A Centralized Reputation Management Scheme for Isolating Malicious Controller(s) in Distributed Software-Defined Networks

Software-Defined Networks have seen an increasing in their deployment because they offer better network manageability compared to traditional networks. Despite their immense success and popularity, various security issues in SDN remain open problems for research. Particularly, the problem of securing the controllers in distributed environment is still short of any solutions. This paper proposes a scheme to identify any rogue/malicious controller(s) in a distributed environment. Our scheme is based on trust and reputation system which is centrally managed. As such, our scheme identifies any controllers acting maliciously by comparing the state of installed flows/policies with policies that should be installed. Controllers rate each other on this basis and report the results to a central entity, which reports it to the network administrator.