Master's thesis
This master’s thesis contains analysis of security conditions in the domain of software defined networks. In the first part we dedicate to the approach of network architecture, summary of the SDN properties and description of three operational modes. We complete this section by analyzing the OpenFlow protocol’s messages. A significant part of the analysis was addressed to the security of SDN, mainly to the security analysis of the architecture of such a network, and separately threats on individual layers of architecture. For each of the threats, we have also described corresponding countermeasure. In addition, we have focused in detail on DoS attacks on the controller and their practical solving. The solution we propose ensure the controller against this type of attack. As part of the implementation of the prototype, we have focused on creating a basic functional program which, by using the priority queues, the rating and scheduling algorithm, secure the controller.
Keywords: Software Defined Networks, controller security, DoS attacks, DDoS attacks