{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,10]],"date-time":"2026-04-10T16:10:16Z","timestamp":1775837416142,"version":"3.50.1"},"reference-count":169,"publisher":"Institute of Electrical and Electronics Engineers (IEEE)","issue":"1","license":[{"start":{"date-parts":[[2016,1,1]],"date-time":"2016-01-01T00:00:00Z","timestamp":1451606400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["IEEE Commun. Surv. Tutorials"],"published-print":{"date-parts":[[2016]]},"DOI":"10.1109\/comst.2015.2453114","type":"journal-article","created":{"date-parts":[[2015,7,6]],"date-time":"2015-07-06T18:12:06Z","timestamp":1436206326000},"page":"623-654","source":"Crossref","is-referenced-by-count":385,"title":["A Survey of Security in Software Defined Networks"],"prefix":"10.1109","volume":"18","author":[{"given":"Sandra","family":"Scott-Hayward","sequence":"first","affiliation":[]},{"given":"Sriram","family":"Natarajan","sequence":"additional","affiliation":[]},{"given":"Sakir","family":"Sezer","sequence":"additional","affiliation":[]}],"member":"263","reference":[{"key":"ref168","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-12400-1_15"},{"key":"ref169","first-page":"61","article-title":"Flow-level state transition as a new switch primitive for SDN","author":"moshref","year":"0","journal-title":"Proceedings of the Workshop on Hot Topics in Software Defined Networks"},{"key":"ref39","doi-asserted-by":"publisher","DOI":"10.1145\/2620728.2620741"},{"key":"ref38","author":"sherwood","year":"2009","journal-title":"Flowvisor A Network Virtualization Layer"},{"key":"ref33","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2014.03.009"},{"key":"ref32","article-title":"Vulnerability study of FlowVisor-based virtualized network environments","author":"costa","year":"0"},{"key":"ref31","doi-asserted-by":"publisher","DOI":"10.1109\/CNSM.2014.7014199"},{"key":"ref30","doi-asserted-by":"publisher","DOI":"10.1109\/MoNeTeC.2014.6995602"},{"key":"ref37","doi-asserted-by":"publisher","DOI":"10.1145\/1653662.1653687"},{"key":"ref36","year":"0","journal-title":"OpenFlow Switch Specification Version 1 4"},{"key":"ref35","first-page":"68","article-title":"Threat modeling-uncover security design flaws using the stride approach","author":"hernan","year":"2006","journal-title":"MSDN Magazine–Louisville"},{"key":"ref34","doi-asserted-by":"publisher","DOI":"10.1007\/978-1-4614-9278-8_4"},{"key":"ref28","first-page":"1","article-title":"Evaluation of security vulnerabilities by using ProtoGENI as a launchpad","author":"li","year":"0","journal-title":"Proc IEEE Globecom"},{"key":"ref27","doi-asserted-by":"publisher","DOI":"10.1145\/2491185.2491199"},{"key":"ref29","doi-asserted-by":"publisher","DOI":"10.1145\/2491185.2491220"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1145\/2620728.2620744"},{"key":"ref22","doi-asserted-by":"publisher","DOI":"10.1109\/MCOM.2014.6829966"},{"key":"ref21","article-title":"Software-defined networking: A comprehensive survey","author":"kreutz","year":"2014","journal-title":"arXiv preprint arXiv 1406 0440"},{"key":"ref24","doi-asserted-by":"publisher","DOI":"10.1109\/SDN4FNS.2013.6702553"},{"key":"ref23","year":"0","journal-title":"ONF Specifications"},{"key":"ref101","doi-asserted-by":"publisher","DOI":"10.1109\/CloudNet.2014.6969003"},{"key":"ref26","doi-asserted-by":"publisher","DOI":"10.1145\/2491185.2491222"},{"key":"ref100","doi-asserted-by":"publisher","DOI":"10.1109\/CNSM.2014.7014181"},{"key":"ref25","doi-asserted-by":"publisher","DOI":"10.1109\/ICNP.2013.6733671"},{"key":"ref50","first-page":"1","article-title":"Securing the software-defined network control layer","author":"porras","year":"0","journal-title":"Proc NDSS"},{"key":"ref51","author":"mattos","year":"2014","journal-title":"AuthFlow Authentication and access control mechanism for software defined networking"},{"key":"ref154","year":"0","journal-title":"IETF Netmod (NETCONF Data Modeling Language)"},{"key":"ref153","year":"0","journal-title":"IETF ALTO (Application-Layer Traffic Optimization)"},{"key":"ref156","year":"0","journal-title":"IETF NVO3 (Network Virtualization Overlays)"},{"key":"ref155","year":"0","journal-title":"IETF NetConf (Network Configuration)"},{"key":"ref150","year":"0","journal-title":"ITU-T SG13 Future Networks—Questions Under Study"},{"key":"ref152","year":"0","journal-title":"IETF PCE (Path Computation Element)"},{"key":"ref151","year":"0","journal-title":"IETF FORCES (Forwarding and Control Element Separation)"},{"key":"ref146","year":"0","journal-title":"ETSI ISG Network Functions Virtualization Security Expert Group"},{"key":"ref147","year":"2014","journal-title":"Network Functions Virtualization (NFV)—NFV Security—Problem Statement v1 1 1"},{"key":"ref148","year":"2014","journal-title":"Network Functions Virtualization (NFV)—NFV Security—Security and Trust Guidance v1 1 1"},{"key":"ref149","article-title":"Resolution 77—Standardization work in ITU-T for software-defined networking","year":"2012","journal-title":"ITU-T World Telecommunication Standardization Assembly"},{"key":"ref59","first-page":"10","article-title":"A NICE way to test OpenFlow applications","author":"canini","year":"0","journal-title":"Proc 9th USENIX Conf Netw Syst Des Implementation"},{"key":"ref58","doi-asserted-by":"publisher","DOI":"10.1145\/1592681.1592685"},{"key":"ref57","doi-asserted-by":"publisher","DOI":"10.1109\/ICNP.2011.6089085"},{"key":"ref56","doi-asserted-by":"publisher","DOI":"10.1109\/NOMS.2012.6212011"},{"key":"ref55","doi-asserted-by":"publisher","DOI":"10.1145\/2508859.2516684"},{"key":"ref54","first-page":"22","article-title":"Tolerating SDN application failures with LegoSDN","author":"chandrasekaran","year":"0","journal-title":"Proc 13th ACM Workshop Hot Topics Netw"},{"key":"ref53","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660353"},{"key":"ref52","doi-asserted-by":"publisher","DOI":"10.1145\/2342441.2342466"},{"key":"ref40","year":"0","journal-title":"OpenVirtex (OVX) Network Hypervisor"},{"key":"ref167","year":"2014","journal-title":"ProtoGENI"},{"key":"ref166","doi-asserted-by":"publisher","DOI":"10.1145\/1868447.1868466"},{"key":"ref165","year":"0","journal-title":"OpenStack Cloud Software"},{"key":"ref164","year":"2012","journal-title":"Network Functions Virtualization—Introductory White Paper"},{"key":"ref163","year":"0","journal-title":"OpenDaylight SNBI"},{"key":"ref162","year":"0","journal-title":"OpenDaylight Defense4All"},{"key":"ref161","year":"0","journal-title":"OpenDaylight AAA"},{"key":"ref160","year":"0","journal-title":"Openflow"},{"key":"ref4","doi-asserted-by":"publisher","DOI":"10.1145\/1282427.1282382"},{"key":"ref3","first-page":"10","article-title":"SANE: A protection architecture for enterprise networks","author":"casado","year":"0","journal-title":"Proc Usenix Security Symp"},{"key":"ref6","doi-asserted-by":"publisher","DOI":"10.1145\/2486001.2486019"},{"key":"ref5","doi-asserted-by":"publisher","DOI":"10.1145\/1355734.1355746"},{"key":"ref159","doi-asserted-by":"publisher","DOI":"10.1109\/MIC.2013.122"},{"key":"ref8","doi-asserted-by":"publisher","DOI":"10.1109\/CloudNet.2013.6710582"},{"key":"ref49","year":"0","journal-title":"Security-Enhanced Floodlight"},{"key":"ref7","doi-asserted-by":"publisher","DOI":"10.1145\/2486001.2486026"},{"key":"ref157","year":"0","journal-title":"IETF I2RS (Interface to the Routing System)"},{"key":"ref158","year":"0","journal-title":"IRTF SDN Research Group"},{"key":"ref9","year":"2014","journal-title":"VMware NSX Customer Story Colt Decreases Data Center Networking Complexity"},{"key":"ref46","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-41717-7_6"},{"key":"ref45","doi-asserted-by":"publisher","DOI":"10.1109\/ICC.2014.6883400"},{"key":"ref48","doi-asserted-by":"publisher","DOI":"10.1109\/ICNP.2014.98"},{"key":"ref47","doi-asserted-by":"publisher","DOI":"10.1145\/2491185.2491212"},{"key":"ref42","year":"2014","journal-title":"SDN Dev Center Unlock Network Innovation"},{"key":"ref41","doi-asserted-by":"publisher","DOI":"10.1109\/MIC.2012.144"},{"key":"ref44","first-page":"5","article-title":"Securing distributed control of software defined networks","volume":"13","author":"othman","year":"2013","journal-title":"Int J Comput Sci Netw Security"},{"key":"ref43","doi-asserted-by":"publisher","DOI":"10.1109\/MCOM.2013.6553676"},{"key":"ref127","first-page":"13","article-title":"Online measurement of large traffic aggregates on commodity switches","author":"jose","year":"0","journal-title":"Proc of the USENIX HotICE Workshop"},{"key":"ref126","first-page":"29","article-title":"Software defined traffic measurement with OpenSketch","author":"yu","year":"0","journal-title":"Proc 10th USENIX Symp NSDI"},{"key":"ref125","doi-asserted-by":"publisher","DOI":"10.1109\/HOTI.2013.17"},{"key":"ref124","doi-asserted-by":"publisher","DOI":"10.1145\/2535372.2535411"},{"key":"ref73","first-page":"79","article-title":"Splendid isolation: Language-based security for software-defined networks","author":"schlesinger","year":"0","journal-title":"Proceedings of the Workshop on Hot Topics in Software Defined Networks"},{"key":"ref72","doi-asserted-by":"publisher","DOI":"10.1109\/EWSDN.2013.13"},{"key":"ref129","year":"0","journal-title":"NMap"},{"key":"ref71","doi-asserted-by":"publisher","DOI":"10.1145\/2070562.2070569"},{"key":"ref128","doi-asserted-by":"publisher","DOI":"10.1109\/LCN.2013.6761310"},{"key":"ref70","author":"hinrichs","year":"2008","journal-title":"Expressing and Enforcing Flow-based Network Security Policies"},{"key":"ref76","doi-asserted-by":"publisher","DOI":"10.1145\/2594291.2594317"},{"key":"ref130","year":"0","journal-title":"Cisco OnePK"},{"key":"ref77","doi-asserted-by":"publisher","DOI":"10.1145\/2342441.2342453"},{"key":"ref74","doi-asserted-by":"publisher","DOI":"10.1145\/2461446.2461461"},{"key":"ref75","doi-asserted-by":"crossref","first-page":"483","DOI":"10.1145\/2499370.2462178","article-title":"Machine-verified network controllers","volume":"48","author":"guha","year":"2013","journal-title":"ACM SIGPLAN Notices"},{"key":"ref133","year":"0","journal-title":"IETF LISP (Locator\/ID Separation Protocol)"},{"key":"ref134","doi-asserted-by":"publisher","DOI":"10.1109\/ICCT.2013.6820345"},{"key":"ref131","year":"0","journal-title":"Snort—Open Source Intrusion Prevention System"},{"key":"ref78","doi-asserted-by":"publisher","DOI":"10.1109\/SDN4FNS.2013.6702540"},{"key":"ref132","year":"0","journal-title":"Open Source Intrusion Detection and Prevention System"},{"key":"ref79","first-page":"1","author":"liyanage","year":"0","journal-title":"Proc 6th IEEE Int Symp World Wireless Mobile Multimedia Netw"},{"key":"ref136","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2007.4317620"},{"key":"ref135","doi-asserted-by":"publisher","DOI":"10.1109\/IC2E.2014.24"},{"key":"ref138","doi-asserted-by":"publisher","DOI":"10.1109\/ICDCSW.2012.87"},{"key":"ref137","doi-asserted-by":"publisher","DOI":"10.1145\/2287056.2287069"},{"key":"ref60","doi-asserted-by":"publisher","DOI":"10.1145\/1866898.1866905"},{"key":"ref139","doi-asserted-by":"publisher","DOI":"10.1109\/35.312841"},{"key":"ref62","doi-asserted-by":"publisher","DOI":"10.1145\/2043164.2018470"},{"key":"ref61","doi-asserted-by":"publisher","DOI":"10.1109\/ICC.2013.6654813"},{"key":"ref63","doi-asserted-by":"publisher","DOI":"10.1145\/2377677.2377766"},{"key":"ref64","first-page":"99","article-title":"Real time network policy checking using header space analysis","author":"kazemian","year":"0","journal-title":"Proc USENIX NSDI"},{"key":"ref140","article-title":"Lightweight directory access protocol (LDAP): The protocol","year":"2006","journal-title":"IETF RFC 4511"},{"key":"ref65","doi-asserted-by":"crossref","first-page":"92","DOI":"10.1007\/978-3-319-03584-0_8","article-title":"Towards a security-enhanced firewall application for OpenFlow networks","author":"wang","year":"2013","journal-title":"Cyberspace Safety and Security"},{"key":"ref141","year":"0","journal-title":"GENI Global environment for network innovations"},{"key":"ref66","article-title":"Towards a reliable SDN firewall","author":"hu","year":"0"},{"key":"ref142","year":"0","journal-title":"OFELIA OpenFlow in Europe—Linking Infrastructure and Applications"},{"key":"ref67","doi-asserted-by":"publisher","DOI":"10.1145\/2620728.2620749"},{"key":"ref143","doi-asserted-by":"publisher","DOI":"10.1016\/S1353-4858(14)70022-4"},{"key":"ref68","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-662-43936-4_23"},{"key":"ref144","year":"0"},{"key":"ref2","doi-asserted-by":"publisher","DOI":"10.1109\/35.568214"},{"key":"ref69","doi-asserted-by":"crossref","first-page":"279","DOI":"10.1145\/2034574.2034812","article-title":"Frenetic: A network programming language","volume":"46","author":"foster","year":"2011","journal-title":"ACM SIGPLAN Notices"},{"key":"ref145","year":"2014","journal-title":"SDN Architecture (Issue 1)"},{"key":"ref1","doi-asserted-by":"publisher","DOI":"10.1002\/j.1538-7305.1982.tb04362.x"},{"key":"ref109","first-page":"533","article-title":"Enforcing network-wide policies in the presence of dynamic middlebox actions using flowtags","author":"fayazbakhsh","year":"0","journal-title":"Proc NSDI"},{"key":"ref95","first-page":"1","article-title":"Securing enterprise networks using traffic tainting","author":"ramachandran","year":"0","journal-title":"Proc SIGCOMM"},{"key":"ref108","doi-asserted-by":"publisher","DOI":"10.1145\/2491185.2491223"},{"key":"ref94","doi-asserted-by":"publisher","DOI":"10.1145\/1592681.1592684"},{"key":"ref107","doi-asserted-by":"publisher","DOI":"10.1109\/ICUFN.2014.6876752"},{"key":"ref93","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-07494-8_6"},{"key":"ref106","first-page":"385","article-title":"A novel design for future on-demand service and security","author":"chu","year":"0","journal-title":"Proc IEEE 12th ICCT"},{"key":"ref92","doi-asserted-by":"publisher","DOI":"10.1109\/NOMS.2014.6838409"},{"key":"ref105","first-page":"1","article-title":"Implementation of content-oriented networking architecture (CONA): A focus on DDoS countermeasure","author":"suh","year":"0","journal-title":"Proc of the European NetFPGA Developers Workshop"},{"key":"ref91","doi-asserted-by":"publisher","DOI":"10.1109\/ICC.2013.6655095"},{"key":"ref104","doi-asserted-by":"publisher","DOI":"10.1109\/LCN.2010.5735752"},{"key":"ref90","doi-asserted-by":"publisher","DOI":"10.1109\/HPEC.2013.6670325"},{"key":"ref103","doi-asserted-by":"publisher","DOI":"10.1109\/ICACT.2014.6778942"},{"key":"ref102","doi-asserted-by":"crossref","first-page":"161","DOI":"10.1007\/978-3-642-23644-0_9","article-title":"Revisiting traffic anomaly detection using software defined networking","author":"mehdi","year":"2011","journal-title":"Recent Advances in Intrusion Detection"},{"key":"ref111","first-page":"251","article-title":"Dynamic security traversal in OpenFlow networks with QoS guarantee","volume":"4","author":"chen","year":"2014","journal-title":"International Journal of Engineering Science"},{"key":"ref112","doi-asserted-by":"publisher","DOI":"10.1109\/ICCSN.2011.6013582"},{"key":"ref110","doi-asserted-by":"publisher","DOI":"10.1145\/2486001.2486022"},{"key":"ref98","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2013.8"},{"key":"ref99","doi-asserted-by":"publisher","DOI":"10.1109\/GREE.2013.25"},{"key":"ref96","doi-asserted-by":"publisher","DOI":"10.1145\/2342441.2342467"},{"key":"ref97","doi-asserted-by":"publisher","DOI":"10.1109\/WoWMoM.2014.6918979"},{"key":"ref10","year":"2014","journal-title":"Software Defined Networking Gaining Momentum"},{"key":"ref11","doi-asserted-by":"publisher","DOI":"10.1145\/1384609.1384625"},{"key":"ref12","doi-asserted-by":"publisher","DOI":"10.1145\/2491185.2491189"},{"key":"ref13","year":"0","journal-title":"Floodlight Controller Floodlight Documentation For Developers Architecture"},{"key":"ref14","year":"2014","journal-title":"OpenDaylight A Linux Foundation Collaborative Project"},{"key":"ref15","year":"0"},{"key":"ref118","doi-asserted-by":"publisher","DOI":"10.1109\/EWSDN.2014.41"},{"key":"ref16","first-page":"1","article-title":"Onix: A distributed control platform for large-scale production networks","volume":"10","author":"koponen","year":"0","journal-title":"Proc OSDI"},{"key":"ref82","doi-asserted-by":"publisher","DOI":"10.1109\/NETSOFT.2015.7258233"},{"key":"ref117","first-page":"20","article-title":"SDN-driven authentication and access control system","author":"dangovas","year":"0","journal-title":"Proc Int Conf DINWC"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1145\/2535372.2535377"},{"key":"ref81","first-page":"1","article-title":"Extending SDN to large-scale networks","author":"mccauley","year":"0","journal-title":"Proc Open Netw Summit"},{"key":"ref18","first-page":"3","article-title":"HyperFlow: A distributed control plane for OpenFlow","author":"tootoonchian","year":"0","journal-title":"Proc Internet Netw Manage Conf Res Enterprise Netw"},{"key":"ref84","first-page":"113","article-title":"Header space analysis: Static checking for networks","author":"kazemian","year":"0","journal-title":"Proc NSDI"},{"key":"ref119","doi-asserted-by":"publisher","DOI":"10.1109\/TST.2014.6733211"},{"key":"ref19","first-page":"19","article-title":"Kandoo: A framework for efficient and scalable offloading of control applications","author":"yeganeh","year":"0","journal-title":"Proceedings of the Workshop on Hot Topics in Software Defined Networks"},{"key":"ref83","doi-asserted-by":"publisher","DOI":"10.1109\/EWSDN.2014.25"},{"key":"ref114","first-page":"1","article-title":"CloudWatcher: Network security monitoring using OpenFlow in dynamic cloud networks (or: How to provide security monitoring as a service in clouds?)","author":"shin","year":"0","journal-title":"Proc 20th IEEE ICNP"},{"key":"ref113","first-page":"8","article-title":"Extensible and scalable network monitoring using OpenSAFE","author":"ballard","year":"0","journal-title":"Proc INM\/WREN"},{"key":"ref116","doi-asserted-by":"publisher","DOI":"10.14722\/sent.2014.23002"},{"key":"ref80","first-page":"1","article-title":"FRESCO: Modular composable security services for software-defined networks","author":"shin","year":"0","journal-title":"Proc Symp Netw Distrib Syst Security"},{"key":"ref115","doi-asserted-by":"publisher","DOI":"10.1109\/COMPSAC.2014.41"},{"key":"ref120","first-page":"568","article-title":"A software-defined scalable and autonomous architecture for multi-tenancy","author":"ahmed","year":"0","journal-title":"Proc of IEEE IC2E"},{"key":"ref89","doi-asserted-by":"publisher","DOI":"10.1145\/2535771.2535794"},{"key":"ref121","doi-asserted-by":"publisher","DOI":"10.1109\/ICCCN.2014.6911782"},{"key":"ref122","doi-asserted-by":"publisher","DOI":"10.1109\/CNSM.2014.7014198"},{"key":"ref123","year":"0","journal-title":"sFlow—Sampling Technology for Network Traffic Monitoring"},{"key":"ref85","doi-asserted-by":"publisher","DOI":"10.1145\/2342356.2342427"},{"key":"ref86","doi-asserted-by":"publisher","DOI":"10.1109\/ICCNC.2012.6167511"},{"key":"ref87","article-title":"Host identity protocol","author":"moskowitz","year":"2008","journal-title":"RFC5201"},{"key":"ref88","doi-asserted-by":"publisher","DOI":"10.1016\/j.bjp.2013.10.014"}],"container-title":["IEEE Communications Surveys & Tutorials"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/9739\/7393921\/7150550.pdf?arnumber=7150550","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,1,12]],"date-time":"2022-01-12T16:47:39Z","timestamp":1642006059000},"score":1,"resource":{"primary":{"URL":"http:\/\/ieeexplore.ieee.org\/document\/7150550\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2016]]},"references-count":169,"journal-issue":{"issue":"1"},"URL":"https:\/\/doi.org\/10.1109\/comst.2015.2453114","relation":{},"ISSN":["1553-877X"],"issn-type":[{"value":"1553-877X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2016]]}}}