An SDN Controller Security Cluster Scheme Based on Intrusion Detection Technology

Xiao-feng XU, Jia-hao DAI, Gao-lei YANG


Software Defined Network (SDN) is a new network innovation architecture that separates the control layer and the data layer of the network. In the SDNs, the control layer is the core of the entire network, and its security is very important. In practical applications, the control layer is usually composed of SDN controller clusters. In order to enhance the security of the SDN controller cluster, this paper first studies the development status of the current SDN technology, and then analyzes the current state of the defense technology of the network system. Through the analysis and summary of the two, we proposed the discovery and isolation scheme of the invaded controller in the cluster environment, and designed the intrusion detection module, control module and defense module. Finally, we implemented the scheme based on Opendaylight controller, and proved the effectiveness of the scheme by experiments.


Network security, Intrusion prevention, Software defined network, Cluster


Full Text:



  • There are currently no refbacks.