Security of East-West Interface of SDN: A Review of Challenges, Solutions, and Future Directions

Authors

  • Hamad Alrashede Department of Computer Science, Faculty of Computing and Information Technology, King Abdulaziz University (KAU), Jeddah, Saudi Arabia https://orcid.org/0000-0003-0130-1182
  • Fathy Eassa Department of Computer Science, Faculty of Computing and Information Technology, King Abdulaziz University (KAU), Jeddah, Saudi Arabia
  • Abdullah Marish Department of Computer Science, Faculty of Computing and Information Technology, King Abdulaziz University (KAU), Jeddah, Saudi Arabia https://orcid.org/0000-0001-6676-7456
Volume: 15 | Issue: 3 | Pages: 23376-23385 | June 2025 | https://doi.org/10.48084/etasr.10988

Received: 17 March 2025 | Revised: 2 April 2025, 13 April 2025, and 15 April 2025 | Accepted: 19 April 2025 | Online: 26 April 2025


Corresponding author: Hamad Alrashede

Abstract

The east-west interface in Software Defined Networking (SDN) plays a crucial role in enabling inter-controller communication, which is vital for scalability, load balancing, and fault tolerance in distributed SDN environments. Despite its importance, this interface remains vulnerable to serious security threats, such as Man-in-the-Middle (MitM), unauthorized access, False Data Injection (FDI), and Distributed Denial-of-Service (DDoS) attacks. Unlike previous studies and reviews that focus broadly on SDN security, this paper presents a comprehensive review of the current security challenges and proposed solutions that are specific to the east-west interface. The literature is organized into five categories: cryptographic techniques, authentication and access control, blockchain-based mechanisms, Machine Learning (ML) approaches, and hybrid models. In addition, an analytical contribution is provided by introducing a threat-solution coverage matrix that maps each reviewed solution to the specific types of attacks it mitigates. This analysis highlights under-addressed vulnerabilities and uncovers critical research gaps. Future research directions are provided, including the adoption of zero-trust architectures and the need for standardized benchmarking protocols.

Keywords:

east-west interface security, distributed SDN security, Software Defined Networking (SDN)

Downloads

Download data is not yet available.

References

A. Liatifis, P. Sarigiannidis, V. Argyriou, and T. Lagkas, "Advancing SDN from OpenFlow to P4: A Survey," ACM Comput. Surv., vol. 55, no. 9, pp. 186:1-186:37, Jan. 2023.

R. Chaudhary, G. S. Aujla, N. Kumar, and P. K. Chouhan, "A comprehensive survey on software-defined networking for smart communities," International Journal of Communication Systems, vol. 38, no. 1, 2025, Art. no. e5296.

Software Defined Networking Market, Industry Report, 2030. Grand View Research, 2023.

H. Alrashede, F. Eassa, A. Marish Ali, F. Albalwy, and H. Aljihani, "A Blockchain-Based Security Framework for East-West Interface of SDN," Electronics, vol. 13, no. 19, Jan. 2024, Art. no. 3799.

A. H. Janabi, T. Kanakis, and M. Johnson, "Survey: Intrusion Detection System in Software-Defined Networking," IEEE Access, vol. 12, pp. 164097–164120, 2024.

R. Basfar, M. Y. Dahab, A. M. Ali, F. Eassa, and K. Bajunaied, "Enhanced Intrusion Detection in Software-Defined Networking using Advanced Feature Selection: The EMRMR Approach," Engineering, Technology & Applied Science Research, vol. 14, no. 6, pp. 19001–19008, Dec. 2024.

Huang, V.; Chen, G.; Zhang, P.; Li, H.; Hu, C.; Pan, T.; Fu, Q. "A Scalable Approach to SDN Control Plane Management: High Utilization Comes With Low Latency." IEEE Transactions on Network and Service Management, vol. 17, pp. 682–695, Sept. 2020.

N. V. Oikonomou, D. V. Oikonomou, E. Stergiou, and D. Liarokapis, "Comprehensive Analysis of Software-Defined Networking: Evaluating Performance Across Diverse Topologies and Investigating Topology Discovery Protocols," Journal of Engineering Research and Sciences, vol. 3, no. 7, pp. 23–43, 2024.

R. S. Alsheikh, E. A. Fadel, and N. T. Akkari, "Distributed Software-Defined Networking Management:," ARO-the Scientific Journal of Koya University, vol. 12, no. 2, pp. 157–166, Sep. 2024.

S. O. Sati, M. Sati, and M. Emshiheet, "Control Plane Scalability of Software Defined Networking," in 2024 ASU International Conference in Emerging Technologies for Sustainability and Intelligent Systems (ICETSIS), Manama, Bahrain, Jan. 2024, pp. 1830–1834.

P. B. Bautista, J. Comellas, and L. Urquiza-Aguiar, "Evaluating Scalability, Resiliency, and Load Balancing in Software-Defined Networking," Engineering Proceedings, vol. 47, no. 1, 2023, Art. no. 16.

M. Ali et al., "Performance and Scalability Analysis of SDN-Based Large-Scale Wi-Fi Networks," Applied Sciences, vol. 13, no. 7, Jan. Art. no. 4170, 2023.

S. A. Darade and M. Akkalakshmi, "Load balancing strategy in software defined network by improved whale optimization algorithm," Journal of High Speed Networks, vol. 27, no. 2, pp. 151–167, Jul. 2021.

C. D. Bhowmik and T. Gayen, "Traffic aware dynamic load distribution in the Data Plane of SDN using Genetic Algorithm: A case study on NSF network," Pervasive and Mobile Computing, vol. 88, Jan. 2023, Art. no. 101723.

S. Xu, X. Wang, G. Yang, J. Ren, and S. Wang, "Routing optimization for cloud services in SDN-based Internet of Things with TCAM capacity constraint," Journal of Communications and Networks, vol. 22, no. 2, pp. 145–158, Apr. 2020.

S. Ahmad and A. H. Mir, "SDN Interfaces: Protocols, Taxonomy and Challenges," International Journal of Wireless and Microwave Technologies, vol. 12, no. 2, pp. 11–32, Apr. 2022.

Z. Latif, K. Sharif, F. Li, M. M. Karim, S. Biswas, and Y. Wang, "A comprehensive survey of interface protocols for software defined networks," Journal of Network and Computer Applications, vol. 156, Apr. 2020, Art. no. 102563.

O. Blial, M. Ben Mamoun, and R. Benaini, "An Overview on SDN Architectures with Multiple Controllers," Journal of Computer Networks and Communications, vol. 2016, no. 1, 2016, Art. no. 9396525.

J. Miguel-Alonso, "A Research Review of OpenFlow for Datacenter Networking," IEEE Access, vol. 11, pp. 770–786, 2023.

R. Firouzi and R. Rahmani, "A Distributed SDN Controller for Distributed IoT," IEEE Access, vol. 10, pp. 42873–42882, 2022.

S. Ahmad and A. H. Mir, "Scalability, Consistency, Reliability and Security in SDN Controllers: A Survey of Diverse SDN Controllers," Journal of Network and Systems Management, vol. 29, no. 1, Nov. 2020, Art. no. 9.

V. Ganeshan and B. S. Manoj, "Beyond Traditional Boundaries: A Survey of Security Mechanisms in Software-Defined Networks," in 2024 Second International Conference on Emerging Trends in Information Technology and Engineering (ICETITE), Vellore, India, Oct. 2024, pp. 1–8.

M. Rahouti, K. Xiong, Y. Xin, S. K. Jagatheesaperumal, M. Ayyash, and M. Shaheed, "SDN Security Review: Threat Taxonomy, Implications, and Open Challenges," IEEE Access, vol. 10, pp. 45820–45854, 2022.

M. S. Farooq, S. Riaz, and A. Alvi, "Security and Privacy Issues in Software-Defined Networking (SDN): A Systematic Literature Review," Electronics, vol. 12, no. 14, Jan. 2023, Art. no. 3077.

G. Hessam, G. Saba, and M. I. Alkhayat, "A new approach for detecting violation of data plane integrity in Software Defined Networks," Journal of Computer Security, vol. 29, no. 3, pp. 341–358, May 2021.

Y. Maleh, Y. Qasmaoui, K. El Gholami, Y. Sadqi, and S. Mounir, "A comprehensive survey on SDN security: threats, mitigations, and future directions," Journal of Reliable Intelligent Environments, vol. 9, no. 2, pp. 201–239, Jun. 2023.

Z. A. Bhuiyan, S. Islam, Md. M. Islam, A. B. M. A. Ullah, F. Naz, and M. S. Rahman, "On the (in)Security of the Control Plane of SDN Architecture: A Survey," IEEE Access, vol. 11, pp. 91550–91582, 2023.

H. Y. I. Khalid and N. B. I. Aldabagh, "A Survey on the Latest Intrusion Detection Datasets for Software Defined Networking Environments," Engineering, Technology & Applied Science Research, vol. 14, no. 2, pp. 13190–13200, Apr. 2024.

A. Sebbar, M. Boulmalf, M. Dafir Ech-Cherif El Kettani, and Y. Baddi, "Detection MITM Attack in Multi-SDN Controller," in 2018 IEEE 5th International Congress on Information Science and Technology (CiSt), Marrakech, Morocco, Jul. 2018, pp. 583–587.

K. S. Goud and S. R. Gidituri, "Security Challenges and Related Solutions in Software Defined Networks: A Survey," International Journal of Computer Networks and Applications, vol. 9, no. 1, Feb. 2022, Art. no. 22.

K. G. Yalda, D. J. Hamad, N. Tapus, and I. T. Okumus, "Security Issues in Software-Defined Networking (SDN) Environments," in 2024 23rd RoEduNet Conference: Networking in Education and Research (RoEduNet), Bucharest, Romania, Sep. 2024, pp. 1–8.

A. O. M. Salih, "Exploring LDoS Attack Detection in SDNs using Machine Learning Techniques," Engineering, Technology & Applied Science Research, vol. 15, no. 1, pp. 19568–19574, Feb. 2025.

L. F. Eliyan and R. Di Pietro, "DoS and DDoS attacks in Software Defined Networks: A survey of existing solutions and research challenges," Future Generation Computer Systems, vol. 122, pp. 149–171, Sep. 2021.

A. T. Phu et al., "Defending SDN against packet injection attacks using deep learning," Computer Networks, vol. 234, Oct. 2023, Art. no. 109935.

Y. Suo, S. Chai, R. Chai, Z.-H. Pang, Y. Xia, and G.-P. Liu, "Security Defense of Large-Scale Networks Under False Data Injection Attacks: An Attack Detection Scheduling Approach," IEEE Transactions on Information Forensics and Security, vol. 19, pp. 1908–1921, 2024.

S. Ghaly and M. Z. Abdullah, "Design and implementation of a secured SDN system based on hybrid encrypted algorithms," TELKOMNIKA, vol. 19, no. 4, pp. 1118–1125, Aug. 2021.

S. B. Hashemi Natanzi and M. R. Majma, "Secure distributed controllers in SDN based on ECC public key infrastructure," in 2017 International Conference on Electrical and Computing Technologies and Applications (ICECTA), Ras Al Khaimah, United Arab Emirates, Aug. 2017, pp. 1–5.

J.-H. Lam, S.-G. Lee, H.-J. Lee, and Y. E. Oktian, "Securing distributed SDN with IBC," in 2015 Seventh International Conference on Ubiquitous and Future Networks, Sapporo, Japan, Jul. 2015, pp. 921–925.

L. A. Khalil Al Dulaimi, R. Badlishah Ahmad, N. Yaakob, and Q. M. Hussein, "A Secured OpenFlow Protocol Using Elliptic Curves Cryptographic for Software Defined Networks," Journal of Physics: Conference Series, vol. 1019, no. 1, Mar. 2018, Art. no. 012014.

H. M. Alshameri and P. Kumar, "An Efficient Zero-Knowledge Proof Based Identification Scheme for Securing Software Defined Network," Scalable Computing: Practice and Experience, vol. 20, no. 1, pp. 181–189, Mar. 2019.

S. S. Mahdi and A. A. Abdullah, "Improved Security of SDN based on Hybrid Quantum Key Distribution Protocol," in 2022 International Conference on Computer Science and Software Engineering (CSASE), Duhok, Iraq, Mar. 2022, pp. 36–40.

M. H. Rempola, A. Smith, Y. Li, and L. Du, "Securing SDN Communication through Quantum Key Distribution," in 2024 IEEE Transportation Electrification Conference and Expo (ITEC), Chicago, IL, USA, Jun. 2024, pp. 1–5.

B. Yigit, G. Gur, B. Tellenbach, and F. Alagoz, "Secured Communication Channels in Software-Defined Networks," IEEE Communications Magazine, vol. 57, no. 10, pp. 63–69, Oct. 2019.

T. Mahboob, I. Arshad, A. Batool, and M. Nawaz, "Authentication Mechanism to Secure Communication between Wireless SDN Planes," in 2019 16th International Bhurban Conference on Applied Sciences and Technology (IBCAST), Islamabad, Pakistan, Jan. 2019, pp. 582–588.

N. S. Bülbül, O. Ermis, Ş. Bahtiyar, M. U. Çağlayan, and F. Alagöz, "Trust Enhanced Security for Routing in SDN," in 2022 1st International Conference on 6G Networking (6GNet), Paris, France, Jul. 2022, pp. 1–6.

M. Almakhour, A. Wehby, L. Sliman, A. E. Samhat, and A. Mellouk, "Smart Contract Based Solution for Secure Distributed SDN," in 2021 11th IFIP International Conference on New Technologies, Mobility and Security (NTMS), Paris, France, Apr. 2021, pp. 1–6.

P. Ohri, S. G. Neogi, S. Sengupta, D. Arockiam, and S. K. Muttoo, "Blockchain-Based Smart Contract Architecture for Inter-Domain SDN Controller Communication," in 2024 11th International Conference on Reliability, Infocom Technologies and Optimization (Trends and Future Directions) (ICRITO), Noida, India, Mar. 2024, pp. 1–6.

K. U, T. Swetha, I. Sharma, R. Keerthana, V. Tejashwini, and G. G. Devarajan, "Enhancing Cloud IoT Security With Blockchain and SDN," in 2024 International Conference on Communication, Computer Sciences and Engineering (IC3SE), Gautam Buddha Nagar, India, Feb. 2024, pp. 973–978.

K. Sibiya, M. Molefe, and B. Nleya, "A SDN Multi-Controller and Blockchain Enabled Authentication Framework for Cloud Computing," in 2024 International Conference on Electrical, Computer and Energy Technologies (ICECET), Sydney, Australia, Jul. 2024, pp. 1–9.

A. Derhab, M. Guerroumi, M. Belaoued, and O. Cheikhrouhou, "BMC-SDN: Blockchain-Based Multicontroller Architecture for Secure Software-Defined Networks," Wireless Communications and Mobile Computing, vol. 2021, no. 1, 2021, Art. no. 9984666.

A. Rahman, M. J. Islam, S. S. Band, G. Muhammad, K. Hasan, and P. Tiwari, "Towards a blockchain-SDN-based secure architecture for cloud computing in smart industrial IoT," Digital Communications and Networks, vol. 9, no. 2, pp. 411–421, Apr. 2023.

S. Boukria, M. Guerroumi, and I. Romdhani, "BCFR: Blockchain-based Controller Against False Flow Rule Injection in SDN," in 2019 IEEE Symposium on Computers and Communications (ISCC), Barcelona, Spain, Jun. 2019, pp. 1034–1039.

A. Alkhamisi, I. Katib, and S. M. Buhari, "Blockchain-Based Control Plane Attack Detection Mechanisms for Multi-Controller Software-Defined Networks," Electronics, vol. 13, no. 12, Jan. 2024, Art. no. 2279.

H. Eltaief, K. Thabet, and E. Kamel Ali, "Securing East-West Communication in a Distributed SDN," in Hybrid Intelligent Systems, 2023, pp. 1225–1234.

H. N. Nguyen, S. Souihi, H.-A. Tran, and S. Fowler, "A Blockchain-based SDN East/West Interface," in GLOBECOM 2022 - 2022 IEEE Global Communications Conference, Rio de Janeiro, Brazil, Sep. 2022, pp. 5759–5764.

S. C. Tollefson, "Utilizing Blockchain to Design an East/West Interface for Federated Software Defined Networks," M.S. thesis, Naval Postgraduate School, Monterey, CA, USA, 2018.

W. Fan, S.-Y. Chang, S. Kumar, X. Zhou, and Y. Park, "Blockchain-based Secure Coordination for Distributed SDN Control Plane," in 2021 IEEE 7th International Conference on Network Softwarization (NetSoft), Tokyo, Japan, Jun. 2021, pp. 253–257.

B. A. Almohagri, M. A. Saeed, H. M. Alazaby, and A. I. Mohammed, "Machine Learning Approach for Distributed Daniel of Service Attack Detection in SDNs," in 2023 3rd International Conference on Emerging Smart Technologies and Applications (eSmarTA), Taiz, Yemen, Jul. 2023, pp. 01–07.

L. Mhamdi and M. M. Isa, "Securing SDN: Hybrid autoencoder-random forest for intrusion detection and attack mitigation," Journal of Network and Computer Applications, vol. 225, May 2024, Art. no. 103868.

M. M. Ahmed and H. Abdulkader, "An ensemble-based approach for effective distributed denial of service attack detection in software defined networking," IAES International Journal of Artificial Intelligence (IJ-AI), vol. 13, no. 2, pp. 2019–2026, Jun. 2024.

S. Mani and M. J. Nene, "Preventing Distributed Denial of Service Attacks in Software Defined Mesh Networks," in 2021 International Conference on Intelligent Technologies (CONIT), Hubli, India, Jun. 2021, pp. 1–7.

A. Sharma, D. Upadhyay, and S. Sharma, "Enhancing blockchain security: a novel approach to integrated malware defence mechanisms," Engineering Research Express, vol. 6, no. 2, Feb. 2024, Art. no. 025215.

Y. Yan, Z. Chen, and V. Varadharajan, "Control of Large-Scale Networked Cyberphysical Systems Using Cryptographic Techniques." arXiv, Aug. 20, 2020.

D. Das, U. Ghosh, N. Evans, and S. Shetty, "Blockchain-Enabled Secure Device-to-Device Communication in Software-Defined Networking," in 2024 IEEE International Conference on Communications Workshops (ICC Workshops), Denver, CO, USA, Jun. 2024, pp. 1450–1455.

Downloads

How to Cite

[1]
Alrashede, H., Eassa, F. and Marish, A. 2025. Security of East-West Interface of SDN: A Review of Challenges, Solutions, and Future Directions. Engineering, Technology & Applied Science Research. 15, 3 (Jun. 2025), 23376–23385. DOI:https://doi.org/10.48084/etasr.10988.

Metrics

Abstract Views: 126
PDF Downloads: 87

Metrics Information

License

Copyright (c) 2025 Hamad Alrashede, Fathy Eassa, Abdullah Marish

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

Authors who publish with this journal agree to the following terms:

- Authors retain the copyright and grant the journal the right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.

- Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.

- Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) after its publication in ETASR with an acknowledgement of its initial publication in this journal.