Abstract
Software Defined Networking (SDN) separates the control logic from data forwarding and shifts the whole decision power to the controller, making the switch a dumb device. SDNs are becoming more and more important due to the key features like scalability, flexibility and monitoring. The centralized control of SDN makes it vulnerable to different attacks such as Flooding, Spoofing, Denial of Service (DoS), etc. These attacks can degrade the SDN performance by overwhelming its different components such as controller, switch and control channel. This paper provides a comprehensive review of different mitigation approaches and categorizes them into three different classes on the basis of their methodology to handle the malicious traffic. In addition to that, we find out limitations in these mitigation approaches and propose the possible features of an optimal solution against DoS attacks. To the best of our knowledge, this work is the first attempt toward classifying DoS mitigation strategies and finding out their limitations in the SDN environment.
•Software Defined Networking (SDN) separates control logic from data forwarding.•The centralized control of SDN makes it vulnerable to different attacks.•These attacks can degrade SDN performance by overwhelming its different components.•A comprehensive review of different mitigation approaches is presented in this paper.•In addition, we also figure out possible limitations in these mitigation approaches.