal-title":"IEEE Trans Emerg Top Comput"},{"key":"171_CR32","unstructured":"Controller T (2013) Trema controller. Full-Stack OpenFlow Framework in Ruby and C. Retrieved September 12, 2020, from https:\/\/trema.github.io\/trema\/"},{"key":"171_CR33","doi-asserted-by":"publisher","unstructured":"Cui H, Chen Z, Yu L, Xie K, Xia Z (2017) Authentication mechanism for network applications in SDN environments. In: 2017 20th International Symposium on Wireless Personal Multimedia Communications (WPMC). pp 1\u20135. https:\/\/doi.org\/10.1109\/WPMC.2017.8301788","DOI":"10.1109\/WPMC.2017.8301788"},{"key":"171_CR34","doi-asserted-by":"publisher","first-page":"65","DOI":"10.1016\/j.jnca.2016.04.005","volume":"68","author":"Y Cui","year":"2016","unstructured":"Cui Y, Yan L, Li S, Xing H, Pan W, Zhu J, Zheng X (2016) SD-Anti-DDoS: fast and efficient DDoS defense in software-defined networks. J Netw Comput Appl 68:65\u201379. https:\/\/doi.org\/10.1016\/j.jnca.2016.04.005","journal-title":"J Netw Comput Appl"},{"issue":"2","key":"171_CR35","doi-asserted-by":"publisher","first-page":"212","DOI":"10.1109\/TNSM.2016.2528220","volume":"13","author":"R Cziva","year":"2016","unstructured":"Cziva R, Jou\u00ebt S, Stapleton D, Tso FP, Pezaros DP (2016) SDN-based virtual machine management for cloud data centers. IEEE Trans Netw Serv Manage 13(2):212\u2013225","journal-title":"IEEE Trans Netw Serv Manage"},{"key":"171_CR36","doi-asserted-by":"publisher","unstructured":"D\u2019Orsaneo J, Tummala M, McEachen J, Martin B (2018) Analysis of traffic signals on an SDN for detection and classification of a man-in-the-middle attack. In: 2018 12th International Conference on Signal Processing and Communication Systems (ICSPCS). pp 1\u20139. https:\/\/doi.org\/10.1109\/ICSPCS.2018.8631762","DOI":"10.1109\/ICSPCS.2018.8631762"},{"key":"171_CR37","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2017.2689819","author":"T Dargahi","year":"2017","unstructured":"Dargahi T, Caponi A, Ambrosin M, Bianchi G, Conti M (2017) A Survey on the Security of Stateful SDN Data Planes. IEEE Commun Surv Tutor. https:\/\/doi.org\/10.1109\/COMST.2017.2689819","journal-title":"IEEE Commun Surv Tutor"},{"key":"171_CR38","doi-asserted-by":"publisher","first-page":"189","DOI":"10.1016\/j.comnet.2015.09.012","volume":"92","author":"AS da Silva","year":"2015","unstructured":"da Silva AS, Smith P, Mauthe A, Schaeffer-Filho A (2015) Resilience support in software-defined networking: a survey. Comput Netw 92:189\u2013207","journal-title":"Comput Netw"},{"key":"171_CR39","doi-asserted-by":"publisher","unstructured":"Dridi L, Zhani MF (2016) SDN-Guard: DoS attacks mitigation in SDN networks. In: 2016 5th IEEE International Conference on Cloud Networking (Cloudnet). pp 212\u2013217. https:\/\/doi.org\/10.1109\/CloudNet.2016.9","DOI":"10.1109\/CloudNet.2016.9"},{"key":"171_CR40","doi-asserted-by":"crossref","unstructured":"Erickson D (2013) The beacon openflow controller. In: Proceedings of the second ACM SIGCOMM workshop on hot topics in software defined networking, August 2013, pp 13\u201318","DOI":"10.1145\/2491185.2491189"},{"key":"171_CR41","doi-asserted-by":"publisher","unstructured":"Feghali A, Kilany R, Chamoun M (2015) SDN security problems and solutions analysis. In: 2015 International Conference on Protocol Engineering (ICPE) and International Conference on New Technologies of Distributed Systems (NTDS). pp 1\u20135. https:\/\/doi.org\/10.1109\/NOTERE.2015.7293514","DOI":"10.1109\/NOTERE.2015.7293514"},{"key":"171_CR42","doi-asserted-by":"publisher","unstructured":"Fernandez MP (2013) Comparing OpenFlow controller paradigms scalability: reactive and proactive. In: 2013 IEEE 27th International Conference on Advanced Information Networking and Applications (AINA). pp 1009\u20131016. https:\/\/doi.org\/10.1109\/AINA.2013.113","DOI":"10.1109\/AINA.2013.113"},{"key":"171_CR43","doi-asserted-by":"publisher","first-page":"89","DOI":"10.1016\/j.comnet.2015.08.038","volume":"92","author":"S Fichera","year":"2015","unstructured":"Fichera S, Galluccio L, Grancagnolo SC, Morabito G, Palazzo S (2015) OPERETTA: an openflow-based remedy to mitigate TCP SYNFLOOD attacks against web servers. Comput Netw 92:89\u2013100. https:\/\/doi.org\/10.1016\/j.comnet.2015.08.038","journal-title":"Comput Netw"},{"key":"171_CR44","volume-title":"Architectural styles and the design of network-based software architectures","author":"RT Fielding","year":"2000","unstructured":"Fielding RT, Taylor RN (2000) Architectural styles and the design of network-based software architectures, vol 7. University of California, Irvine"},{"key":"171_CR45","unstructured":"Floodlight (2013) Floodlight OpenFlow controller. Available from http:\/\/www.projectfloodlight.org\/floodlight"},{"issue":"1","key":"171_CR46","doi-asserted-by":"publisher","first-page":"328","DOI":"10.1109\/TNET.2017.2778426","volume":"26","author":"K Foerster","year":"2018","unstructured":"Foerster K, Ludwig A, Marcinkowski J, Schmid S (2018) Loop-free route updates for software-defined networks. IEEE\/ACM Trans Netw 26(1):328\u2013341. https:\/\/doi.org\/10.1109\/TNET.2017.2778426","journal-title":"IEEE\/ACM Trans Netw"},{"key":"171_CR47","doi-asserted-by":"publisher","DOI":"10.1145\/2670386.2670390","author":"J Fran\u00e7ois","year":"2014","unstructured":"Fran\u00e7ois J, Dolberg L, Festor O, Engel T (2014) Network security through software defined networking: a survey. Proc Conf Principles Syst Appl IP Telecommun. https:\/\/doi.org\/10.1145\/2670386.2670390","journal-title":"Proc Conf Principles Syst Appl IP Telecommun"},{"key":"171_CR48","doi-asserted-by":"publisher","DOI":"10.1145\/3185467.3185499","author":"L Freire","year":"2018","unstructured":"Freire L, Neves M, Leal L, Levchenko K, Schaeffer-Filho A, Barcellos M (2018) Uncovering bugs in P4 programs with assertion-based verification. Proc Sympos SDN Res. https:\/\/doi.org\/10.1145\/3185467.3185499","journal-title":"Proc Sympos SDN Res"},{"issue":"4","key":"171_CR49","doi-asserted-by":"publisher","first-page":"108","DOI":"10.1109\/MNET.2018.1700283","volume":"32","author":"S Gao","year":"2018","unstructured":"Gao S, Li Z, Xiao B, Wei G (2018) Security threats in the data plane of software-defined networks. IEEE Network 32(4):108\u2013113. https:\/\/doi.org\/10.1109\/MNET.2018.1700283","journal-title":"IEEE Network"},{"key":"171_CR50","doi-asserted-by":"publisher","unstructured":"Gao S, Li Z, Yao Y, Xiao B, Guo S, Yang Y (2018) Software-defined firewall: enabling malware traffic detection and programmable security control. In: Proceedings of the 2018 on Asia Conference on Computer and Communications Security. pp 413\u2013424. https:\/\/doi.org\/10.1145\/3196494.3196519","DOI":"10.1145\/3196494.3196519"},{"key":"171_CR51","doi-asserted-by":"publisher","first-page":"122","DOI":"10.1016\/j.bjp.2013.10.014","volume":"62","author":"K Giotis","year":"2014","unstructured":"Giotis K, Argyropoulos C, Androulidakis G, Kalogeras D, Maglaris V (2014) Combining OpenFlow and sFlow for an effective and scalable anomaly detection and mitigation mechanism on SDN environments. Comput Netw 62:122\u2013136","journal-title":"Comput Netw"},{"key":"171_CR52","doi-asserted-by":"publisher","unstructured":"Goksel N, Demirci M (2019) DoS attack detection using packet statistics in SDN. In: 2019 International Symposium on Networks, Computers and Communications (ISNCC). pp 1\u20136https:\/\/doi.org\/10.1109\/ISNCC.2019.8909114","DOI":"10.1109\/ISNCC.2019.8909114"},{"key":"171_CR53","doi-asserted-by":"publisher","DOI":"10.1145\/1384609.1384625","author":"N Gude","year":"2008","unstructured":"Gude N, Koponen T, Pettit J, Pfaff B, Casado M, McKeown N, Shenker S (2008) NOX: towards an operating system for networks. Comput Commun Rev. https:\/\/doi.org\/10.1145\/1384609.1384625","journal-title":"Comput Commun Rev"},{"key":"171_CR54","doi-asserted-by":"publisher","unstructured":"Hall RS, Cervantes H (2004) An OSGi implementation and experience report. In: First IEEE Consumer Communications and Networking Conference, 2004. CCNC 2004. pp 394\u2013399. https:\/\/doi.org\/10.1109\/CCNC.2004.1286894","DOI":"10.1109\/CCNC.2004.1286894"},{"key":"171_CR55","doi-asserted-by":"publisher","DOI":"10.1016\/j.jnca.2020.102856","volume":"174","author":"M Hamdan","year":"2021","unstructured":"Hamdan M, Hassan E, Abdelaziz A, Elhigazi A, Mohammed B, Khan S, Vasilakos AV, Marsono MN (2021) A comprehensive survey of load balancing techniques in software-defined network. J Netw Comput Appl 174:102856. https:\/\/doi.org\/10.1016\/j.jnca.2020.102856","journal-title":"J Netw Comput Appl"},{"key":"171_CR56","doi-asserted-by":"publisher","unstructured":"de la Hoz E, Cochrane G, Moreira-Lemus JM, Paez-Reyes R, Marsa-Maestre I, Alarcos B (2014) Detecting and defeating advanced man-in-the-middle attacks against TLS. In: 2014 6th International Conference On Cyber Conflict (CyCon 2014). pp 209\u2013221. https:\/\/doi.org\/10.1109\/CYCON.2014.6916404","DOI":"10.1109\/CYCON.2014.6916404"},{"key":"171_CR57","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2020.107619","volume":"183","author":"T Hu","year":"2020","unstructured":"Hu T, Yi P, Hu Y, Lan J, Zhang Z, Li Z (2020) SAIDE: Efficient application interference detection and elimination in SDN. Comput Netw 183:107619. https:\/\/doi.org\/10.1016\/j.comnet.2020.107619","journal-title":"Comput Netw"},{"key":"171_CR58","doi-asserted-by":"publisher","unstructured":"Hu Y, Su W, Wu L, Huang Y, Kuo S (2013) Design of event-based intrusion detection system on openflow network. In: 2013 43rd Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN). pp 1\u20132. https:\/\/doi.org\/10.1109\/DSN.2013.6575335","DOI":"10.1109\/DSN.2013.6575335"},{"key":"171_CR59","doi-asserted-by":"publisher","unstructured":"Ishii S, Kawai E, Takata T, Kanaumi Y, Saito S, Kobayashi K, Shimojo S (2012) Extending the RISE controller for the interconnection of RISE and OS3E\/NDDI. In: 2012 18th IEEE International Conference on Networks (ICON). pp 243\u2013248. https:\/\/doi.org\/10.1109\/ICON.2012.6506564","DOI":"10.1109\/ICON.2012.6506564"},{"key":"171_CR60","doi-asserted-by":"publisher","first-page":"170070","DOI":"10.1109\/ACCESS.2020.3023974","volume":"8","author":"B Isong","year":"2020","unstructured":"Isong B, Molose RRS, Abu-Mahfouz AM, Dladlu N (2020) Comprehensive review of SDN controller placement strategies. IEEE Access 8:170070\u2013170092. https:\/\/doi.org\/10.1109\/ACCESS.2020.3023974","journal-title":"IEEE Access"},{"key":"171_CR61","first-page":"237","volume-title":"In european symposium on research in computer security","author":"JH Jafarian","year":"2013","unstructured":"Jafarian JH, Al-Shaer E, Duan Q (2013) Formal approach for route agility against persistent attackers. In: Crampton J, Jajodia S, Mayes K (eds) In european symposium on research in computer security. Springer, Berlin, pp 237\u2013254"},{"key":"171_CR62","doi-asserted-by":"publisher","first-page":"197","DOI":"10.1007\/978-3-319-26502-5_14","volume-title":"In Nordic conference on secure IT systems","author":"B J\u00e4ger","year":"2015","unstructured":"J\u00e4ger B, R\u00f6pke C, Adam I, Holz T (2015) Multi-layer access control for SDN-based Telco clouds. In: Buchegger S, Dam M (eds) In Nordic conference on secure IT systems. Springer International Publishing, pp 197\u2013204"},{"key":"171_CR63","doi-asserted-by":"publisher","unstructured":"Jain R (2012) OpenADN: mobile apps on global clouds using software defined networking. In: Proceedings of the Third ACM Workshop on Mobile Cloud Computing and Services. pp 1\u20132.https:\/\/doi.org\/10.1145\/2307849.2307851","DOI":"10.1145\/2307849.2307851"},{"issue":"4","key":"171_CR64","doi-asserted-by":"publisher","first-page":"3","DOI":"10.1145\/2534169.2486019","volume":"43","author":"S Jain","year":"2013","unstructured":"Jain S, Kumar A, Mandal S, Ong J, Poutievski L, Singh A, Venkata S, Wanderer J, Zhou J, Zhu M, Zolla J, H\u00f6lzle U, Stuart S, Vahdat A (2013) B4: Experience with a globally-deployed software defined wan. SIGCOMM Comput Commun Rev 43(4):3\u201314. https:\/\/doi.org\/10.1145\/2534169.2486019","journal-title":"SIGCOMM Comput Commun Rev"},{"key":"171_CR65","doi-asserted-by":"publisher","unstructured":"Jeong K, Kim J, Kim Y (2012) QoS-aware Network Operating System for software defined networking with Generalized OpenFlows. In: 2012 IEEE Network Operations and Management Symposium. pp 1167\u20131174.https:\/\/doi.org\/10.1109\/NOMS.2012.6212044","DOI":"10.1109\/NOMS.2012.6212044"},{"key":"171_CR66","doi-asserted-by":"publisher","unstructured":"Kempf J, Bellagamba E, Kern A, Jocha D, Takacs A, Sk\u00f6ldstr\u00f6m P (2012) Scalable fault management for OpenFlow. In: 2012 IEEE International Conference on Communications (ICC). pp 6606\u20136610.https:\/\/doi.org\/10.1109\/ICC.2012.6364688","DOI":"10.1109\/ICC.2012.6364688"},{"key":"171_CR67","unstructured":"Khurshid A, Zou X, Zhou W, Caesar M, Godfrey PB (2013) VeriFlow: verifying network-wide invariants in real time. In: 10th {USENIX} Symposium on Networked Systems Design and Implementation ({NSDI} 13). pp 15\u201327. https:\/\/www.usenix.org\/conference\/nsdi13\/technical-sessions\/presentation\/khurshid"},{"key":"171_CR68","doi-asserted-by":"publisher","unstructured":"Kim E, Kim K, Lee S, Jeong JP, Kim H (2018) A Framework for managing user-defined security policies to support network security functions. In: Proceedings of the 12th International Conference on Ubiquitous Information Management and Communication. https:\/\/doi.org\/10.1145\/3164541.3164569","DOI":"10.1145\/3164541.3164569"},{"key":"171_CR69","doi-asserted-by":"publisher","unstructured":"Klaedtke F, Karame GO, Bifulco R, Cui H (2015) Towards an access control scheme for accessing flows in SDN. In: Proceedings of the 2015 1st IEEE Conference on Network Softwarization (NetSoft). pp 1\u20136. https:\/\/doi.org\/10.1109\/NETSOFT.2015.7116185","DOI":"10.1109\/NETSOFT.2015.7116185"},{"key":"171_CR70","doi-asserted-by":"publisher","DOI":"10.1145\/2620728.2620773","author":"F Klaedtke","year":"2014","unstructured":"Klaedtke F, Karame GO, Bifulco R, Cui H (2014) Access control for SDN controllers. Proc Third Workshop Hot Top Softw Defined Netw. https:\/\/doi.org\/10.1145\/2620728.2620773","journal-title":"Proc Third Workshop Hot Top Softw Defined Netw"},{"key":"171_CR71","unstructured":"Koponen T, Casado M, Gude N, Stribling J, Poutievski L, Zhu M, Ramanathan R, Iwata Y, Inoue H, Hama T, Shenker S (2010) Onix: a distributed control platform for large-scale production networks. In OSDI. In OSDI, 10"},{"issue":"3","key":"171_CR72","doi-asserted-by":"publisher","first-page":"695","DOI":"10.1587\/transinf.2015EDP7256","volume":"99","author":"D Kotani","year":"2016","unstructured":"Kotani D, Okabe Y (2016) A packet-in message filtering mechanism for protection of control plane in OpenFlow switches. IEICE Trans Inf Syst 99(3):695\u2013707","journal-title":"IEICE Trans Inf Syst"},{"key":"171_CR73","doi-asserted-by":"publisher","unstructured":"Kreutz D, Ramos FMV, Verissimo P (2013) Towards secure and dependable software-defined networks. In: Proceedings of the Second ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking. pp 55\u201360.https:\/\/doi.org\/10.1145\/2491185.2491199","DOI":"10.1145\/2491185.2491199"},{"key":"171_CR74","doi-asserted-by":"publisher","unstructured":"Kuerban M, Tian Y, Yang Q, Jia Y, Huebert B, Poss D (2016) FlowSec: DOS attack mitigation strategy on SDN controller. In: 2016 IEEE International Conference on Networking, Architecture and Storage (NAS). pp 1\u20132. https:\/\/doi.org\/10.1109\/NAS.2016.7549402","DOI":"10.1109\/NAS.2016.7549402"},{"issue":"4","key":"171_CR75","doi-asserted-by":"publisher","first-page":"359","DOI":"10.1145\/2829988.2790027","volume":"45","author":"T L\u00e9vai","year":"2015","unstructured":"L\u00e9vai T, Pelle I, N\u00e9meth F, Guly\u00e1s A (2015) EPOXIDE: a modular prototype for SDN troubleshooting. SIGCOMM Comput Commun Rev 45(4):359\u2013360. https:\/\/doi.org\/10.1145\/2829988.2790027","journal-title":"SIGCOMM Comput Commun Rev"},{"key":"171_CR76","doi-asserted-by":"publisher","unstructured":"Li H, Li P, Guo S, Yu S (2014) Byzantine-resilient secure software-defined networks with multiple controllers. In: 2014 IEEE International Conference on Communications (ICC). pp 695\u2013700.https:\/\/doi.org\/10.1109\/ICC.2014.6883400","DOI":"10.1109\/ICC.2014.6883400"},{"issue":"6","key":"171_CR77","doi-asserted-by":"publisher","first-page":"915","DOI":"10.1109\/TDSC.2018.2810880","volume":"16","author":"Q Li","year":"2019","unstructured":"Li Q, Zou X, Huang Q, Zheng J, Lee PPC (2019) Dynamic packet forwarding verification in SDN. IEEE Trans Dependable Secure Comput 16(6):915\u2013929. https:\/\/doi.org\/10.1109\/TDSC.2018.2810880","journal-title":"IEEE Trans Dependable Secure Comput"},{"key":"171_CR78","doi-asserted-by":"publisher","unstructured":"Liu B, Bi J, Zhou Y (2016) Source address validation in software defined networks. In: Proceedings of the 2016 ACM SIGCOMM conference. pp 595\u2013596. https:\/\/doi.org\/10.1145\/2934872.2960425","DOI":"10.1145\/2934872.2960425"},{"key":"171_CR79","unstructured":"Maestro. (2009). Maestro. Maestro homepage: http:\/\/zhengcai.github.io\/maestro-platform\/"},{"key":"171_CR80","doi-asserted-by":"publisher","unstructured":"Masoud MZ, Jaradat Y, Jannoud I (2015) On preventing ARP poisoning attack utilizing Software Defined Network (SDN) paradigm. In: 2015 IEEE Jordan Conference on Applied Electrical Engineering and Computing Technologies (AEECT). pp. 1\u20135.https:\/\/doi.org\/10.1109\/AEECT.2015.7360549","DOI":"10.1109\/AEECT.2015.7360549"},{"key":"171_CR81","doi-asserted-by":"publisher","unstructured":"Matsumoto S, Hitz S, Perrig A (2014) Fleet: defending SDNs from malicious administrators. In: Proceedings of the Third Workshop on Hot Topics in Software Defined Networking. pp 103\u2013108.https:\/\/doi.org\/10.1145\/2620728.2620750","DOI":"10.1145\/2620728.2620750"},{"key":"171_CR82","doi-asserted-by":"publisher","unstructured":"Mekky H, Hao F, Mukherjee S, Zhang Z-L, Lakshman TV (2014) Application-aware data plane processing in SDN. In: Proceedings of the Third Workshop on Hot Topics in Software Defined Networking. pp 13\u201318. https:\/\/doi.org\/10.1145\/2620728.2620735","DOI":"10.1145\/2620728.2620735"},{"key":"171_CR83","doi-asserted-by":"publisher","unstructured":"Midha S, Triptahi K (2019) Extended TLS security and Defensive Algorithm in OpenFlow SDN. In: 2019 9th International Conference on Cloud Computing, Data Science & Engineering (Confluence). pp 141\u2013146. https:\/\/doi.org\/10.1109\/CONFLUENCE.2019.8776607","DOI":"10.1109\/CONFLUENCE.2019.8776607"},{"key":"171_CR84","doi-asserted-by":"publisher","unstructured":"Mihai-Gabriel I, Victor-Valeriu P (2014) Achieving DDoS resiliency in a software defined network by intelligent risk assessment based on neural networks and danger theory. In: 2014 IEEE 15th International Symposium on Computational Intelligence and Informatics (CINTI). pp 319\u2013324. https:\/\/doi.org\/10.1109\/CINTI.2014.7028696","DOI":"10.1109\/CINTI.2014.7028696"},{"key":"171_CR85","doi-asserted-by":"publisher","first-page":"195","DOI":"10.1016\/j.comnet.2018.01.023","volume":"133","author":"S Moazzeni","year":"2018","unstructured":"Moazzeni S, Khayyambashi MR, Movahhedinia N, Callegati F (2018) On reliability improvement of Software-Defined Networks. Comput Netw 133:195\u2013211. https:\/\/doi.org\/10.1016\/j.comnet.2018.01.023","journal-title":"Comput Netw"},{"issue":"2","key":"171_CR86","doi-asserted-by":"publisher","first-page":"487","DOI":"10.1109\/TNSM.2017.2701549","volume":"14","author":"R Mohammadi","year":"2017","unstructured":"Mohammadi R, Javidan R, Conti M (2017) SLICOTS: an SDN-based lightweight countermeasure for TCP SYN flooding attacks. IEEE Trans Netw Serv Manag 14(2):487\u2013497","journal-title":"IEEE Trans Netw Serv Manag"},{"key":"171_CR87","doi-asserted-by":"publisher","unstructured":"Mohan PM, Truong-Huu T, Gurusamy M (2018) Towards resilient in-band control path routing with malicious switch detection in SDN. In: 2018 10th International Conference on Communication Systems & Networks (COMSNETS). pp 9\u201316. https:\/\/doi.org\/10.1109\/COMSNETS.2018.8328174","DOI":"10.1109\/COMSNETS.2018.8328174"},{"issue":"1","key":"171_CR88","doi-asserted-by":"publisher","first-page":"217","DOI":"10.1145\/2103621.2103685","volume":"47","author":"C Monsanto","year":"2012","unstructured":"Monsanto C, Foster N, Harrison R, Walker D (2012) A compiler and run-time system for network programming languages. SIGPLAN Not 47(1):217\u2013230. https:\/\/doi.org\/10.1145\/2103621.2103685","journal-title":"SIGPLAN Not"},{"key":"171_CR89","doi-asserted-by":"publisher","DOI":"10.1145\/2103621.2103685","author":"C Monsanto","year":"2012","unstructured":"Monsanto C, Foster N, Harrison R, Walker D (2012) A complier and run-time system for network programming languages. Sigplan Not. https:\/\/doi.org\/10.1145\/2103621.2103685","journal-title":"Sigplan Not"},{"key":"171_CR90","doi-asserted-by":"publisher","unstructured":"Morzhov SV, Nikitinskiy MA (2018) Development and research of the PreFirewall network application for floodlight SDN controller. In: 2018 Moscow Workshop on Electronic and Networking Technologies (MWENT). pp 1\u20134.https:\/\/doi.org\/10.1109\/MWENT.2018.8337255","DOI":"10.1109\/MWENT.2018.8337255"},{"key":"171_CR91","doi-asserted-by":"publisher","unstructured":"Nagai R, Kurihara W, Higuchi S, Hirotsu T (2018) Design and implementation of an OpenFlow-based TCP SYN flood mitigation. In: 2018 6th IEEE International Conference on Mobile Cloud Computing, Services, and Engineering (MobileCloud). pp 37\u201342. https:\/\/doi.org\/10.1109\/MobileCloud.2018.00014","DOI":"10.1109\/MobileCloud.2018.00014"},{"key":"171_CR92","doi-asserted-by":"publisher","unstructured":"Namal S, Ahmad I, Gurtov A, Ylianttila M (2013) Enabling secure mobility with OpenFlow. In: 2013 IEEE SDN for Future Networks and Services (SDN4FNS). pp 1\u20135. https:\/\/doi.org\/10.1109\/SDN4FNS.2013.6702540","DOI":"10.1109\/SDN4FNS.2013.6702540"},{"key":"171_CR93","doi-asserted-by":"publisher","unstructured":"Nguyen T, Yoo M (2016) Attacks on host tracker in SDN controller: Investigation and prevention. In: 2016 International Conference on Information and Communication Technology Convergence (ICTC). pp 610\u2013612.https:\/\/doi.org\/10.1109\/ICTC.2016.7763545","DOI":"10.1109\/ICTC.2016.7763545"},{"key":"171_CR94","first-page":"74","volume-title":"New SDN-oriented authentication and access control mechanism BT-computer networks","author":"F Nife","year":"2018","unstructured":"Nife F, Kotulski Z (2018). In: Gaj P, Sawicki M, Suchacka G, Kwiecie\u0144 A (eds) New SDN-oriented authentication and access control mechanism BT-computer networks. Springer International Publishing, Berlin, pp 74\u201388"},{"key":"171_CR95","doi-asserted-by":"publisher","unstructured":"Oktian YE, Lee S, Lee H, Lam J (2015) Secure your Northbound SDN API. In: 2015 Seventh International Conference on Ubiquitous and Future Networks. pp 919\u2013920.https:\/\/doi.org\/10.1109\/ICUFN.2015.7182679","DOI":"10.1109\/ICUFN.2015.7182679"},{"key":"171_CR96","doi-asserted-by":"publisher","first-page":"100","DOI":"10.1016\/j.comnet.2017.04.038","volume":"121","author":"YE Oktian","year":"2017","unstructured":"Oktian YE, Lee SG, Lee HJ, Lam JH (2017) Distributed SDN controller system: a survey on design choice. Comput Netw 121:100\u2013111. https:\/\/doi.org\/10.1016\/j.comnet.2017.04.038","journal-title":"Comput Netw"},{"key":"171_CR97","unstructured":"OpenDaylight (2014) OpenDaylight: a linux foundation collaborative project. http:\/\/www.opendaylight.org\/"},{"key":"171_CR98","doi-asserted-by":"crossref","unstructured":"Porras P, Cheung S, Fong M, Skinner K and Y V (2015) Securing the software-defined network control layer","DOI":"10.14722\/ndss.2015.23222"},{"key":"171_CR99","doi-asserted-by":"publisher","unstructured":"Padekar H, Park Y, Hu H, Chang S-Y (2016) Enabling dynamic access control for controller applications in software-defined networks. In: Proceedings of the 21st ACM on Symposium on Access Control Models and Technologies. pp 51\u201361. https:\/\/doi.org\/10.1145\/2914642.2914647","DOI":"10.1145\/2914642.2914647"},{"key":"171_CR100","doi-asserted-by":"publisher","unstructured":"Pan H, Li Z, Zhang P, Salamatian K, Xie G (2020) Misconfiguration checking for SDN: data structure, theory and algorithms. In: 2020 IEEE 28th International Conference on Network Protocols (ICNP). pp 1\u201311. https:\/\/doi.org\/10.1109\/ICNP49622.2020.9259353","DOI":"10.1109\/ICNP49622.2020.9259353"},{"key":"171_CR101","first-page":"415","volume-title":"International conference on detection of intrusions and malware, and vulnerability assessment","author":"T Park","year":"2019","unstructured":"Park T, Kim Y, Yegneswaran V, Porras P, Xu Z, Park K, Shin S (2019) DPX: data-plane extensions for SDN security service instantiation. In: Perdisci R, Maurice C, Giacinto G, Almgren M (eds) International conference on detection of intrusions and malware, and vulnerability assessment. Springer International Publishing, pp 415\u2013437"},{"key":"171_CR102","doi-asserted-by":"crossref","unstructured":"Petersen K, Feldt R, Mujtaba S, Mattsson M (2008) Systematic mapping studies in software engineering. In: 12th International Conference on Evaluation and Assessment in Software Engineering (EASE), vol. 12. pp 1\u201310","DOI":"10.14236\/ewic\/EASE2008.8"},{"key":"171_CR103","doi-asserted-by":"publisher","first-page":"18701","DOI":"10.1109\/ACCESS.2019.2896783","volume":"7","author":"TV Phan","year":"2019","unstructured":"Phan TV, Park M (2019) Efficient distributed denial-of-service attack defense in SDN-based cloud. IEEE Access 7:18701\u201318714. https:\/\/doi.org\/10.1109\/ACCESS.2019.2896783","journal-title":"IEEE Access"},{"key":"171_CR104","doi-asserted-by":"publisher","unstructured":"Phemius K, Bouet M, Leguay J (2014) DISCO: Distributed multi-domain SDN controllers. In: 2014 IEEE Network Operations and Management Symposium (NOMS). pp 1\u20134.https:\/\/doi.org\/10.1109\/NOMS.2014.6838330","DOI":"10.1109\/NOMS.2014.6838330"},{"key":"171_CR105","doi-asserted-by":"publisher","unstructured":"Porras P, Shin S, Yegneswaran V, Fong M, Tyson M, Gu G (2012) A security enforcement kernel for OpenFlow networks. https:\/\/doi.org\/10.1145\/2342441.2342466","DOI":"10.1145\/2342441.2342466"},{"key":"171_CR106","doi-asserted-by":"publisher","unstructured":"Porras P, Cheung S, Fong M, Skinner K, Yegneswaran V (2015) Securing the software defined network control layer. In: Proceedings of the 2015 Network and Distributed System Security Symposium (NDSS), February, 8\u201311. https:\/\/doi.org\/10.14722\/ndss.2015.23222","DOI":"10.14722\/ndss.2015.23222"},{"key":"171_CR107","doi-asserted-by":"publisher","unstructured":"Prete LR, Shinoda AA, Schweitzer CM, Oliveira RLS (2014) Simulation in an SDN network scenario using the POX Controller. In: 2014 IEEE Colombian Conference on Communications and Computing (COLCOM). pp 1\u20136. https:\/\/doi.org\/10.1109\/ColComCon.2014.6860403","DOI":"10.1109\/ColComCon.2014.6860403"},{"issue":"3","key":"171_CR108","first-page":"522","volume":"47","author":"Y Qasmaoui","year":"2020","unstructured":"Qasmaoui Y, Haqiq A (2020) Enhanced solid-flow: an enhanced flow rules security mechanism for SDN. IAENG Int J Comput Sci 47(3):522\u2013532","journal-title":"IAENG Int J Comput Sci"},{"key":"171_CR109","doi-asserted-by":"publisher","unstructured":"Qasmaoui Y, Haqiq A (2017) Solid-flow: a flow rules security mechanism for SDN. In: 2017 3rd International Conference of Cloud Computing Technologies and Applications (CloudTech). pp 1\u20137. https:\/\/doi.org\/10.1109\/CloudTech.2017.8284734","DOI":"10.1109\/CloudTech.2017.8284734"},{"key":"171_CR110","doi-asserted-by":"publisher","unstructured":"Qi C, Wu J, Hu H, Cheng G, Liu W, Ai J, Yang C (2016) An intensive security architecture with multi-controller for SDN. In: 2016 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS). pp 401\u2013402.https:\/\/doi.org\/10.1109\/INFCOMW.2016.7562109","DOI":"10.1109\/INFCOMW.2016.7562109"},{"key":"171_CR111","doi-asserted-by":"publisher","unstructured":"Ranjbar A, Komu M, Salmela P, Aura T (2016) An SDN-based approach to enhance the end-to-end security: SSL\/TLS case study. In: NOMS 2016\u20142016 IEEE\/IFIP Network Operations and Management Symposium. pp 281\u2013288. https:\/\/doi.org\/10.1109\/NOMS.2016.7502823","DOI":"10.1109\/NOMS.2016.7502823"},{"key":"171_CR112","unstructured":"Ryu (2017) Ryu SDN framework. Ryu Homepage: http:\/\/osrg.github.io\/ryu\/."},{"key":"171_CR113","first-page":"96","volume-title":"International conference on testbeds and research infrastructure","author":"A Sa\u00e2daoui","year":"2019","unstructured":"Sa\u00e2daoui A, Souayeh NBYB, Bouhoula A (2019) Automated and optimized formal approach to verify SDN access-control misconfigurations. In: Gao H, Yin Y, Yang X, Miao H (eds) International conference on testbeds and research infrastructure. Springer International Publishing, pp 96\u2013112"},{"key":"171_CR114","doi-asserted-by":"publisher","first-page":"482","DOI":"10.1016\/j.cose.2017.07.008","volume":"70","author":"R Sahay","year":"2017","unstructured":"Sahay R, Blanc G, Zhang Z, Debar H (2017) ArOMA: an SDN based autonomic DDoS mitigation framework. Comput Secur 70:482\u2013499","journal-title":"Comput Secur"},{"key":"171_CR115","doi-asserted-by":"publisher","unstructured":"Sasaki T, Pappas C, Lee T, Hoefler T, Perrig A (2016) SDNsec: forwarding accountability for the SDN data plane. In: 2016 25th International Conference on Computer Communication and Networks (ICCCN). pp 1\u201310. https:\/\/doi.org\/10.1109\/ICCCN.2016.7568569","DOI":"10.1109\/ICCCN.2016.7568569"},{"key":"171_CR116","doi-asserted-by":"publisher","unstructured":"Sasaki T, Perrig A, Asoni DE (2016) Control-plane isolation and recovery for a secure SDN architecture. In: 2016 IEEE NetSoft Conference and Workshops (NetSoft). pp 459\u2013464.https:\/\/doi.org\/10.1109\/NETSOFT.2016.7502485","DOI":"10.1109\/NETSOFT.2016.7502485"},{"key":"171_CR117","doi-asserted-by":"publisher","unstructured":"Schehlmann L, Abt S, Baier H (2014) Blessing or curse? Revisiting security aspects of Software-Defined Networking. In: 10th International Conference on Network and Service Management (CNSM) and Workshop. pp 382\u2013387. https:\/\/doi.org\/10.1109\/CNSM.2014.7014199","DOI":"10.1109\/CNSM.2014.7014199"},{"key":"171_CR118","doi-asserted-by":"publisher","unstructured":"Scott-Hayward S, Kane C, Sezer S (2014) OperationCheckpoint: SDN application control. In: 2014 IEEE 22nd International Conference on Network Protocols. pp 618\u2013623. https:\/\/doi.org\/10.1109\/ICNP.2014.98","DOI":"10.1109\/ICNP.2014.98"},{"key":"171_CR119","doi-asserted-by":"crossref","unstructured":"Scott-Hayward S, O\u2019Callaghan G, Sezer S (2013) SDN security: a survey. Future networks and services (SDN4FNS), 2013 IEEE SDN for. pp 1\u20137","DOI":"10.1109\/SDN4FNS.2013.6702553"},{"key":"171_CR120","doi-asserted-by":"publisher","unstructured":"Sebbar A, Boulmalf M, Kettani MDE-CEl, Baddi Y (2018). Detection MITM attack in multi-SDN controller. In: 2018 IEEE 5th International Congress on Information Science and Technology (CiSt). pp 583\u2013587. https:\/\/doi.org\/10.1109\/CIST.2018.8596479","DOI":"10.1109\/CIST.2018.8596479"},{"issue":"7","key":"171_CR121","doi-asserted-by":"publisher","first-page":"36","DOI":"10.1109\/MCOM.2013.6553676","volume":"51","author":"S Sezer","year":"2013","unstructured":"Sezer S, Scott-Hayward S, Chouhan PK, Fraser B, Lake D, Finnegan J, Viljoen N, Miller M, Rao N (2013) Are we ready for SDN? Implementation challenges for software-defined networks. IEEE Commun Mag 51(7):36\u201343. https:\/\/doi.org\/10.1109\/MCOM.2013.6553676","journal-title":"IEEE Commun Mag"},{"key":"171_CR122","unstructured":"Shaghaghi A, Kaafar MA, Buyya R, Jha S (2018) Software-Defined Network (SDN) Data plane security: issues, solutions and future directions. ArXiv Preprint http:\/\/arxiv.org\/abs\/1804.00262."},{"key":"171_CR123","doi-asserted-by":"publisher","DOI":"10.1007\/s11036-017-0853-6","author":"J Shin","year":"2017","unstructured":"Shin J, Kim T, Lee B, Yang S (2017) IRIS-HiSA: highly scalable and available carrier-grade SDN controller cluster. Mob Netw Appl. https:\/\/doi.org\/10.1007\/s11036-017-0853-6","journal-title":"Mob Netw Appl"},{"issue":"1","key":"171_CR124","first-page":"1","volume":"1","author":"S Shin","year":"2013","unstructured":"Shin S, Porras P, Yegneswaran V, Gu G (2013) FRESCO: Modular composable security services for software-defined networks. Netw Distrib Syst Secur Sympos 1(1):1\u201316","journal-title":"Netw Distrib Syst Secur Sympos"},{"key":"171_CR125","doi-asserted-by":"crossref","unstructured":"Shin S, Yegneswaran V, Porras P, Gu G (2013) Avant-guard: Scalable and vigilant switch flow management in software-defined networks. In: Proceedings of the 2013 ACM SIGSAC conference on computer and communications security. pp 413\u2013424","DOI":"10.1145\/2508859.2516684"},{"issue":"5","key":"171_CR126","doi-asserted-by":"publisher","first-page":"764","DOI":"10.1007\/s11036-016-0676-x","volume":"21","author":"Z Shu","year":"2016","unstructured":"Shu Z, Wan J, Li D, Lin J, Vasilakos AV, Imran M (2016) Security in software-defined networking: threats and countermeasures. Mob Netw Appl 21(5):764\u2013776. https:\/\/doi.org\/10.1007\/s11036-016-0676-x","journal-title":"Mob Netw Appl"},{"key":"171_CR127","doi-asserted-by":"publisher","first-page":"70","DOI":"10.1007\/978-3-319-11698-3_6","volume-title":"International conference on network and system security","author":"H Shuangyu","year":"2014","unstructured":"Shuangyu H, Jianwei L, Jian M, Jie C (2014) Hierarchical solution for access control and authentication in software defined networks. In: Au MH, Carminati B, Kuo C-CJ (eds) International conference on network and system security. Springer International Publishing, pp 70\u201381"},{"key":"171_CR128","doi-asserted-by":"publisher","DOI":"10.1016\/j.cosrev.2020.100279","volume":"37","author":"J Singh","year":"2020","unstructured":"Singh J, Behal S (2020) Detection and mitigation of DDoS attacks in SDN: a comprehensive review, research challenges and future directions. Comput Sci Rev 37:100279. https:\/\/doi.org\/10.1016\/j.cosrev.2020.100279","journal-title":"Comput Sci Rev"},{"key":"171_CR129","unstructured":"SNAC (2012) SNAC: simple network access control. https:\/\/github.com\/"},{"issue":"3","key":"171_CR130","first-page":"59","volume":"51","author":"J Son","year":"2018","unstructured":"Son J, Buyya R (2018) A taxonomy of software-defined networking (SDN)-enabled cloud computing. ACM Comput Surv (CSUR) 51(3):59","journal-title":"ACM Comput Surv (CSUR)"},{"issue":"2","key":"171_CR131","doi-asserted-by":"publisher","first-page":"76","DOI":"10.1109\/TSUSC.2017.2702164","volume":"2","author":"J Son","year":"2017","unstructured":"Son J, Dastjerdi AV, Calheiros RN, Buyya R (2017) SLA-aware and energy-efficient dynamic overbooking in SDN-based cloud data centers. IEEE Trans Sustain Comput 2(2):76\u201389","journal-title":"IEEE Trans Sustain Comput"},{"key":"171_CR132","doi-asserted-by":"publisher","DOI":"10.1109\/ICC.2013.6654813","author":"S Son","year":"2013","unstructured":"Son S, Shin S, Yegneswaran V, Porras P, Gu G (2013) Model checking invariant security properties in OpenFlow. IEEE Int Conf Commun. https:\/\/doi.org\/10.1109\/ICC.2013.6654813","journal-title":"IEEE Int Conf Commun"},{"key":"171_CR133","unstructured":"Specification OS (2013) Open networking foundation. Version ONF TS-015 1(3):1\u2013164"},{"key":"171_CR134","doi-asserted-by":"crossref","unstructured":"Suh J, Choi H, Yoon W, You T, Kwon TT, Choi Y (2010) Implementation of content-oriented networking architecture (CONA): a focus on DDoS countermeasure. In: 1st European NetFPGA Developers Workshop. pp 1\u20135. https:\/\/mmlab.snu.ac.kr\/publications\/docs\/2010_EU_netfpga_workshop_jhsuh.pdf","DOI":"10.1145\/2079327.2079332"},{"key":"171_CR135","unstructured":"Tootoonchian A, Ganjali Y (2010) HyperFlow: a distributed control plane for OpenFlow"},{"key":"171_CR136","unstructured":"Tootoonchian A, Gorbunov S, Ganjali Y, Casado M, Sherwood R (2012) On controller performance in software-defined networks. In: 2nd {USENIX} Workshop on Hot Topics in Management of Internet, Cloud, and Enterprise Networks and Services (Hot-ICE 12). https:\/\/www.usenix.org\/conference\/hot-ice12\/workshop-program\/presentation\/tootoonchian"},{"key":"171_CR137","first-page":"235","volume-title":"Nettle: taking the sting out of programming network routers BT-practical aspects of declarative languages","author":"A Voellmy","year":"2011","unstructured":"Voellmy A, Hudak P (2011). In: Rocha R, Launchbury J (eds) Nettle: taking the sting out of programming network routers BT-practical aspects of declarative languages. Springer, Berlin, pp 235\u2013249"},{"key":"171_CR138","doi-asserted-by":"publisher","unstructured":"Voellmy A, Kim H, Feamster N (2012). Procera: a language for high-level reactive network control. In: HotSDN\u201912 - Proceedings of the 1st ACM International Workshop on Hot Topics in Software Defined Networks. https:\/\/doi.org\/10.1145\/2342441.2342451","DOI":"10.1145\/2342441.2342451"},{"key":"171_CR139","doi-asserted-by":"publisher","unstructured":"Voellmy A, Wang J (2012) Scalable software defined network controllers. In: Proceedings of the ACM SIGCOMM 2012 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communication. pp 289\u2013290. https:\/\/doi.org\/10.1145\/2342356.2342414","DOI":"10.1145\/2342356.2342414"},{"key":"171_CR140","doi-asserted-by":"publisher","unstructured":"Wang H (2014) Authentic and confidential policy distribution in software defined wireless network. In: 2014 International Wireless Communications and Mobile Computing Conference (IWCMC). pp 1167\u20131171.https:\/\/doi.org\/10.1109\/IWCMC.2014.6906520","DOI":"10.1109\/IWCMC.2014.6906520"},{"key":"171_CR141","doi-asserted-by":"publisher","unstructured":"Wang H, Xu L, Gu G (2015) FloodGuard: a DoS attack prevention extension in software-defined networks. In: 2015 45th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks. pp 239\u2013250. https:\/\/doi.org\/10.1109\/DSN.2015.27","DOI":"10.1109\/DSN.2015.27"},{"key":"171_CR142","doi-asserted-by":"publisher","unstructured":"Wang M, Liu J, Chen J, Liu X, Mao J (2016) PERM-GUARD: authenticating the validity of flow rules in software defined networking. In: Proceedings\u20142nd IEEE International Conference on Cyber Security and Cloud Computing, CSCloud 2015\u2014IEEE International Symposium of Smart Cloud, IEEE SSC 2015, 37. pp 127\u2013132. https:\/\/doi.org\/10.1109\/CSCloud.2015.89","DOI":"10.1109\/CSCloud.2015.89"},{"key":"171_CR143","doi-asserted-by":"publisher","unstructured":"Wei L, Fung C (2015) FlowRanger: a request prioritizing algorithm for controller DoS attacks in Software Defined Networks. In: 2015 IEEE International Conference on Communications (ICC). pp 5254\u20135259.https:\/\/doi.org\/10.1109\/ICC.2015.7249158","DOI":"10.1109\/ICC.2015.7249158"},{"key":"171_CR144","doi-asserted-by":"publisher","unstructured":"Wen X, Chen Y, Hu C, Shi C, Wang Y (2013) Towards a secure controller platform for openflow applications.https:\/\/doi.org\/10.1145\/2491185.2491212","DOI":"10.1145\/2491185.2491212"},{"key":"171_CR145","doi-asserted-by":"publisher","unstructured":"Wu B, Li H, Wu Q, Jiang Z, Liu J (2020) TMPTCP: a lightweight trust extension for multipath-TCP. In: 2020 International Conference on Networking and Network Applications (NaNA). pp 342\u2013347.https:\/\/doi.org\/10.1109\/NaNA51271.2020.00065","DOI":"10.1109\/NaNA51271.2020.00065"},{"issue":"7","key":"171_CR146","doi-asserted-by":"publisher","DOI":"10.1002\/dac.3927","volume":"32","author":"G Wu","year":"2019","unstructured":"Wu G, Wang J, Obaidat MS, Yao L, Hsiao K-F (2019) Dynamic switch migration with noncooperative game towards control plane scalability in SDN. Int J Commun Syst 32(7):e3927. https:\/\/doi.org\/10.1002\/dac.3927","journal-title":"Int J Commun Syst"},{"key":"171_CR147","doi-asserted-by":"publisher","unstructured":"Xie R, Xu M, Cao J, Li Q (2019) SoftGuard: defend against the low-rate TCP attack in SDN. In: ICC 2019\u20142019 IEEE International Conference on Communications (ICC). pp 1\u20136. https:\/\/doi.org\/10.1109\/ICC.2019.8761806","DOI":"10.1109\/ICC.2019.8761806"},{"issue":"16","key":"171_CR148","doi-asserted-by":"publisher","first-page":"3059","DOI":"10.1002\/sec.1243","volume":"9","author":"Z Yan","year":"2016","unstructured":"Yan Z, Zhang P, Vasilakos AV (2016) A security and trust framework for virtualized networks and software-defined networking. Secur Commun Netw 9(16):3059\u20133069. https:\/\/doi.org\/10.1002\/sec.1243","journal-title":"Secur Commun Netw"},{"issue":"1","key":"171_CR149","doi-asserted-by":"publisher","first-page":"4","DOI":"10.1007\/s11036-014-0533-8","volume":"20","author":"M Yang","year":"2015","unstructured":"Yang M, Li Y, Jin D, Zeng L, Wu X, Vasilakos AV (2015) Software-defined and virtualized future mobile and wireless networks: a survey. Mob Netw Appl 20(1):4\u201318. https:\/\/doi.org\/10.1007\/s11036-014-0533-8","journal-title":"Mob Netw Appl"},{"key":"171_CR150","doi-asserted-by":"publisher","unstructured":"Yao G, Bi J, Xiao P (2011) Source address validation solution with OpenFlow\/NOX architecture. In: 2011 19th IEEE International Conference on Network Protocols. pp 7\u201312. https:\/\/doi.org\/10.1109\/ICNP.2011.6089085","DOI":"10.1109\/ICNP.2011.6089085"},{"key":"171_CR151","doi-asserted-by":"publisher","unstructured":"Ying Q, Wanqssing Y, Kai Q (2016) OpenFlow flow table overflow attacks and countermeasures. In: 2016 European Conference on Networks and Communications (EuCNC). pp 205\u2013209.https:\/\/doi.org\/10.1109\/EuCNC.2016.7561033","DOI":"10.1109\/EuCNC.2016.7561033"},{"key":"171_CR152","doi-asserted-by":"publisher","first-page":"104688","DOI":"10.1109\/ACCESS.2020.2999668","volume":"8","author":"M Yue","year":"2020","unstructured":"Yue M, Wang H, Liu L, Wu Z (2020) Detecting DoS attacks based on multi-features in SDN. IEEE Access 8:104688\u2013104700. https:\/\/doi.org\/10.1109\/ACCESS.2020.2999668","journal-title":"IEEE Access"},{"key":"171_CR153","doi-asserted-by":"publisher","first-page":"22764","DOI":"10.1109\/ACCESS.2017.2785236","volume":"6","author":"C Zhang","year":"2018","unstructured":"Zhang C, Hu G, Chen G, Sangaiah AK, Zhang P, Yan X, Jiang W (2018) Towards a SDN-based integrated architecture for mitigating IP spoofing attack. IEEE Access 6:22764\u201322777. https:\/\/doi.org\/10.1109\/ACCESS.2017.2785236","journal-title":"IEEE Access"},{"key":"171_CR154","doi-asserted-by":"crossref","unstructured":"Zhang H, Cai Z, Liu Q, Xiao Q, Li Y, Cheang CF (2018) A survey on security-aware measurement in SDN. Secur Commun Netw","DOI":"10.1155\/2018\/2459154"},{"key":"171_CR155","doi-asserted-by":"publisher","unstructured":"Zhang K, Qiu X (2018) CMD: a convincing mechanism for MITM detection in SDN. In: 2018 IEEE International Conference on Consumer Electronics (ICCE). pp 1\u20136.https:\/\/doi.org\/10.1109\/ICCE.2018.8326334","DOI":"10.1109\/ICCE.2018.8326334"},{"key":"171_CR156","doi-asserted-by":"publisher","unstructured":"Zhang L, Guo Y, Yuwen H, Wang Y (2016) A port hopping based DoS mitigation scheme in SDN network. In: 2016 12th International Conference on Computational Intelligence and Security (CIS). pp 314\u2013317. https:\/\/doi.org\/10.1109\/CIS.2016.0077","DOI":"10.1109\/CIS.2016.0077"},{"key":"171_CR157","doi-asserted-by":"publisher","unstructured":"Zhang L, Wang Z, Gu K, Miao F, Guo Y (2016) Transparent synchronization based port mutation scheme in SDN network. In: 2016 5th International Conference on Computer Science and Network Technology (ICCSNT). pp 581\u2013585. https:\/\/doi.org\/10.1109\/ICCSNT.2016.8070225","DOI":"10.1109\/ICCSNT.2016.8070225"},{"key":"171_CR158","doi-asserted-by":"publisher","unstructured":"Zhang L, Wei Q, Gu K, Yuwen H (2016) Path hopping based SDN network defense technology. In: 2016 12th International Conference on Natural Computation, Fuzzy Systems and Knowledge Discovery (ICNC-FSKD). pp 2058\u20132063. https:\/\/doi.org\/10.1109\/FSKD.2016.7603498","DOI":"10.1109\/FSKD.2016.7603498"},{"issue":"6","key":"171_CR159","doi-asserted-by":"publisher","first-page":"28","DOI":"10.1109\/MNET.2016.1600109NM","volume":"30","author":"P Zhang","year":"2016","unstructured":"Zhang P, Wang H, Hu C, Lin C (2016) On denial of service attacks in software defined networks. IEEE Network 30(6):28\u201333. https:\/\/doi.org\/10.1109\/MNET.2016.1600109NM","journal-title":"IEEE Network"},{"key":"171_CR160","doi-asserted-by":"publisher","unstructured":"Zhang Y, Beheshti N, Tatipamula M (2011) On resilience of split-architecture networks. In: 2011 IEEE Global Telecommunications Conference - GLOBECOM 2011. pp 1\u20136. https:\/\/doi.org\/10.1109\/GLOCOM.2011.6134496","DOI":"10.1109\/GLOCOM.2011.6134496"},{"issue":"7","key":"171_CR161","doi-asserted-by":"publisher","first-page":"1838","DOI":"10.1109\/TIFS.2018.2805600","volume":"13","author":"J Zheng","year":"2018","unstructured":"Zheng J, Li Q, Gu G, Cao J, Yau DKY, Wu J (2018) Realtime DDoS defense using COTS SDN switches via adaptive correlation analysis. IEEE Trans Inf Forensics Secur 13(7):1838\u20131853. https:\/\/doi.org\/10.1109\/TIFS.2018.2805600","journal-title":"IEEE Trans Inf Forensics Secur"},{"issue":"5","key":"171_CR162","doi-asserted-by":"publisher","first-page":"2048","DOI":"10.1109\/TNET.2018.2859483","volume":"26","author":"H Zhou","year":"2018","unstructured":"Zhou H, Wu C, Yang C, Wang P, Yang Q, Lu Z, Cheng Q (2018) SDN-RDCD: a real-time and reliable method for detecting compromised SDN devices. IEEE\/ACM Trans Netw 26(5):2048\u20132061. https:\/\/doi.org\/10.1109\/TNET.2018.2859483","journal-title":"IEEE\/ACM Trans Netw"},{"issue":"3","key":"171_CR163","doi-asserted-by":"publisher","first-page":"628","DOI":"10.1109\/JSAC.2018.2815442","volume":"36","author":"L Zhu","year":"2018","unstructured":"Zhu L, Tang X, Shen M, Du X, Guizani M (2018) Privacy-Preserving DDoS attack detection using cross-domain traffic in software defined networks. IEEE J Sel Areas Commun 36(3):628\u2013643. https:\/\/doi.org\/10.1109\/JSAC.2018.2815442","journal-title":"IEEE J Sel Areas Commun"},{"key":"171_CR164","doi-asserted-by":"publisher","first-page":"25562","DOI":"10.1109\/ACCESS.2018.2828132","volume":"6","author":"D Zou","year":"2018","unstructured":"Zou D, Lu Y, Yuan B, Chen H, Jin H (2018) A fine-grained multi-tenant permission management framework for SDN and NFV. IEEE Access 6:25562\u201325572. https:\/\/doi.org\/10.1109\/ACCESS.2018.2828132","journal-title":"IEEE Access"}],"container-title":["Journal of Reliable Intelligent Environments"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s40860-022-00171-8.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s40860-022-00171-8\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s40860-022-00171-8.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,9,18]],"date-time":"2024-09-18T03:24:13Z","timestamp":1726629853000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s40860-022-00171-8"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,2,8]]},"references-count":164,"journal-issue":{"issue":"2","published-print":{"date-parts":[[2023,6]]}},"alternative-id":["171"],"URL":"https:\/\/doi.org\/10.1007\/s40860-022-00171-8","relation":{},"ISSN":["2199-4668","2199-4676"],"issn-type":[{"value":"2199-4668","type":"print"},{"value":"2199-4676","type":"electronic"}],"subject":[],"published":{"date-parts":[[2022,2,8]]},"assertion":[{"value":"9 October 2021","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"20 January 2022","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"8 February 2022","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}]}}