A Systematic Approach To Threat Modeling And Security Analysis For Software Defined Networking

Software Defined Networking (SDN) extends capabilities of existing networks by providing various functionalities, such as flexible networking controls. However, there are many security threat vectors in SDN, including existing and emerging ones arising from new functionalities, that may hinder the use of SDN. To tackle this problem, many countermeasures have been developed to mitigate various threats faced in SDN. However, their effectiveness must be analyzed and compared to fully understand how security posture of SDN changes when the countermeasure is adopted. Also, it becomes difficult to optimize the security of SDN without using a systematic approach to evaluate the security posture of SDN. In this paper, we propose a novel framework to systematically model and analyze the security posture of SDN. We develop a novel graphical security model formalism named Threat Vector Hierarchical Attack Representation Model (TV-HARM), which provides a systematic approach to evaluate threats, attacks and countermeasures for SDN. The TV-HARM captures different threats and their combinations, enabling security risk assessment of SDN. In addition, we define three new security metrics to represent security of SDN. Our experimental results showed that the proposed security assessment framework can capture and evaluate various security threats to SDN, demonstrating the applicability and feasibility of the proposed framework.