U.S. flag

An official website of the United States government

The .gov means it’s official. Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

The site is secure. The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

  • Publications
  • Account settings
  • Advanced Search
  • Journal List
  • Sensors (Basel)

Logo of sensors

Software-Defined Networking: Categories, Analysis, and Future Directions

Mudassar hussain.

1 Department of Computer Science, University of Wah, Wah Cantt P.O. Box 47010, Pakistan

2 Department of Computer Science, COMSATS University Islamabad, Wah Campus, Wah Cantt P.O. Box 47010, Pakistan; moc.liamg@28hahsridan (N.S.); moc.liamg@azarnashoms (S.M.R.)

Rashid Amin

3 Department of Computer Science, University of Chakwal, Chakwal P.O. Box 48800, Pakistan

Sultan S. Alshamrani

4 Department of Information Technology, College of Computer and Information Technology, Taif University, Taif P.O. Box 21944, Saudi Arabia; as.ude.ut@hsamasus

Aziz Alotaibi

5 Department of Computer Science, College of Computers and Information Technology, Taif University, Taif P.O. Box 21944, Saudi Arabia; as.ude.ut@ibiatoza

Syed Mohsan Raza

Associated data.

Not applicable.

Software-defined networking (SDN) is an innovative network architecture that splits the control and management planes from the data plane. It helps in simplifying network manageability and programmability, along with several other benefits. Due to the programmability features, SDN is gaining popularity in both academia and industry. However, this emerging paradigm has been facing diverse kinds of challenges during the SDN implementation process and with respect to adoption of existing technologies. This paper evaluates several existing approaches in SDN and compares and analyzes the findings. The paper is organized into seven categories, namely network testing and verification, flow rule installation mechanisms, network security and management issues related to SDN implementation, memory management studies, SDN simulators and emulators, SDN programming languages, and SDN controller platforms. Each category has significance in the implementation of SDN networks. During the implementation process, network testing and verification is very important to avoid packet violations and network inefficiencies. Similarly, consistent flow rule installation, especially in the case of policy change at the controller, needs to be carefully implemented. Effective network security and memory management, at both the network control and data planes, play a vital role in SDN. Furthermore, SDN simulation tools, controller platforms, and programming languages help academia and industry to implement and test their developed network applications. We also compare the existing SDN studies in detail in terms of classification and discuss their benefits and limitations. Finally, future research guidelines are provided, and the paper is concluded.

1. Introduction

Traditional networks are complex and hard to manage because all the functionalities of the data, control, and management planes are vertically and tightly coupled in forwarding devices [ 1 ]. In traditional networks, the control plane, with the help of routing protocols, forwards data packets as per network policies. Due to this vertical integration and the tightly coupled nature of forwarding devices, network management becomes difficult, and performance tuning becomes challenging. Moreover, the network applications and services of the current information age have become more complex and demanding, so it is necessary that the Internet be able to evolve to address these new challenges. To resolve such issues, the idea of “programmable networks” has been proposed to facilitate network evolution. In this regard, two concepts, active networking [ 2 ] and programmable networks [ 3 ], were explored. Active networking refers to network intelligence (as opposed to typical packet processing), where network nodes have the capability of performing customized operations on packets. Programmable networks permit the controlling of network nodes’ behavior and flow control through software. Later, the 4D project [ 4 , 5 , 6 ] proposed a clean slate design that is based on four planes: decision, dissemination, discovery, and data. It emphasizes the separation of routing decision logic and protocols governing the interaction between forwarding devices. The decision plane has a network-wide view of the network topology and installs configuration commands at the data plane for communication. The dissemination and discovery planes provides efficient communication between the decision and data planes. Ethane [ 7 ] proposed a new network architecture for enterprises that allows network managers to configure and control the whole network by using a centralized controller. These research works proposed a clear foundation for separation between the data and control planes, which resulted in the introduction of software-defined networking (SDN). SDN provides a real-world implementation of a suite of networking software that allows a network to be centrally controlled. It is not the first and only solution that accepts separation and programmability. However, it has wide acceptance in both academia and industry due to the rapid innovation in both the control and data planes. A group of network operators, service providers, and vendors have created the Open Network Foundation (ONF) [ 8 ], which is an industrial-driven organization to promote SDN and standardize the OpenFlow Protocol (OFP) [ 9 ]. On the academia side, the OpenFlow Network Research Center [ 10 ] has been created, with a focus on SDN research.

SDN [ 11 , 12 , 13 , 14 , 15 ] is an emerging form of network that resolves these limitations by separating network control and management from the data plane to reduce complexity and increase network management. This separation of the control and data planes leaves network switches as simple forwarding devices. However, the network control is shifted to the centralized logical entity called the controller, which acts as the network’s brain and maintains a global view of the network and programming abstractions. It offers a programmatic control of the entire network and provides real-time control of underlying devices to network operators. The management plane specifies network applications, such as network policies, network monitoring, load balancing, and so on, which are implemented by the network administrator based on the application environment and the user’s requirements. In this way, network management turns out to be simple, which reduces network rigidness. All three of the SDN planes interact with each other by using application programming interfaces.

1.1. Application Programming Interfaces

Application programming interfaces (APIs) [ 16 ] are very important in SDN; they provide communication between the data, control and management planes. The well-known APIs are southbound APIs (SBI), northbound APIs (NBI), and in the case of distributed controllers, east/westbound APIs. These APIs are architectural components of SDN, and they are used to configure forwarding devices or network applications. The SDN layered architecture, including APIs, is shown in Figure 1 .

An external file that holds a picture, illustration, etc.
Object name is sensors-22-05551-g001.jpg

SDN system architecture.

An external file that holds a picture, illustration, etc.
Object name is sensors-22-05551-g002.jpg

Southbound API proposals.

  • OpenFlow-Dependent SBI Proposals: These include OpenFlow-based SBI proposals with the addition of new features or in its newer versions. DevoFlow [ 17 ] modifies the OpenFlow model to permit network operators to focus on flow rules, which are essential for network management, by breaking the coupling between network control and global visibility. It helps to reduce internal communication between the control and data planes. The Revised OpenFlow Library (ROFL) [ 18 ] provides an API that offers much better usability by hiding details of OFP versions to make application development easier. It utilizes the extensible datapath daemon (xDPd) framework, which facilitates creating SDN data path elements. The hardware abstraction layer (HAL) [ 19 ] separates hardware-specific control and management functionalities from the forwarding devices in order to make legacy network nodes such as OpenFlow compliant. It results in decreasing the complexity of network devices, and the problem of vendor-specific features is resolved. OpenState [ 20 ] states that a central controller should not be provided with full control. It also proposes that the programmers can implement states in the forwarding devices instead of the central controller. Protocol-oblivious forwarding (POF) [ 21 ] offers a reactive mechanism that requires forwarding devices to extract keys and process packets by using packet headers, which leads to overhead. The programming abstraction datapath (PAD) [ 22 ] reveals the programmability of switch capabilities and offers SBI for optical switches. The open virtual switch database (OvSDB) [ 23 ] and OpenFlow configuration protocol (OF-Config) [ 24 ] build an association between the control and data planes and facilitate configurations in OpenFlow.
  • OpenFlow-Independent SBI Proposals: P4 runtime SBI [ 25 ] helps to solve the problem of OFP. It is an open, extensible, customizable platform that offers a new way for the control plane to control forwarding devices and solves the limitations of OFP. Forwarding and control element separation (ForCES) [ 26 ] aimed to replace OpenFlow. It enables the separation of control and forwarding elements that are in the same physical device without modifying the traditional networking architecture and without involvement of an external controller using a logical function block. OpFlex [ 27 ] supports communication between the controller and data plane; however, its provision of service is different in comparison with OpenFlow. It resolves the scalability problem by distributing load to the forwarding devices. NetConf [ 28 ] uses a remote procedure call paradigm to manage and configure network devices remotely. It was already present before the emergence of SDN and offers a very simple API to send and receive full or partial configuration datasets.
  • OpenFlow-Based SBIs Emerging Technology: Sensor OpenFlow (SOF) [ 29 ] is upgraded as per the specifications of low-capacity sensor nodes. It is based on OpenFlow and aimed to address the challenges of flow and congestion control. It offers the ability to redefine flow tables as per the specific addressing schemes of wireless sensor networks (WSN) to install flow rules on sensor network devices. Software-defined wireless networks (SDWN) [ 30 ] aimed to decrease energy consumption in WSNs with the help of duty cycles and in-network data aggregation. Duty energy minimizes consumption by turning radio off in case of idle periods, and in-network data aggregation is also helpful in this regard. Its protocol architecture utilizes both generic and sink nodes. In addition, it supports elastic flow rules due to its nature, unlike traditional OpenFlow. SDN for wireless sensors (SDN WISE) [ 31 ], implemented in OMNet++, aimed at reducing sensor nodes’ communication with the controller, in addition to making sensor nodes programmable. SOF and SDWN utilize a central controller to provide theoretical details; however, SDN-WISE is based on a distributed controller paradigm, using an ONOS controller [ 32 ] to provide services based on practical implementations.
  • Northbound API: Control and management planes use NBI to provide programmability to application developers. NBI is very important with respect to the ability of SDN adoption to support variety of SDN applications. A wide range of NBIs are offered by current controllers and programming languages due to the lack of standardization. In addition, some programmers and many controller platforms use the REST API as NBI. One of the initiatives of ONF is the Northbound Interface Work Group (NBIWG) [ 33 ], which was formed with the intention of standardizing NBI.
  • East/Westbound API: Inter-controller communication of SDN domains is established using eastbound API. Westbound API is responsible for communication from the legacy domain to SDN domain. Central network control is the key feature of SDN; however, the single controller can handle only a limited number of forwarding devices. To accommodate the exponential increase in forwarding devices and for large-scale networks, distributed controllers have become a requirement. Eastbound APIs are used to import/export information among distributed controllers [ 34 , 35 , 36 ], and westbound APIs enable communication between legacy network devices and the controllers [ 37 , 38 , 39 ].

1.2. Network Configuration and Flow Rules Installation

Computer networks are mainly configured based on access control list (ACL) policies and routing protocols. The ACL policies are the set of rules that instruct network devices to function as per the requirements of users, applications, and/or organizations. The routing protocols help to find best path between source and destination. In SDN, the ACL policies are configured at the network control plane, and based on those policies, flow rules are generated and installed at forwarding devices. These policies often change in computer networks as per the demands of hosts or changes in network topology to allow or deny specific communication [ 40 ]. The SDN programming languages (for example, Pyretic [ 41 ], Frenetic [ 42 ], and Maple [ 43 ]) help to specify ACL policies as per the application environment via parallel and sequential composition operators for efficient implementation of policies. Whenever a host initiates a communication process, the forwarding device (switch) checks flow rules for that communication in its flow table. If a flow rule does not exist, then it sends a digest packet to the controller. The controller calculates the best path between the source and destination host according to the network topology and ACL policy. The flow rules are installed along the computed best path, and based on these flow rules, communication takes place. The switch stores these flow rules in its flow table until the timeout value expires due to inactivity. There are two types of timeout values. The first type is soft timeout, which states that the flow rule is deleted from the switch flow table if it is not used for a defined number of seconds. The second type is hard timeout value, which states that the flow rule is deleted a after certain number of seconds [ 44 ]. These timeout values depend on the application environment and controller platform [ 45 ].

The flow rules are installed based on reactive, proactive, and hybrid mechanisms [ 46 ]. In a reactive mechanism, when a packet is received at the switch, it looks up its flow table to initiate the forwarding process. In the case of flow rule matching, the respective packet is forwarded as per flow entry. However, in the case of non-matching, it sends a digest packet to the controller, which reacts by consulting the network topology, routing protocols, and ACL policies. It computes and installs the flow rule along the path between the source and destination via packet-out messages. All subsequent packets follow the same path without intervention from the controller. In this approach, only required flow rules are installed as per the request from communication hosts, so it helps to reduce the load in the flow tables of the data plane. This, in turn, efficiently utilizes ternary content-addressable memory (TCAM) resources. In a proactive approach, the flow rules are pre-populated, that is, populated before the first packet of a flow arrives at a switch based on network policies, routing protocols, and network topology [ 32 ]. This approach reduces the flow rules setup delay as well as the number of signaling messages due to the predefined actions and their flow rules installation before the arrival of packets. Therefore, the packets are forwarded just by matching flow rules, which saves a large amount of time. However, the TCAM resources of switches are not efficiently utilized due to the installation of flow rules for which communication is not desired. The hybrid approach is combination of reactive and proactive and is flexible in the sense that it includes the best characteristics of both proactive and reactive approaches. It offers flexibility and robustness and helps to reduce communication delays.

1.3. SDN Advantages

SDN has many advantages over traditional networks owing to the lower maintenance, ease of management, and implementation of ACL policies [ 47 , 48 ]. It simplifies network management and control by managing the whole network from the centralized controller. Moreover, forwarding devices (switches) become simplified as network intelligence is shifted to the controller; thus, these devices are left with very basic functionalities as they only need to act according to the instructions from the controller and do not require understanding and processing heterogeneous algorithms and protocols. In addition, the forwarding devices also help the controller for route computations and link/node monitoring, along with other tasks such as network management and diagnostics [ 49 ]. SDN has numerous advantages compared to traditional networking. Some of them are defined below:

  • SDN Centralized Management and Control: SDN’s centralized management and control of networking devices helps to reduce complexity.
  • Directly Programmable: The network control plane can be directly programmable as it is separated from the data and management planes.
  • Easier Network Management and Automation: It offers easier network management and automation via common APIs to program the applications due to the provision of abstractions by the controller platform.
  • Rapid Innovation: It allows rapid innovation, as there is no need to configure each device and no need to wait for new releases from vendors.
  • Programmability: The network is programmable with the help of network applications that are installed at the control plane to offer vendor independence.
  • Flexibility: It provides a flexible network architecture that protects existing investments while future-proofing the network.
  • Flow-Rules-Based Forwarding: Forwarding decisions are based on flow rules (instead of destination-based addresses), which broadly implement flow rule matching and action criteria.
  • ACL Policy Implementation: It allows network administrators to apply ACL policies at a more granular level in a highly abstracted automated fashion.
  • Usability: It provides better user experience by centralizing network control and making state information available to higher-level applications as it can adopt dynamic user needs easily [ 50 , 51 , 52 , 53 ].
  • Security: It provides centralized security control, which improves network visibility through security management. In addition, it offers robust control over network infrastructure to develop efficient and effective security mechanisms [ 54 , 55 ] to detect and prevent security attacks [ 56 , 57 ].
  • On-Demand Quality of Service: It utilizes the SDN central control intelligence for the aggregation of services from long-term evaluation (LTE) and the wide area network (WAN) to tackle the increasing computational demands of mobile users [ 58 ].
  • Traffic and Resource Categorization in Edge Network: The collaboration of network function virtualization (NFV) and SDN in virtualized network infrastructures (multiple NFV, virtual network function (VNF), service function chaining) provides a customized QoS for residential network requests via differentiated treatment of each clustered and tagged piece of traffic in the edge network. Traffic encompasses audio and video streaming. SDN assists in the realization of differentiated behavior of underlying hardware network resources [ 59 ].
  • Mobility Support for Internet of Vehicles (IOV): SDN enables intelligent remote clouds for the computation of tasks offloaded by speedy vehicle to the roadside unit (RSU). The controller supports the RSU for implementing the communication path between the RSU and fog node with adequate resources in a predictive fashion. Consequently, the fog node capabilities log at the controller tends to the optimal computation of IOV jobs by fog nodes [ 60 ].
  • Topology Discovery: SDN has centralized services for event-based topology discovery. Tree exploration discovery protocol (TEDP) outperforms the OpenFlow protocol and standard link layer discovery protocol (LLDP) in terms of the reduction of extra packets for topology discovery. The tree exploration discovery protocol (TEDP) leverages the topology graph mapping by using the probe packets that are responsible for signaling the SDN controller to a single forwarding device. As a result, the discovery mechanism is optimized in SDN compared to LLDP, which introduced load in IP networks [ 61 ].
  • Load Balancing Support in Future Networking: Research work comprises enabling the SDN infrastructure among the multiple NFV nodes and service function chaining aiming to reduce the delay of state migration of VNF. Concretely, the objectives are to cope with the limited resource capabilities of NFV nodes, meeting the desired QoS by infrastructure, and ensuring the least end-to-end delay for computational states migration by confining the OpenFlow-enabled devices’ capabilities in 5G core networks [ 62 ].
  • Fault Localization: In SDN, centralized management is used for localizing the failure and reconfiguration help to localize faults. It handles failures in a proactive fashion based on the prediction of service unavailability [ 63 ].
  • Programmable Reachability Optimization: SDN handles firewall problems in term of conflicting rules automatically. Similar research works offer improvements with the least computational overhead in reachability optimization and conflict debugging problems [ 64 ].
  • Support for Cellular 6G Network: Future networks such as 6G require SDN-enabled softwarization and management for remote and machine learning application decision-aware re-configurations in network resources [ 65 , 66 , 67 ].
  • Security-Aware Communication in Future Autonomous Networks: Softwarized policy implementation architecture can enhance the security among autonomous systems that have the least human interactions, and consequently, it can mitigate the security risk of inter-domain communication [ 68 , 69 ].

1.4. Organization

The rest of paper is organized as follows. Section 2 compares network testing and verification studies, which look at mechanisms for testing and debugging techniques. Section 3 includes flow rule installation mechanisms that comprise reactive, proactive, and hybrid flow rule installation mechanisms. In Section 4 , network security and management issues related to SDN implementation in different scenarios are discussed, along with solutions to the problems. Section 5 comprises memory management studies, which help to utilize precious TCAM resources in an efficient way. Section 6 includes emulators and simulators for SDN that help to implement, test, and simulate research problems. Section 7 comprises SDN programming languages, which facilitate programmers to develop network applications for effective communication. Section 8 consists of SDN controllers that provide a platform to control the data plane by installing flow rules via southbound APIs and network applications via northbound APIs. The categorization hierarchy is shown in Figure 3 . Section 9 discusses existing SDN studies. Finally, Section 10 includes the future research guidelines, and Section 11 concludes this paper.

An external file that holds a picture, illustration, etc.
Object name is sensors-22-05551-g003.jpg

SDN studies categorization hierarchy comprised of seven sections ( Section 2 , Section 3 , Section 4 , Section 5 , Section 6 , Section 7 and Section 8 ).

2. Network Testing and Verification

NDB [ 70 ] is a network debugging tool to debug SDN via breakpoints, watches, and packet backtraces. It works like GNU debugger (GDB) [ 71 ], which pauses execution at a breakpoint and shows the sequence of events that led to that breakpoint. Proxy and collector are its two major components. The proxy creates a postcard message received from the data plane and sends it to the control plane. On receiving this message, the collector saves postcards and produces backtrace for the listed data packets. Finally, by using the hash table data structure, the collector keeps the postcards from where these can be recovered effectively.

Veriflow [ 72 ] detects network-wide invariants in real time and generates alerts or blocks the occurrence of events. On generation of flow rules from the controller, these flow rules are sent to VeriFlow for checking the network-wide invariants. It generates a notification on detection of network-wide invariants for the network admin or the flow rules are blocked. Otherwise, the flow rules are sent to the data plane. It verifies the flow rules for network-wide invariants in the following three steps. First, the network is segmented in a collection of equivalence classes (ECs) by using network routing policies. Secondly, VeriFlow creates individual graphs for the specific equivalence class that denotes the respective network behavior. Thirdly, with the help of these graphs, the status of the network invariant is identified. It stores network information, for example, ACL policies, in trie data structures [ 73 ] and computes ECs in a systematic way. In addition, other research works [ 74 , 75 , 76 ] have also resolved issues of debugging and testing in traditional as well as SDN networks. These can detect network anomalies, ensure data plane consistency [ 77 , 78 ], and remove conflicts of different network applications to execute in a parallel manner [ 79 ].

In [ 80 ], the problem of flow rule installation from controller to switches is addressed. Due to this problem, the packets may deviate from their intended paths, which results in access control violations. The rule enforcement verification (REV) mechanism enables the controller to ensure the correct installation of flow rules along the correct path at the switches. It proposes a compressive message authentication code (MAC) to compress switch-to-controller communication traffic, which reduces a significant amount of bandwidth cost. Finally, it presents a heuristic flow selection algorithm, which allows the controller to verify many fewer flows for rule coverage. This results in avoiding adversity to the temper flow rule installation, thereby ensuring proper implementation of access control. NICE [ 81 ] detects network-wide invariants via model checking and symbolic execution. To detect network-wide invariants, NICE generates a stream of packets under various conditions to test SDN. In SDN, the details of topology, including switches and hosts, are available at the controller. After that, the space of possible system behavior and network-invariant conditions are tested. The required search strategy can also be configured by the programmer. NICE provides an output of instances of network invariants. Additionally, it provides traces of the inevitable consequence of property violations to reproduce them.

FPB [ 82 ] offers an efficient buffer management scheme at the data plane to avoid packet disorder and minimize the packet drop ratio by forwarding only the first packet of a flow to the controller while subsequent packets are buffered. HSA [ 83 ] is beneficial for system admins, as they can statistically examine their networks for invariants, for instance, network violations, black holes, loops, traffic isolations, and so on. HSA has the ability to check various hosts, network traffic, and the isolation of users. For example, it can provide details regarding questions such as “Can host A be prevented from talking to host B?” and so on. In this tool, a geometric approach is opted for as generalization for packet classification. PyResonance [ 84 ] utilizes the Pyretic language to implement state-based network policies. It uses Pyretic composition operators to express these policies and to compose multiple tasks by determining the state of their forwarding behavior with the help of a finite state machine. In this way, multiple independent states can be defined along with their forwarding behavior to handle the state change of multiple events.

PGA [ 85 ] provides automatic and conflict-free policies, for example, network policies, load balancing [ 86 ], and so on. It examines various network policies that are individually stated for any conflict. In different situations, network policies conflict with each other due to various perspectives. The graph composition is very helpful to express conflict-free network policies. As a next step, these policies are forwarded to a graph composer through a PGA user interface (UI). It resolves conflicts or gives some possible suggestions to the network admin in this regard. Finally, it generates error-free/conflict-free graphs. A service function chain-based approach to specify and verify ACL policies is presented in [ 87 ] to detect anomalies in ACL policies prior to deployment. In order to achieve the desired goal, the forwarding policies are formally represented, and a set of anomalies are detected against the set of flow rules for the respective policies. In addition, it also provides a provision for network administrators to specify their own anomalies. The results state that the proposed approach can verify anomalies of a reasonably sized network in milliseconds. Moreover, the research works in [ 75 , 76 ] are useful to troubleshoot, debug, and detect anomalies in communication networks.

Summary and Lessons Learned

The summary of network testing and verification studies are presented in Table 1 , and the following conclusions are drawn based on these studies. NDB [ 70 ] helps to debug SDN networks via breakpoints and packet backtraces. These primitives help in locating the order of events that led to error conditions. Though NDB can identify error conditions, it does not fix the error conditions. VeriFlow [ 72 ] checks network invariants in real time and generates an alarm or blocks these events from occurring. It checks network invariants in real time. However, it does not work in multi-controller architecture, and its verification process does not support delay-sensitive applications in which flow rule installation is continuously in flux, which is most likely desired for the least delay in forwarding devices. NICE [ 81 ] uses model checking and symbolic execution to detect bugs and invariant conditions in SDN applications. However, it is unable to test a controller implemented in the same language. FPB [ 82 ] provides an efficient buffer management mechanism at the switch level to avoid per-flow packet disorder, which helps to minimize the packet drop ratio. HSA [ 83 ] facilitates network administrators to statistically analyze their networks for network-wide invariants. However, it only works for static networks and lacks the ability to detect network policy change with dynamic change in ACL policies.

Summary of network testing and verification studies.

PyResonance [ 84 ] utilizes the composition operator of the Pyretic language to implement state-based network policies to predict a possible network’s forwarding behaviour. PGA [ 85 ] provides automatic and conflict-free policies by examining various network policies that are individually stated for any conflict. In PGA, the focus is on implementation of various policies in such a way that conflict does not occur. The research works [ 75 , 76 ] debug traditional as well as SDN environments to detect network anomalies, ensure consistency of the data forwarding plane [ 77 , 78 ], and allow several applications to run in parallel in a non-conflicting way [ 79 ]. However, all these mechanisms lack the ability to detect network policy change and delete conflicting flow rules along with installation of new flow rules as per new network policies to avoid packet violations. There is still a need to develop tools that can detect bugs in real time, along with the mechanisms to correct those bugs. This will help to avoid network inconsistencies, which will result in increasing network efficiency and QoS.

3. Flow Rule Installation Mechanisms

ORPP [ 88 , 89 ] provides two flow rule placement frameworks: OFFICER and aOFFICER. It helps to define and install flow rules at the data plane by following all technical and non-technical requirements. The first framework, called OFFICER, helps to define and install flow rules for the set of known requirements at a specific time internal. The second framework, aOFFICER, helps to compute and install flow rules for unknown sets of requirements, which vary over a specific time interval. Both these frameworks are quite useful and effective to place flow rules at the data plane. vCRIB [ 90 ] provides a mechanism that proposes an abstraction for specifying and managing flow rules for network operators at data center networks. In addition, in order to achieve better performance and resolve scalability issues, it helps to partition and install flow rules at hypervisors and switches. DevoFlow [ 17 ] presents a model to modify the OpenFlow model that permits network operators to focus on flow rules, which are essential for network management, by breaking the coupling between network control and global visibility. This mechanism helps to reduce internal communication between the control and data planes. Firstly, it minimizes the need to transfer statistics for tedious flows. Secondly, it minimizes the need to invoke the control plane for most flow setups. This helps to maintain a certain level of visibility by minimizing communication overhead between the control and data planes. However, the prototype is not simulated on actual packets.

Infinite CacheFlow [ 91 ] proposes a hybrid switch design that depends on flow rule caching to increase the flow rule tables space of switches at quite a low cost. However, it may result in more packet violations for flow rules that are stored at the data plane if corresponding ACL policies change at the controller. SwitchReduce [ 92 ] proposes a technique with the assumption that the number of flow match rules at any switch should not exceed the set of unique processing actions to decrease the switch state and controller involvement in SDN. The proposed approach can reduce flow entries up to 49% on first hop switches, and up to 99.9% on interior switches. In addition to that, flow counters are also reduced by 75% on average. It shows some failures due to topology changes. However, analysis of packet violations in case of change in policy is not performed on larger data centers. In [ 93 ], a cache algorithm strategy to store flow rules at switches called “least recently used" (LRU) is proposed, which reduces communication overhead between the control and data planes. This technique helps to avoid the cache-miss problem by keeping recently used flow entries in the switch flow table, which increases the flow entry matching ratio. This approach also ignores the case when network flow rules change for the flow entries present at the data plane.

In [ 94 ], a flow rule multiplexing approach is proposed that optimizes both the flow rule allocation as well as the traffic engineering. It works by installing identical set of flow rules at different calculated paths for a whole session instead of installing at each switch. It is tested via the ITALYNET network topology, and results reveal that the proposed mechanism saves TCAM resources and guarantees high QoS satisfaction. DomainFlow [ 95 ] presents a flow level control and granularity-based mechanism in ethernet switches by using the OpenFlow protocol. This research utilizes exact matching and network slicing to enable practical flow management. It only supports a limited number of flows with commodity switches and cannot be implemented with a large number of flows. SourceFlow [ 96 ] presents a mechanism that can handle many flows without affecting flow granularity, in addition to minimizing the problem of costly and power-consuming search engine devices from the core nodes. Moreover, it facilitates growing networks without compromising scalability. In [ 97 ], an SDN-based proactive flow rules installation mechanism is proposed for efficient communication in the Internet of things (IoT). It resolves the problem of flow installation delay as well as congestion due to packet-in messages, which save energy and other potential resources of network nodes.

In SDN, flow rules are installed at the data plane based on exact matching [ 98 ] or wildcard-based matching [ 99 ]. The wildcard-based matching improves the reusability of flow rules and reduces packet-in messages. It improves scalability at both the data and control planes. However, in the case of exact matching, almost every flow passing the switch will generate a packet-in message to the controller, which exhausts precious resources. To resolve this problem, some researchers suggest using a load-balancing mechanism by installing proactive flow rules on multiple switches [ 100 ] or reactive caching flow rules in each switch. In [ 101 ], an SDN-based wildcard rule caching mechanism, namely caching in buckets (CAB), is proposed by partitioning the field space into buckets and caching those buckets along with respective flow rules for efficient flow rules placement. This mechanism resolves the flow rule dependency problem with much less overhead, along with reducing flow setup time and saving network bandwidth and flow setup requests. In SDN, most of the operations are performed at the central controller, such as network topology management, flow rules installation, load balancing, and so on. These tasks sometimes overburden the controller, which becomes unavailable for some required operations. DIFANE [ 102 ] is a solution to this problem in which most of the functionality is placed on the network switches. For this purpose, the controller delegates the flow rules to some of the network switches that are called authority switches. These switches give the flow rules to the other switches for a specific path. In this way, entire-network communication becomes possible.

Mobi-Flow [ 103 ] presents a system architecture for the movement of mobile nodes in SDN by using two components: path estimator and flow manager. The path estimator helps to find the possible positions of end users in the network based on the location history of the node. For this purpose, we keep track of the previous positions of the nodes in the network in the database. By using the order-k Markov prediction method, the next possible position of end users is predicted. If we have possible location information of the end user, then the flow manager determines the set of access points in the path for communication between source to destination. In [ 104 ], a novel technique is proposed to install flow rules at the SDN data plane before reaching packets at network devices. In SDN, it sometimes happens that subsequent data packets arrive at the switches where flow rules are not found, causing the discarding of packets. To solve this issue, a new technique is proposed that computes packet arrival delay and flow rule installation time. After this computation, if there is a delay between flow rule installation and packet arrival, then some delay is introduced to the packet at the predecessor switch.

In the current research work, in order to improve the flexibility and scalability of the entire network, a novel mechanism is proposed in which network policies are deployed on the network devices in a wildcard format. Only the most important policies are cached in the flow table, while unnecessary policies are removed as soon as possible. By using this mechanism, the risk of flow table overflow is reduced, and it also simplifies the network policy enforcement. The wildcard used in this technique requires a standard way of being adopted in the entire network. To cope with this problem, a network-wide wildcard rule engine is introduced for SDN that is known as BigMac [ 105 ]. BigMac works by advertising a layered model to publish the higher-level network policies. The policy model consists of a big switch abstraction and a logical network plane that specifies the different forwarding and management policies. When a new flow needs to be installed, the policy caching and mapping engine of BigMac is accessed to install flow rules on the entire path. Similarly, when scheduled traffic needs to be forwarded, BigMac deploys the requested flow rules on the entire path. The research works in [ 106 , 107 ] proposed mechanisms to effectively install flow rules at the data plane in case of policy change without packet violations due to old installed flow rules as per old policies. To implement these mechanisms, the generated flow rules as per policies are cached at the controller. In case of policy change, the proposed mechanisms detect this change and compute the shortest path to install the computed flow rules, in addition to deleting the old flow rules. ROCA [ 108 ] proposes a novel mechanism to detect and resolve network conflicts along with policy overlapping for effective communication in SDN. The proposed approaches help to resolve network policy conflicts and efficiently install flow rules at the data plane.

The summary of flow installation mechanisms is presented in Table 2 , and we draw the following conclusions based on these studies. ORPP [ 88 , 89 ] resolves the problem of the placement of flow rules by using two frameworks: OFFICER and aOFFICER. Both frameworks provide efficient mechanisms to install flow rules. vCRIB [ 90 ] provides abstraction to define and manage flow rules for data center operators by portioning and placing flow rules on switches and hypervisors. DevoFlow [ 17 ] helps to amend the OpenFlow protocol by allowing network operators to focus on only selected flows for network management to reduce overhead between the control and data planes. Infinite CacheFlow [ 91 ] solves the issue of the limitation of flow rules at switches due to the limited TCAM resources by proposing a hybrid switch design (hardware and software). SwitchReduce [ 92 ] minimizes the switch state and controller involvement in SDN. The mechanism in [ 93 ] reduces the communication overhead between controller and switches by storing flow rules at the data plane. In [ 94 ], a flow-rule-based multiplexing approach is proposed, which optimizes both the flow rule allocation as well as the traffic engineering. DomainFlow [ 66 ] presents a flow-level control- and granularity-based mechanism in ethernet switches by using the OpenFlow protocol. SourceFlow [ 96 ] presents a mechanism that can handle many flows without affecting the flow granularity, in addition to minimizing the problem of costly and power-consuming search engine devices from the core nodes.

Summary of flow rules installation mechanisms.

In [ 97 ], a proactive flow rules installation approach is proposed for efficient communication in the Internet of things (IoT), which resolves the problem of flow installation delay and congestion due to packet-in messages. DIFANE [ 102 ] proposes a mechanism of relaxing the control plane by sharing control plane tasks with network switches. For this purpose, the controller delegates the flow rules to some of the network switches that are called authority switches. These switches give the flow rules to the other switches for a specific path. In this way, entire-network communication becomes possible. All these mechanisms help in installing efficient flow rules at the data plane, better utilizing precious TCAM resources, reducing communication overhead between control and management planes, and minimizing the communication load on the controller. These approaches help to install and manage flow rules at the data plane, reducing the load on the controller and effectively utilizing TCAM resources in SDN. There is still a need to investigate flow rule installations by utilizing proactive, reactive, and hybrid mechanisms in the case of ACL policy change to avoid maximum packet violations.

4. Network Security and Management

In this section, we discuss network security and management strategies in SDN. In [ 110 ], a token-based authentication mechanism is proposed that guarantees exclusive access of network resources to a certain flow for which the user/app has made the reservation. The proposed SDN-based system automatically reserves the resources of the users/apps for certain flows and creates a strong binding between them. Moreover, it resolves the reservation problem of dedicated access to specific resources in distributed environments and high-speed networks. In [ 111 ], the problem of network verification of middleboxes (for example, caches and firewalls) is proposed by checking all possibilities to verify the network reachability properties as per ACL policies. It works by slicing complex networks into small networks according to the correctness properties of network-wide verifications. In [ 112 ], a troubleshooting workflow is presented that is comprised of two phases. In the first phase, a binary search through the control stack is conducted to check for the occurrence of mistranslation. In the second phase, the scope of those elements that are responsible for the invariant violation is reduced. In this way, it makes it easy to identify the root causes of bugs, which helps network admins to troubleshoot their networks in an effective manner.

In [ 113 ], a priority-based flow rules security problem is highlighted, and a solution to the identified problem is presented. The problem is that the low-priority malicious flow rules can manipulate the whole OpenFlow network by making the high-priority flow rules fail. This, in turn, affects the whole data communication process. To solve the identified problem, the authors proposed a solution that is called switch-based rules verification (SRV). It works by leveraging the SDN controller to obtain the overall network view of the whole topology and detect the malicious flow rules. On detection of a malicious flow rule, the SRV module forwards warning messages and refuses the identified flow rule instantly. This solution helps to detect a large number of flow rules in an efficient way. In [ 114 ], a framework comprised of actor-based modeling is presented for network verification in SDN. In this framework, the network behaviors are predicted on the basis of the network application’s behaviors and existing model’s correctness properties. The actors in this model are the basic unit of computation, which contain their own memory and have a communication mechanism using asynchronous messages.

In [ 115 ], a formal-model-based reverse update mechanism is presented that ensures the maintenance of flow rules characteristics during the transition time in such a way that in-transit packets are processed at the next hops by the same or the latest ACL policy. In addition, it provides a per-packet consistency relaxation concept in the data plane and offers a consistent and efficient policy update technique. This model is compared with two phase update schemes [ 78 ], and the results suggest that the proposed model provides much better performance by minimizing overheads while maintaining consistency in flow tables and reducing complexity with the help of wildcard for the composition of flow rules. In communication networks, attackers often attack networks via bandwidth and system/application resource utilization, which leads to the popular denial of service (DoS) attack. How to detect such kinds of attacks is a very interesting research topic in networking. In SDN, deep learning algorithms are implemented according to the information received from the controller to model the attack behaviors. In [ 116 ], a distributed DOS (DDOS) attack model is created in Mininet Emulator and Floodlight SDN controller by combining the support vector machine (SVM) classification algorithms. This model detects DDOS attacks with an accuracy rate of 95.24% on a limited number of flow rules. In [ 117 ], a network management approach called “Smart-Net System” is proposed in which each data plane device keeps a flow rule in its flow table. If a packet reaches the data plane for the flow rule that exists in the flow table, then it is forwarded to the controller. The controller verifies the behavior of that packet and takes preventive measures to avoid attacks. In [ 118 ], a software-defined security (SDS) architecture is presented that is open and universal. It offers an open interface for security services, devices, and management, which is quite helpful for network security vendors to implement network security products and solutions. In this research work, various attack types to which networks can be vulnerable are analyzed, which is helpful for disabling such attacks by modifying the security configuration mechanism at the server.

The trend of increasingly massive IoTs and continuous streaming traffic is driving the demand for increasing computations. Cloud–fog hybrid systems support delay-intensive applications in a distributed computing manner. On the other hand, SDN supports various network infrastructures and inter-controller communication models (flat, horizontal, vertical, hybrid, or T-model) for distributed network management [ 119 ]. In addition, the vulnerability and consistency challenge in distributed architecture is more likely to be seen, in contrast to central control. Currently, to support the applications in 5G networks and beyond, the SDN distributed frameworks need to be more sophisticated [ 120 ]. Rahman et al. [ 121 ] proposed SmartBlock-SDN for efficient resource management and security assurance in blockchain-enabled IoT networks. The proposed framework addresses the challenge of distributed control security and energy-efficient cluster head selection in controllers. SmartBlock-SDN is mapped for a layered approach (IoT, edge, cloud), and cloud-enabled blockchain is considered to cope with the various common network vulnerabilities. Distributed homogeneous controllers and enforced network policies are recorded using immutable blockchains. This stored policy configuration can be accessed using the REST API for various operations in line with network security and resource management. To address flooding attacks, BSDNFilter and blockchain-enabled SDN is proposed in [ 122 ]. This work reduces the data packet violations in the SDN network. By employing trust-based filtration, the proposed works outperform a realistic industrial network against network security attacks. In [ 123 ], a BMC-SDN architecture is proposed to confine the SDN and blockchain in a network, where control is distributed for failure tolerance and redundant control resources. The proposed work employed blockchain for redundant controllers in various segregated domains. East/west (inter-controller) communication and network operations are recorded using blockchains.

The resource management shortcoming of distributed computational resources (such as NFV, data centers, fog nodes at edges in fog computing) is that energy, storage, and computational resources are limited. With the increase of massive IoT, the 5G and beyond networks will employ more constraints in their resources. 5G mainly has three service use cases: ultra-reliable and low-latency (URLLC), massive machine type computing (mMTC), and enhanced mobile broadband (eMMB). In addition, 6G is a revolutionary initiative in the history of the wireless network, which promises to support a wide geographical region with ultra-high data rates, massive enabled IoTs, connected drones, virtual reality, and network autonomy (by leveraging the machine learning components in the pipeline) [ 124 ]. SDN softwarization, southbound interface, east/west interface and on-the-fly management aspects can support the 5G and 6G networks to support a wide area of applications and massive IoTs across the globe. The aspect of resource-limited nodes of edge networks requires efficient resource provisioning in the network for QoS. Phan et al. [ 125 ] proposed a dynamic job-offloading mechanism among resource constraints for fog nodes. To enable intelligent offloading for appropriate fog nodes, the SDN controller is utilized, which can support the offloaded task at a minimum cost. The controller can dynamically investigate the resource capabilities, link congestion, and network statistical log files. Using computational offloading among fog nodes decreases the end-to-end latency, traffic detouring to oblivious links, and fog computational resources. In [ 126 ], a software-defined network function virtualization (SDNFV) network is presented, in which stateful firewall services are deployed as VNFs to increase network performance, security, and scalability. It utilizes machine learning algorithms to identify potentially malicious linkages and probable attack targets.

To handle a TCP SYN attack, FUPE is proposed in [ 127 ], which handles DDOS attacks in a distributed environment. It integrates SDN into its architecture for security objectives. FUPE implements the security-aware task scheduling at the fog gateway. FUPE amalgamates the multi-objective particle swarm optimization algorithm and fuzzy logic for security enhancement. An SDN central resource management unit helps the FUPE with instantaneous decisions in IoT–fog networks. To maintain the security status, FUPE assigns a trusted user’s application tasks to a trustworthy fog computational device in its scheduler architecture. The authors in [ 128 ] exploited the SDN and blockchain’s efficiency for network security. Blockchain helps to identify informational alteration at any stage when completed transactions or information are preserved in the form of linked blocks. This study proposes a modified blockchain leveraged with the SDN controller. The SDN controller helps to register the devices in each domain, and the registration information cannot be changed. The SDN controller maintains the public blocks for the registration of devices, while the architecture maintains a private blockchain mechanism at the device level of communication. Each controller is assisted with a blockchain and storage to keep a record of distributed ledgers. Therefore, public and private key-based domain identification of devices supports inter-domain mobility, security, and energy-consumption-aware communication in cyber-physical systems (CPS). The architecture proposed in [ 129 ] represents a similar architecture for blockchain-enabled security and energy consumption reduction.

A comprehensive study of SDN-enabled security is conducted in [ 130 ]. According to this research, it is hard to tackle cyber-attacks using traditional security mechanisms. The traditional network equipment and network functions cannot support an efficient defense against the attacks because of the network function’s rigidity. The SDN controller supports programmable cyber defense applications in various centralized and decentralized networks. SDN employs detection, localization, proactive, and reactive mitigation against cyber-attacks. SDN controllers can gauge the congestion, port, flow rule entry, and attached end-user device behavior. To ensure security, softwarized control functions of different domains can collaborate and defend against cyber-attacks. DHCPguard [ 131 ] exploits DHCP attacks in networks and provides a mechanism to defend against such attacks. It handles the attacks by utilizing the SDN controller—specifically, a security module on top of the POX controller, which is designed for mitigation of DHCP starvation attacks. It also facilitates IP pool recovery, DHCP server availability, snooping, and rate-limiting. The traditional DHCP mechanism lacks a security mechanism (i.e., discovery flooding message of the DHCP client program). Compared to the traditional network forwarding devices, SDN architecture can decide the DHCP client application messages at the central controller and block the suspected or malicious nodes at forwarding devices.

In [ 132 ], security assurance is guaranteed through protocol dialects extension. The protocol dialect carries the objectives to provide robustness against downgrade attacks and specializes the network protocol in the context of network security. The OpenFlow protocol dialects have derivatives of MAC-based authentication and complete production packet security without message modifications. In [ 133 ], the optimal packet forwarding decisions in fog computing or the optical network need to be reconsidered periodically for efficient network management. Trust and security parameters in fog computing need to be reconsidered in future networks. A malicious fog node can have forged links with other fog nodes and suspicious activities in production packets. It is possible that this sort of node can lock the resources of connected services or alter the topology view at the central SDN controller. Therefore, the resultant computation and energy consumption ratio of fog computing infrastructure also increases. Similarly, in [ 134 ], the authors revealed that the current SDN standardization, especially in the form of OpenFlow, needs to be upgraded for flawless integration in fog resources. Fog computing represents a geographical distribution of resources and host applications, which makes the network more vulnerable. To tackle this vulnerability of the fog paradigm, the distributed architecture of the SDN needs to be more defensive.

In [ 135 ], vehicular ad hoc networks’ (VANETs) integration with SDN is analyzed. This integration supports efficient resource management for the computational offloading of moving vehicles. Likewise, this is an edge for the various network security issues. VANETs must confront such attacks, such as man-in-the-middle, DDOS, and jamming. If the SDN layer is vulnerable, then the SDN-enabled VANETs are more complex and have poorer defense mechanisms. Moving vehicle applications always trust the nearest roadside unit for computational offloading. In the case of information fabrication or privacy leaks, end-user trust declines for the infrastructure. If the central single control functions are under various attack conditions, then the SDN forwarding devices in VANETs cannot defend and classify the malicious activities or malicious hosts [ 136 ]. In IoT-enabled healthcare infrastructures, device authentication is important. The traditional network devices are deficient for authenticating or bootstrapping the fresh connected end devices securely. In [ 137 ], the objectives of SDN-supported authentication, routing from the end device to edge server, and inter-edge servers’ communication (routing for the load balance) is analyzed. The proposed framework has an IoT device authentication method that is supported by the probabilistic k-nearest neighbor. The framework uses the probabilistic k-nearest neighbor to evaluate the validity of end IoT devices residing in the healthcare systems. Using p-KNN, an edge server investigates the legitimacy of healthcare IoT devices, and SDN performs efficient collaboration among the edge servers that are close to the computation resources.

To localize the DDOS, a convolution neural network (CNN) is used in [ 138 ]. The study claims that the CNN can perform better for DDOS detection compared to logistic regression, multi-layered perceptron, and dense multi-layered perceptron. Furthermore, this work uses game theory to drop malicious activities. As a result, it saves the central SDN controller deployed in any ISP from the IoT devices that are intended for DDOS. If the IoT devices are impairing the central controller, then it increases the vulnerability degree of the SDN-managed ISP. This proposed approach in [ 139 ] deals with the SDN security issues to overcome DDOS in a controller and communication switch. It integrates the online learning method to limit the packet-in rate, while tending to the controller queue and switch space capacity. Traditionally, there are straight forwarding approaches to limit the packets rate, but these cannot be trustworthy for bandwidth-sensitive applications in a real network. The proposed parallel online deep learning (PODL) algorithm envisions the two important aspects and adjusts the weight for queuing the controller packets (packet-in) and flow rule installation capacity in a forwarding device.

In [ 140 ], SDN-based load-balanced opportunistic routing is proposed for duty-cycled WSNs. In this study, the controller computes and controls the candidates. It prioritizes the candidates by considering the average of three distributions, that is, transmission distance, expected number of hops, and residual energy. It helps to guide the network in such a way that more traffic can flow through the nodes with higher priority. The results show that the proposed approach improves network lifetime, routing efficiency, energy consumption, sender waiting time, and duplicate packets compared with existing approaches. The study in [ 141 ] explores the prospects of offloading the 3GPP radio access network (RAN) traffic through WiFi access networks with the help of wireless mesh networks (WMNs). This study reveals an IP wireless mesh network using an SDN-based NFV controller to control and manage the network from the central controller, which results in configuring network devices and services deployment in a fast and effective manner. The study in [ 142 ] offers an edge-cloud framework for electric vehicles (EVs). It presents an intelligent network for collaboration between cloud and edge devices to make intelligent decisions regarding charging and discharging of EVs and anticipated demand–supply balance. The proposed solution based on opportunistic SDN (Opp-SDN) exploits the use of EVs in two ways: as energy reservoirs for instantaneous DRM and as forwarding nodes in Opp-SDN.

The summary of network security and management studies is presented in Table 3 . In [ 110 ], a token-based authorization mechanism is presented that guarantees exclusive access of network resources to a certain flow for which the user/app has made the reservation. This scheme provides an effective mechanism to ensure exclusive access for network resources. However, resource scheduling and path calculation for flows and the QoS parameter are not considered, which may affect network resource utilization. In [ 111 ], network verification is performed, which consists of middleboxes whose forwarding behavior depends on previously observed traffic. It provides a network verification tool that can verify the networks that comprise middle boxes. However, it lacks the ability to verify middlebox code. The research work in [ 112 ] helps network administrators so that they can troubleshoot bugs, including root causes of bugs, in their networks to verify that networks are operating correctly. However, it does not suggest integrating the program semantics into network troubleshooting tools or knowledge into network control programs. The research in [ 115 ] helps to update and manage network policies in an effective manner. However, it does not investigate the effects of network policy change by analyzing packet violations. The research works in [ 113 , 116 ] detect security issues in the network and warn the network admin to deal with those identified issues. However, the above presented approaches do not deal with the problem when the access rights (network policies) are changed. In addition, these also do not consider the flow rules already installed at the data plane as per old polices. Another SDN approach discussed above is to enable blockchain in the network and record the operations of the network to enhance the network’s security. In particular, in the case of distributed SDN infrastructure(i.e., multiple controllers in cloud-fog infrastructure), blockchain can enhance the network’s efficiency against common vulnerabilities.

Summary of network security and management.

The current standardization of the SDN architecture is lacking in terms of security. In particular, ever-increasing delay-aware applications demand vendor lock-in and agnostic security models from various geographical locations in a network. SDN-integrated security can help in centralized and distributed network infrastructure. Although various algorithms are available to make the network secure, mature algorithms are still needed in distributed SDN controller placement. The distributed controller placement makes the SDN-enabled infrastructure more scalable and inclined to the objectives of distributed and fog computing. Security assurance using multiple controller placements in an SDN network requires new solutions for hierarchical, horizontal, and hybrid (T-model) controller synchronization. Similarly, to tackle the various types of attacks in a network, control application autonomy is highly appreciated in ultra-reliable low-latency communication (URLLC). Blockchain technology supports the control layer of the SDN in determining the transactional behavior; however, it can cause end-to-end latency. While machine learning and artificial intelligence can help handle SDN security autonomously and efficiently in 5G and beyond networks, the machine-learning-supported control SDN layer makes the network more reliable. We know that reliability encompasses various performance parameters (i.e., security, failure resiliency, multiple controller placement), but the current era’s main concern is security. With the emergence of fog computing, fog nodes are more vulnerable due to limited resources. On the other hand, it is hard to replicate the control layer applications in fog nodes in a similar context to the cloud. Moreover, local and global (i.e., distributed) network security policies need to be synchronized semantically, which can help to block malicious intentions close to the source network elements. Currently, SDN is lacking in this aspect because the network typologies are in flux in terms of making the SDN-integrated networks more scalable.

5. Memory Management Studies

In SDN, flow tables of OpenFlow-enabled switches include controlling functionalities for communication to the SDN controller in addition to flow rule entries for communication in the network. Recent research works revealed that flow rules in data center networks are from 10,000 to 40,000 per second per server rack. In SDN switches, the forwarding table memory is much less than in traditional routers. Most SDN switches have limited on-chip TCAM memory, in which 750 to 2000 flow rules can be stored [ 144 ]. These switches utilize a state-of-the-art Broadcom chipset switch that can accommodate 2000 flow rules [ 145 ]. This has become big barrier for network management as well as industrialization. The reason behind this fact is that flow tables of these switches are implemented in TCAM due to its better lookup time compared to software-based packet matching. However, TCAMs suffer from large power consumption [ 146 ] and expensiveness compared to other memory, for example, static random access memory (SRAM) [ 147 ]. The idea is to reduce flow rule entries in the switch flow table by maintaining performance. One approach is to efficiently utilize the forwarding information base (FIB) by compression mechanisms to reduce TCAM requirements. It proposes the ESPRESSO heuristic [ 148 ] to minimize the logic to compress prefix-based match fields, which are generated by the optimal routing table constructor (ORTC) algorithm. The simulation results show that FIB size is reduced by 17%, which helps to save TCAMs [ 149 ].

Another approach in [ 150 ] solves the problem by a flow table reduction scheme (FTRS) by reducing flow table congestion, which helps to reduce flow table size. The simulation results suggest that FTRS reduces flow rules in the flow tables by 98% without compromising network performance and efficiency. In [ 151 ], a proactive eviction of flow rule entries is proposed for the efficient utilization of TCAM resources inside OpenFlow-enabled switches. It is based on an intelligent flow management strategy in the SDN controller that combines adaptive idle timeout values for flow rule entries with proactive eviction mechanism on the current TCAM utilization level. In case of non-matching of packets for a defined idle time period, the respective flow rule is removed from the switch flow table. This idle time period is set by the SDN controller before flow rule installation at the data plane. The experimental results show that the proposed scheme, SmartTime, provides 58% better results in terms of cost as compared to static timeout values or random eviction techniques. The authors in [ 152 ] investigate the effect of flow rule timeout value based on miss rate performance and flow table occupancy of switches. They observe that with an increase in timeout value, miss rate decreases; however, flow table size increases roughly linearly. They also observe that there is an ideal timeout value, where the miss rate is ideal and the flow table size is also optimal, and with an increase in that particular timeout value, the flow table size increases in addition to its effect on the miss rate. In this research work, a hybrid flow table management mechanism is proposed that combines timeout value with explicit control plane eviction messages. The proposed scheme is able to reduce the flow table size by a lower bound of 57% without affecting the miss rate. However, in the case of TCP-based applications, the flow table size decreases by around 42%.

In addition, this research work analyses the performance of various flow table eviction techniques and finds that the LRU strategy outperforms all others. However, it cannot be implemented in current SDN switches. Moreover, the first-in first-out (FIFO) strategy does not provide better results than LRU, but it is still better than random replacement strategies by 0.1%. The research work in [ 153 ] addresses the problem of flow rule placement in firewalls on the basis of ACLs. It aims to reduce the number of flow rules in flow tables of switches by considering conflicts as well as redundancies along with the relationships between neighboring devices. There are two key challenges to implementing it. The first challenge is to check whether a flow rule that is going to be placed in a device is part of a specific rule set or not. The second one is to check whether the flow rule can be merged with the other flow rules or not. This research resolves these challenges by proposing a novel data structure called OPTree to check whether the flow rule belongs to another and whether it can be merged or not. In addition, it proposes flow rule insertion and search algorithms to resolve the identified problem. The results indicate that the proposed approach considerably reduces number of flow rules.

In [ 154 ], a mechanism to provide per-flow statistics to the SDN controller is proposed that enhances network performance. The proposed mechanism comprises three phases. In the first phase, a max-flow/min-cost, which is an optimization problem, is formulated to find the optimal forwarding paths. In the second phase, forwarding flow rules for the identified optimal paths are computed via formulating an integer linear problem (ILP) in order to minimize exact-match flow rules in the flow tables of switches to reduce rule-space utilization and to accommodate more flow rules. This is achieved with the help of two greedy heuristic approaches to solve the problem in polynomial time. In the third phase, a flow rule redistribution mechanism is proposed by detecting flow rule congestion at the switches so that new flows can be accommodated in the network. The results of the proposed mechanism are compared with existing mechanisms, such as ReWiFlow [ 155 ] and ExactMatch, and show clear improvement in network performance. The research work in [ 156 ] proposes a flow rule placement mechanism called “hybrid flow table architecture” that utilizes the advantages of hardware and software flow table implementations. The proposed mechanism handles the decision logic of the placement of flow rules by dynamically placing flow rules in software-based flow tables instead of expensive TCAM modules of switches, without degrading network performance with respect to packet delay or packet loss. Packet classification is very important in networking to perform different tasks (e.g., routing, load-balancing, policy enforcement, etc.).

The research work in [ 157 ] proposes a packet classification approach to create packet classifiers based on lossy compression whose representations are semantically equivalent. It helps to find a classifier of optimal size to categorize the network traffic so that appropriately sized TCAM switches can be used for the communication. In [ 158 ], fundamental analytical tools are presented that are based on independent sets and alternate paths for better utilizing the TCAMs switches. Moreover, it is useful to validate the optimality of existing coding schemes. In [ 159 ], a compression technique is proposed based on random access for forwarding tables. In this mechanism, each forwarding table column is encoded separately via dedicated variable-length binary prefix encoding. The system evaluation reflects that it provides much better results in the compression of forwarding tables compared to existing techniques. In [ 160 ], a TCAM update optimization mechanism is presented that ensures consistent packet forwarding. This mechanism is based on a modified-entry-first write-back scheme that considerably decreases TCAM entries’ movement overhead and detects reordering cases with the help of efficient solutions.

The summary of memory management studies is presented in Table 4 , which describes the efficient utilization of TCAM resources of switches. In [ 148 ], an ESPRESSO heuristic approach is proposed, which is based on the optimal routing table constructor (ORTC) algorithm to optimize routing table size for better utilization of TCAMs. This mechanism is quite effective in traditional networking; however, it needs to be tested in an SDN environment. The research in [ 151 ] presents a flow management strategy in an SDN controller that offers a proactive eviction mechanism in TCAMs by preventing table misses at an optimum level. This work is based on idle timeout values for flow rules and does not consider other parameters, such as initial idle timeout, max idle timeout, or rate of timeout increase, which are quite helpful in flow rule management. In [ 152 ], a hybrid flow table management scheme is presented that combines timeout value with explicit control plane eviction messages by considering both the miss rate and flow table size. This strategy is implemented by using same timeout values for all flow rules, and dynamic timeout values are not considered, although they impact real-time networks.

Summary of memory management studies.

OPTree [ 153 ] and FlowStat [ 154 ] represent two flow rule placement strategies to reduce the number of flow rules in the flow tables of switches by considering the relationships between network devices. In addition, the flow rules are installed on optimal paths to avoid network congestion. These approaches lack an investigation into the network topology and policy change to install flow rules. In [ 157 , 159 ], flow rule compression mechanisms are proposed for efficient memory management of switches by classifying the network traffic to accommodate more flow rules. However, these approaches do not consider flow rules compression based on a limited-size longest prefix match classifier, which can correctly classify a high portion of traffic. In addition, managing massive flows in limited-size switch flow tables remains a challenge. Moreover, proactive flow rule installation in delay-sensitive applications and non-delay applications or best-effort traffic should benefit from reactive flow rule installation. It is yet another interesting research area to explore and propose a scheme considering traffic variability.

6. SDN Simulators and Emulators

To analyze the network performance, instead of implementing a large experimental testbed, there are two commonly used methods; these are called simulation and emulation. The simulation method provides an application environment where we can test our implemented software program without real deployment. The emulation method utilizes a software program to perform executions with real devices by interacting with them as when required. To analyze network performance by simulation is inexpensive, flexible, controllable, and scalable compared to an emulator. In addition, the simulators allow researchers to analyze and test network behaviors as per defined workload. In SDN, with the development of OpenFlow protocol, the simulation tools have extended support to additional network components for the testing and experimentation of OpenFlow-based network applications. Moreover, network emulators based on software switches have also been developed to test and analyze network applications, for example, Open vSwitch (OvS) [ 161 ], ofsoftswitch13 [ 162 ], Indigo Virtual Switch (IVS) [ 163 ], and so on.

The Mininet SDN emulator [ 164 ] offers a rapid prototyping workflow and virtualization functionalities along with command line interface (CLI) and API on one physical machine that allows network developers to configure, manage, and test their networks. It helps to create a network topology for a network scenario that consists of virtual hosts, switches, links, and controller platforms. It supports research and development, learning, prototyping, testing, debugging, and any other task related to network experimentation on a computer. In the basic implementation of Mininet, the performance fidelity is not included. In Mininet-HiFi [ 165 ], these improvements are implemented. It also has a cluster edition prototype [ 166 ], and other releases include Maxinet [ 167 ] and Mininet-CE [ 168 ], which fixes the limitations of large-scale implementation of SDN emulations. Finally, two experimental frameworks for SDN data centers are also developed; these are datacenter in a box [ 169 ] and SDDC [ 170 ]. The distributed OF testbed (DOT) [ 171 ] is a highly scalable emulator that provides an emulated network across a cluster of computers that guarantees computation and network resources to switches, hosts, and links.

The OFNET [ 172 ] emulator provides built-in functionalities to test and debug, and traffic generation and monitoring tools, which help researchers in the debugging process. The virtual network overlay (ViNO) [ 173 ] network emulation tool provides functionalities that help to create arbitrary network typologies via Open vSwitches and virtual machines. The overlay interconnection between virtual machines (VMs) is provided by VXLAN encapsulation [ 174 ]. EstiNet [ 175 ] provides the benefits of both simulation and emulation tools by offering each host a real Linux OS environment, and any real application program can run on a simulated host without any modification. FS-SDN [ 176 ] is a simulator that is based on the FS [ 177 ] simulation platform and is built in Python language. OMNeT++ [ 178 , 179 ] is a network simulator that is developed in the C++ language for network modeling, multiprocessors, and different distributed or parallel systems. It utilizes the INET framework [ 180 ] for the simulations in the SDN environment by integrating OpenFlow components, basic switch functions, basic controllers, and OpenFlow messages. The NS-3 network simulator [ 181 ] is implemented in C++ and can use OpenFlow switches. In addition, it also offers the use of external modules to extend NS-3, such as OFSwitch13 [ 182 ], which helps for OpenFlow 1.3 compatibility.

The summary of network simulators and emulators is presented in Table 5 . It provides a comprehensive overview of simulators and emulators that are developed in various programming languages, such as C, C++, Java, Python, and so on. These tools help in developing and simulating SDN applications in an SDN environment. Mininet [ 164 ] is an innovative emulation tool that allows network developers to configure, manage, and test their networks. These networks cannot exceed single-server bandwidth and cannot run non-Linux-compatible OpenFlow switches or applications. The DOT [ 171 ] emulation tool ensures computation and network resources for switches, hosts, and links in large SDN deployments. It can be used in an environment where a fixed number of physical machines are used to emulate a given network and does not support dynamic scalability and multi-user support. OFNET [ 172 ] is an open-source emulator to test and debug networks for analyzing network traffic. This tool does not support cloud platforms and large-scale implementation of layer-2 networks. ViNO [ 173 ] helps to create arbitrary network topologies via Open vSwitches and virtual machines. However, its scalability and OpenFlow support are not specified, and these can be helpful for experimentation and testing.

Summary of SDN simulators and emulators.

The EstiNet [ 175 ] network emulator provides accuracy, quickness, repetition, and scalability and is based on a kernel-reentering simulation methodology that allows researchers to test their applications. The FS-SDN [ 176 ] simulator is developed in the Python language for realistic testing and validation of standard networks. It can be extended for debugging and tracing capabilities, which can be helpful for developing new SDN applications. The OMNeT++ [ 178 , 179 ] simulator is helpful for network modeling, multiprocessors, and different distributed or parallel systems. However, its kernel is implemented in C++ and can only run with a modern C++ compiler. The NS-3 network simulator provides the capability to add new protocols and allows integration and customizability without remaking the core of the simulator. However, it is lacking a visual interface for creating a topology and for visible capability on an experimental level. This study provides a feature-based comparison of SDN simulators and emulators including a brief description, implementation language, and the strengths and weaknesses. It can be extended to conduct a performance-based comparison of these tools under specific scenarios. Finally, new simulators and emulators need to be developed for hybrid SDN, wireless networks, fog/edge computing, cloud computing, and so on, to meet the needs of future networks.

7. SDN Programming Languages

SDN programming languages consist of compilation and validation tools that are helpful for the translation of high-level constructs into messages understandable by the SDN controller API. The following section explains some SDN programming languages. One of the languages is Frenetic [ 183 , 184 ], which is a high-level language for the programming of OpenFlow networks and is useful for the categorization and accretion of network traffic. Moreover, it is also helpful for defining packet forwarding policies on the basis of a functional reactive combinator library inspired by Yampa [ 185 ], and its implementation is based on FlapJax [ 186 ]. By providing a Frenetic runtime environment, facilities pertaining to installation and querying low-level details are managed. In addition, it provides compositional constructs that facilitate modular reasoning and enable code reuse. As NetCore [ 187 ] is the successor of Frenetic, it carries an enhanced policy management library. Moreover, it has the capacity to compile ACL policies and handle the interaction between controller and switch. In addition to this, for the efficient generation of flow rules, the run-time system of NetCore is designed. Nettle [ 188 ] is a low-level programming language that deals with streams and does not deal with events. It is quite appropriate for various functions such as programming controllers, and programming discrete and continuous operations. Moreover, dynamic policies, including traffic engineering and load balancing, are also generated through it. As it is declarative in nature, functions that are time sensitive and varying can be demarcated. Moreover, the sequential operator provided by Nettle can also be used for creating compound commands.

Procera [ 189 ] is a high-level programming language that is helpful to delineate ACL policies in communication networks. It is quite a resource for the operators as it provides an expressive and extensible compositional framework. Moreover, it is also quite useful for designing network applications that not only react to the events produced by OpenFlow switches but also to external events, for instance, user authorization and bandwidth usage. Procera was used in several campus networks, as well as home network prototype deployments [ 190 ]. Flow-based management language (FML) [ 191 ] is a high-level declarative programming language that is based on non-recursive Datalog [ 192 ] for handling a network whose aim is to provide efficient and flexible policies. Moreover, it is also helpful for the operators, as it provides them with eminent management facilities for configuring ACL policies straightforwardly. Flog [ 193 ] is an event-driven programming language that adopted ideas from FML and Frenetic and is based on logic programming for the SDN environment, similar to FML. It is composed of three components that are similar to Frenetic. These components include a mechanism for network state collection, information processing, and policy generation. Like NetCore, Frenetic-OCaml [ 194 ] is also a successor of Frenetic. It is beneficial in providing mechanisms for network-wide policy implementation. NetCore is used and is replaced with NetKat for forwarding decisions. Moreover, its query language permits querying statistics that include traffic and topology. Being an imperative programming paradigm-based language, Pyretic [ 195 ], by specifying the static and dynamic forwarding policies, assists in developing network applications. By utilizing the sequential and parallel operators provided by Pyretic, the forwarding policies can be specified.

FlowLog [ 196 , 197 ] is a declarative language for programming SDN network applications. Being a finite state language, for the various types of analysis, the model checking can be applied quite competently. FlowLog has two versions. One is based on NetCore, whereas the other is built on the packet-handling capability of Frentic-OCaml. The FatTire [ 198 ] SDN programming language is used for writing fault-tolerant network applications. It is designed for the purpose of specifying the path for packet routing and fault tolerance. Moreover, it can also be helpful for the programmer who, by using regular expressions, declaratively states the sets of necessary paths. NetKat [ 199 , 200 , 201 , 202 ] uses Kleene algebra with tests (KAT) [ 203 ]. This programming language is based on equational theory, for programming and reasoning about the networks. A regular expression can be used for describing end-to-end paths, and its semantics are inspired by NetKat. Moreover, NetKat is also beneficial for defining virtual topologies. Merlin [ 196 , 197 , 204 , 205 ] is a declarative language that is useful for distributing and managing the ACL policy implementation process. Its run-time monitor is used to examine incoming and outgoing network traffic. Being a policy specification for SDN, PonderFlow [ 198 ] aims to extend the Ponder language [ 206 ] for describing OpenFlow flow rules. It is used to define management and security policies in distributed systems.

PonderFlow provides mechanisms for implementing access control and network abstractions. NOF [ 207 ] is a programming language with the objective of enabling network application to design the network according to the application requirements. It comprises sets of operations and services, and these are categorized into three groups, namely matching, timing, and query. Operations can be applied to conventional network fields that are based on host information. Timing includes information about the services, that is, when they will be installed and how long they will remain functional in the network. Query operation helps to obtain the network state information, that is, link state, bandwidth usage, transmission errors, and so on. Kinetic [ 208 ] is a domain-specific language that helps network operators control the dynamic state of their network. In addition, it offers facilities to validate the accuracy of control programs. The network policies may be stated with respect to finite state machines (FSMs), which aids in encapsulating the dynamic state of the network.

The summary of SDN programming languages is presented in Table 6 . Different SDN programming languages are developed to handle specific problems or to provide specific functionalities in network applications in a more refined and abstract manner. Most of the languages, (i.e., Procera [ 189 ], Pyretic [ 195 ], FlowLog [ 209 , 210 ], FatTire [ 157 ], NetKat [ 158 , 159 , 160 , 161 ]) provide basic-level flow matching. Pyretic [ 195 ] implements native flow matching and virtualizations, unlike other languages. Frenetic-OCaml [ 194 ] and Frenetic [ 183 , 184 ] provide enhanced monitoring based on query language and windowed history as well as flow matching. Kinetic [ 208 ] provides inherited flow matching and monitoring services, and it implements the modules in a parallel fashion. We have described these languages along with their programming paradigms.

Summary of SDN Programming Languages.

These languages help network administrators to implement access control, and to develop and test network applications on the basis of low-level constructs as well as high-level abstractions. However, there is still a wide scope for researchers to offer new abstractions and also contribute to the advance of NBI standardization. The future programming languages may include functionalities of load balancing to avoid congestion on specific resources. Researchers may be interested in using language constructs to scale-up the resources in an elastic way. Moreover, future programming languages should incorporate NFV to manage the virtualized functions and OpenFlow updates to take advantage of the new features offered by OFP. Network forensics are quite useful to collect information on network devices to verify the evidence of crimes. However, this important area is also lacking in research with regard to SDN programming languages. Finally, the current programming languages still do not provide an open interface to allow new modules to be developed and incorporated into the language, which is also an interesting future research area.

8. SDN Controller Platforms

The controllers are the brains of SDN networks and act as a strategic control point. These contain collection of modules that can perform different network tasks including network topology, network statistics, and so on. Different network applications such as network policies are installed on the controllers for data communication between end nodes. In this section, we discuss some controller platforms, which are described below.

Beacon [ 212 ] is implemented in the Java programming language and uses centralized architecture. Moreover, it uses ad hoc northbound API and southbound API with OpenFlow 1.0, which supports CLI and web user interface (WebUI). It also supports multi-command-line threading and modularity functionality. It serves as the basis of Floodlight, with a focus on being developer friendly and high performance, and with the ability to start and stop existing approaches. It has explored areas of OpenFlow controller design. Beehive [ 213 ] is a distributed control platform implemented in the GO programming language with a distributed hierarchical architecture. It utilizes REST northbound API and southbound API with OpenFlow 1.0 and 1.2. It utilizes the Linux supporting platform and supports CLI. The implementation of DCFabric [ 214 ] is based on the C and Java script programming languages, and it has a centralized architecture. It utilizes the REST northbound API and southbound API with OpenFlow 1.3. It uses the Linux supporting platform and supports CLI and WebUI. Moreover, it supports multi-threading and has a good modularity functionality with good consistency. Disco [ 215 ] is implemented in the Java programming language with a distributed flat architecture. It utilizes the northbound, southbound, and east/westbound API with REST with OpenFlow 1.0 and AMQP, respectively. It supports proprietary licenses. It has good modularity with limited documentation. The implementation of Faucet [ 216 ] is based on the Python programming language, and it has a centralized architecture. It utilizes SBI with OpenFlow 1.3. It employs the Linux supporting platform and supports CLI and WebUI. It supports Apache 2.0 licenses and multi-threading with good consistency.

Floodlight [ 217 ] is implemented in the Java programming language, and it has a centralized architecture. It utilizes REST, Java, RPC, and Quantum northbound API and southbound API with OpenFlow 1.0 and 1.3. It utilizes a Linux-, MacOS-, and Windows-supporting platform and provides CLI and WebUI. It supports Apache 2.0 licenses, which supports multi-threading, and has a fair modularity with good consistency and documentation. Flow Visor [ 218 ] is implemented in the C programming language with a centralized architecture. It utilizes JSON and RPC northbound API and southbound API with OpenFlow 1.0 and 1.3. It utilizes a Linux supporting platform and supports CLI interface. Moreover, it supports proprietary licenses and has no consistency; however, its documentation is fair. HyperFlow [ 219 ] is implemented in the C++ programming language with a distributed flat architecture. It utilizes SBI with OpenFlow 1.0 and east/westbound API with publishing and subscribing messages. It supports proprietary licenses and multi-threading and has no consistency. Kandoo [ 220 ] is implemented in the C, C++, and Python programming languages, and it has a distributed hierarchical architecture. It utilizes Java RPC northbound API and SBI with OpenFlow 1.0–1.2 and east/westbound API with messaging channel. It utilizes a Linux supporting platform and supports CLI and proprietary licenses.

Loom [ 221 ] is implemented in the Erlang programming language and has a distributed flat architecture. It utilizes JSON NBI and SBI with OpenFlow 1.3–1.4. It utilizes a Linux supporting platform and supports CLI. It supports Apache 2.0 licenses and multi-threading and has a good modularity with good consistency. However, its documentation is limited. Maestro [ 222 ] is implemented in the Java programming language with a centralized architecture. It applies ad hoc northbound API and southbound API with OpenFlow 1.0. It utilizes Linux, MacOS, and Windows supporting platform and supports WebUI. It supports LGPL 2.1 licenses. It supports multi-threading and has a fair modularity with no consistency, and its documentation is also limited. MsNettle [ 223 ] is implemented in the Haskell programming language and has a centralized architecture. It utilizes southbound API with OpenFlow 1.0. It utilizes a Linux supporting platform and supports CLI. It supports proprietary licenses and multi-threading and has a good modularity with no consistency. Meridian [ 224 ] is implemented in the Java programming language and has a centralized architecture. It utilizes REST NBI and SBI with OpenFlow 1.0 and 1.3. It utilizes a cloud-based supporting platform and supports WebUI. It supports multi-threading and has a good modularity with no consistency.

Microflow [ 225 ] is implemented in the C programming language with a centralized architecture. It utilizes Socket NBI and SBI with OpenFlow 1.0–1.5. It utilizes a Linux supporting platform and supports CLI and WebUI. It supports Apache 2.0 licenses and multi-threading. Nodeflow [ 226 ] is implemented in the JavaScript programming language with a centralized architecture. It utilizes JSON northbound API and southbound API with OpenFlow 1.0. It utilizes a Node.js supporting platform and supports CLI. NOX [ 227 ] is implemented in the C++ programming language and has a centralized architecture. It utilizes ad hoc NBI and SBI with OpenFlow 1.0. It utilizes a Linux supporting platform and supports CLI and WebUI. It supports GPL 3.0 licenses and multi-threading (Nox-MT) and has low modularity with no consistency. ONIX [ 228 ] is implemented in the C++ programming language with a distributed flat architecture. It utilizes Onix API northbound API and southbound API with OpenFlow 1.0 and OVSDB and east/westbound API with Zookeeper. It supports proprietary licenses and multi-threading and has a good modularity with no consistency.

ONOS [ 229 ] is implemented in the Java programming language with a distributed flat architecture. It utilizes REST and Neutron NBI and SBI with OpenFlow 1.0 and 1.3 and east/westbound API with Raft. It utilizes a Linux, MacOS, and Windows supporting platform and supports CLI and WebUI. It supports Apache 2.0 licenses and multi-threading functionality and has a high modularity and consistency. OpenContrail [ 230 ] is implemented in the C, C++, and Python programming languages with a centralized architecture. It utilizes REST NBI and SBI with BGP and XMPP. It utilizes a Linux supporting platform and supports CLI and WebUI. It supports Apache 2.0 licenses and multi-threading functionality and has a high modularity with good consistency. OpenDaylight [ 231 ] is implemented in the Java programming language with a distributed flat architecture. It utilizes REST, RESTCONF, XMPP, and NETCONE NBI and SBI with OpenFlow 1.0 and 1.3 and east/westbound API. It a utilizes Linux, MacOS, and Windows supporting platform and supports CLI and WebUI. It supports EPL 1.0 licenses and multi-threading functionality and has a high modularity with consistency. OpenIRIS [ 232 ] is implemented in the Java programming language with a distributed flat architecture. It utilizes REST NBI, SBI with OpenFlow 1.0–1.3, and east/westbound API with custom protocol. It utilizes a Linux supporting platform and supports CLI and WebUI. It supports Apache 2.0 and multi-threading functionality, with fair modularity and no consistency. OpenMul [ 233 ] is implemented in the C programming language and has a centralized architecture. It utilizes REST NBI and SBI with OpenFlow 1.0, 1.3, OVSDB, and Netconf. It utilizes a Linux platform and supports CLI. It supports GPL 2.0 licenses and multi-threading functionality and has a high modularity with no consistency. However, its documentation is good.

PANE [ 234 ] is implemented in the Haskell programming language with a distributed flat architecture. It utilizes PANE NBI, SBI with OpenFlow 1.0, and Zookeeper east/ westbound API. It utilizes Linux and MacOS platforms and supports CLI. It supports BSD 3.0 licenses and has a fair modularity with no consistency, but with documentation. POF Controller [ 235 ] is implemented in the Java programming language and has a centralized architecture. It utilizes SBI with OpenFlow 1.0 and POF-FIS. It utilizes a Linux platform and supports CLI and WebUI. It supports Apache 2.0 licenses, and its documentation is limited. POX [ 236 ] is implemented in the Python programming language with a centralized architecture. It utilizes ad hoc NBI and SBI with OpenFlow 1.0. It utilizes a Linux, MacOS, and Windows platform and supports CLI and WebUI. It supports Apache 2.0 licenses; however, it does not support multi-threading functionality and has a low modularity with no consistency. Ravel [ 237 ] is implemented in the Python programming language and has a centralized architecture. It utilizes ad hoc NBI and SBI with OpenFlow 1.0. It utilizes a Linux platform in CLI mode. It supports Apache 2.0 licenses, and its documentation is fair.

Rosemary [ 238 ] is implemented in the C programming language with a centralized architecture. It utilizes ad hoc NBI and SBI with OpenFlow 1.0, 1.3, and XMPP. It utilizes a Linux supporting platform and supports CLI. It supports proprietary and multi-threading functionality and has a good modularity with no consistency. RunOS [ 239 ] is implemented in the C++ programming language with a distributed flat architecture. It utilizes REST NBI, SBI with OpenFlow 1.3, and Maple east/westbound API. It utilizes a Linux supporting platform and supports CLI and WebUI. It supports Apache 2.0 licenses and multi-threading functionality and has a high modularity with consistency. Ryu [ 240 ] is implemented in the Python programming language and has a centralized architecture. It utilizes REST NBI and SBI with OpenFlow 1.0–1.5. It utilizes a Linux and MacOS supporting platform in CLI mode. It supports Apache 2.0 licenses and multi-threading functionality. SMaRtLight [ 241 ] is implemented in the Java programming language with a distributed flat architecture. It utilizes REST NBI, SBI with OpenFlow 1.3, and BFT-SMaRt east/westbound. It utilizes a Linux supporting platform in CLI mode. It supports proprietary licenses and has no consistency. TinySDN [ 242 ] is implemented in the C programming language with a centralized architecture. It utilizes SBI with OpenFlow 1.0 and a Linux supporting platform in CLI mode. It supports BSD 3.0 licenses and has no multi-threading functionality or consistency. Trema [ 243 ] is implemented in the C and Ruby programming languages with a centralized architecture. It utilizes ad hoc NBI and SBI with OpenFlow 1.0. It utilizes a Linux supporting platform in CLI mode. It supports GPL 2.0 licenses and has good modularity, but it has no consistency. However, its documentation is fair. Yanc [ 244 ] is implemented in the C and C++ programming languages and has a distributed flat architecture. It utilizes REST NBI and SBI with OpenFlow 1.0–1.3 capabilities. It utilizes a Linux supporting platform and supports CLI. It supports proprietary licenses, and its documentation is limited. ZeroSDN [ 245 ] is implemented in the C++ programming language and has a distributed flat architecture. It utilizes REST NBI, SBI with OpenFlow 1.0 and 1.3, and ZeroMQ of east/westbound API. It utilizes a Linux supporting platform in both CLI and WebUI modes. It supports Apache 2.0 licenses and has high modularity with fair documentation.

The summary of SDN controller platforms is presented in Table 7 . These controllers manage flows to the switches/routers via SBI and the applications/business logic via NBI to deploy intelligent networks. The controllers install flow rules at the data plane devices (switches/routers) to perform required functionalities, such as forwarding, dropping, and so on. There are different kinds of SDN controllers (centralized and distributed), which are developed to perform various functionalities in different programming languages (Python, C, C++, Java, etc.). Some of the controllers are java-based (i.e., Beacon [ 212 ], Disco, Opendaylight, SMaRtLight [ 241 ], etc.). Some of them are based on distributed approaches. Ryu is very easy and straightforward to program. Beginners can easily deploy and use this controller for their network.

Comparison of SDN controller platforms.

Opendaylight is complex, and it is difficult to model new ideas. For experts, it is good option to use because it provides a dozen southbound APIs and protocols, such as NetConf, OVSDB, and PCEP, for managing and configuring forwarding devices. If someone want to rank these controllers on the basis of simplicity, the order would be as follows: Ryu, Floodlight, ONOS, ODL. The scalability, consistency, reliability, and security are very important to consider in designing an efficient and robust SDN controller. The current SDN controllers lack standard data models, anomaly detection, and security mechanisms. It is observed that developing a brand new SDN controller may not be the best solution; however, the existing SDN control frameworks need to be enhanced, refined, and improved to address the above-mentioned issues.

9. Comparison with Existing Studies

SDN is a new networking paradigm that influences the network operations and management, gaining the attention of the research community and other organizations [ 246 ]. The papers have been written to discuss different issues and challenges of SDN, and these are shown in Table 8 . Akyildiz et al. [ 247 ] wrote a survey related to fault management, fault tolerance, topology update, and traffic analysis. They explained different aspects of the SDN architecture and their interactions. Several studies are classified according to their specific problems. Xie et al. [ 248 ] compile techniques such as routing optimization, QoS, and resource management security to fill the gaps left by the previous paper. Their main focus was on blending the QoS-aware techniques and presenting their work in a comprehensive manner. Meanwhile, Matlou et al. [ 249 ] surveyed the same topic to improve on the paper written by Xie et al. [ 248 ]. They targeted wireless sensor networks and SDNs to explain this topic. They achieved their target, as wireless networking in SDN was considered a unique topic at that time, and they accepted the challenge to complete the survey. In the same year, Jose et al. [ 250 ] wrote a comprehensive review related to traffic classification and security. Network intrusion detection is also considered as a point in traffic engineering, and it was not included in any of the papers mentioned above, so to describe it in a comprehensive manner, Sultana et al. [ 251 ] focused on the four learning algorithms included in the paper. Similarly, traffic profiling is also an important area of traffic classification. Cui et al. [ 252 ] considered all four learning algorithms and explained several machine learning models, including traffic profiling and its functioning in SDN networking. It was considered an important topic at that time due to its uniqueness. Moreover, Loung et al. [ 253 ] focused on the topic of network virtualization, which was explained and included in a survey related to traffic engineering. They achieved their target by reviewing network virtualization and ensuring QoS in virtual networks.

Comparison of existing papers in SDN.

Kreutz et al. [ 254 ] started their discussion by defining the SDN, its major concepts, and its differences compared to traditional networks. The architecture of an SDN is presented in a bottom-up approach. Deep analysis is performed at its architecture, APIs, network programming, and network layers. They also focused on the major problem of cross-layering and its solutions. Keeping in view security, performance, scalability, and resilience, the design of the controller and switches are addressed in this study. Wang et al. [ 255 ] provide a review of diverse problems in networking, including traffic classification, traffic prediction, self-configuration, and network management, as well as performance inspection and prediction. They focused on a small number of studies to showcase different aspects of the workflow. Jamshidi et al. [ 256 ] explained applications based on machine learning (ML) methods and techniques by dividing them into six categories of networking, which are traffic prediction, network security, cloud services, application identification, domain name system, and QoS. For all these categories, they determined the ML methods and input datasets. They also summarize the various challenges and major findings of these input data and ML methods. In particular, they discovered multiple new aspects of ML in networking. They ended their study by discussing research gaps and challenges. Mohammed et al. [ 257 ] review existing different ML and deep learning (DL) algorithms in the context of SDN networking for the measurement of traffic classification and traffic prediction. DL approaches are used for traffic prediction. Tam et al. [ 258 ] directed their attention to ML-based security solutions for SDN. ML models used in network prediction and prevention are identified to be deficient, so attackers can control or avoid the model. Attackers are also versed in ML capabilities to predict the defending model’s behavior. The authors suggest some specific recommendations that are helpful for SDN security. They recommend that a secure development process must be followed. They made an auditable ML model. This is important to give attention to threat models, instead of scheming ML solutions, and there must be an operational cost model that is produced at the initial level. These recommendations are helpful to improve the properties of ML-based solutions for SDN.

Amin et al. [ 259 ] discuss the deployment of SDN among legacy networks. Due to the speedy growth of the Internet, network structures have become huge and complicated. This complexity initiates a huge amount of traffic data, and it becomes a challenge to take traffic measurements such as traffic classification and prediction, in a network. To manage networks efficiently, the SDN paradigm is adopted, and it has already been adopted by several organizations. This survey presents a comprehensive study on a specific topic. For hybrid SDN, some efficient algorithms are needed to measure and deploy the SDN alongside traditional networking. Priyadarsini et al. [ 260 ] provide a comprehensive review and report of state-of-the-art progress on productive traffic management, including load balancing and energy-efficient routing. The introduction and deployment of SDN controls, network safety, and optimum positioning of controllers affecting traffic management are also discussed. This paper also addresses a few unexplored SDN challenges, such as modular implementation, convergence with the legacy network, and possible analysis charts. Although there are multiple studies on SDN, most of them are old and do not cover the state-of-the-art approaches. Some of them just cover one or two aspects of the SDN environment (i.e., SDN controller placement [ 261 , 262 ], SDN programming languages [ 263 , 264 ], SDN simulators [ 265 , 266 ]).

In all of the above-mentioned studies, none of them evaluate the state-of-the-art approaches related to different classifications of SDN. We categorize the approaches as network testing and verification, flow rules installations, SDN controllers, SDN simulators, network security and management, programming languages, and memory management. Moreover, we provide comparisons of all these categories in the form of tables and discuss limitations of each technique, which require attention in future research. In SDN, network devices are controlled using flow rule installations, and there are several methods for rule installations in different circumstance (i.e., path failure, new rules, rules update). This is an important aspect that needs to be considered for evaluation of different approaches. Network devices in SDN are equipped with TCAM memory, which is very limited. It is necessary to use this memory very efficiently, so many approaches are adopted for memory management in SDN devices. We cover all these studies and compare their performance and efficiency.

10. Future Research Directions

This paper focuses on different techniques found in OpenFlow-based SDN. We observe that most existing techniques that appear in the literature complement the methods and subordinate them. Following are the possible future research directions for the research community. SDN controllers handle communication traffic, and as network traffic grows, the mapping of flow rules between controller and switches becomes overburdened, while a few controllers become unburdened. Due to poor throughput and long reaction times, such an imbalance impairs the performance of the SDN network. It is difficult to manage the load across several controllers dynamically. In SDN security, several SDN-based defensive primitives are addressed. To cope with contemporary cyber dangers, both novel primitives and modular protection systems that employ various primitives are required. Researchers should focus on improving the security of established network protocols (such as address resolution protocol (ARP), dynamic host configuration protocol (DHCP), domain name system (DNS), etc.), as well as novel protocols such as neighbour discovery protocol (NDP) in Internet Protocol Version 6 (IPV6).

With respect to controller scalability, separation of control and data planes, quantity of events/requests handled by a controller, and controller–switch communication delay are all bottlenecks in SDN. The relationship between different approaches used to optimize controllers and scalability difficulties are also examined. The majority of current storage systems have been evaluated on small-size networks, such as those with 7–28 nodes and 7–43 connections. As a result, these figures are incomparable to a large number of devices in a wide-scale network environment, such as Telco, Internet of things (IoT), and so on. In resource management (i.e., network components such as switches and controllers), ML approaches are extremely successful. The majority of ML algorithms, on the other hand, are focused on flow categorization and monitoring. Much less study has been done on estimating traffic flow for real-time applications and best-effort traffic and deciding which traffic flow to install ahead of time. These are multiple research areas to explore. In addition, the energy-efficient SDN networks, wireless networks, network virtualization techniques, cloud computing platforms, and SDN migration mechanisms are recommended for more detailed exploration.

Information-centric networking (ICN) [ 267 ] is gaining popularity for the future Internet to increase the efficiency of content delivery and availability. With the increasing demand for video streaming of public users through mobile devices, the Internet speed is significant to fulfill the desired need for end-users through efficient use of bandwidth. Nowadays, different applications of ICN are very popular, such as SDN-based ICN [ 268 ], IoT-based ICN [ 269 ], ICN with edge computing [ 270 ], green ICN [ 271 ], and so on. These areas need to be explored in more detail to help the ICN community reach the next step of implementation in live deployments. The network programmability feature of SDN is used to enrich response functionality. The data plane provides the possibility of adding new functions that are more competent to secure the entire network. In prevention systems, security policies are defined to stop attackers from contacting targets, which require investigation once policies change. The dynamic flow control features of SDN enhance the detection of attacks without adding middleboxes and virtually turn switches into network security devices that can prevent attacks dynamically. Moreover, ML-based SDN includes network optimization, improving network security, and high-quality training datasets. Some other broader perspectives on SDN, such as software-defined mobile networks and software-defined vehicular networks, are also important areas to explore. Regarding QoS, researchers are carrying out experiments with real matrices through different network topologies so that each flow may have different QoS requirements. If DROM [ 272 ] is extended with QoS routing, more efficient and enhanced results can be generated. The QoS measures the traffic conditions and traffic classification, while DROM dynamically measures the reliability, effectiveness, and awareness of QoS. The queuing delay of the switches and the processing delay of the server improves the QoS.

For traffic engineering, some machine learning techniques provide fundamental improvements compared to the traditional traffic engineering paradigm. Many researchers have devoted their skills to developing efficient systems for traffic classification, routing, and traffic optimizations. Network policies are formed intelligently using some machine learning algorithms, for example, random forest, support vector machine (SVM) [ 273 ], k-nearest neighbors (KNN), and so on. Apart from machine learning, deep learning models such as the artificial neural network (ANN) or convolutional neural network (CNN) may also be adopted. For example, if we can predict the change in network policies before its occurrence and take the needed measures, then much better throughput can be achieved. These approaches will make the controller more intelligent, which results in more efficient handling of network policy change phenomena. Moreover, quality of service (QoS) parameters also need to be considered to manage the network traffic to improve network throughput. However, machine learning algorithms have their own limitations, such as false negatives [ 274 ]. For traffic classification, most of the research conducted so far has been on labeled datasets using a supervised learning approach. Few works are done using semi-supervised learning, where some of the data are labeled and some are not given labels. The same applies to the scenario with unsupervised learning. Another important learning approach is reinforcement learning, which is a black box approach when we consider traffic classification. In this regard, algorithms can be designed to classify the data traffic in such a way that the new classified information can help the algorithm learn from the experience.

11. Conclusions

The SDN architecture has shifted network control and management to a centralized controller, which provides a variety of benefits including programmability, innovation, and ease of security policy implementation. In this paper, we briefly reviewed the traditional networking and SDN structure along with its background, application programming interfaces, network configurations, and benefits of the SDN paradigm. Afterwards, we organized this paper into seven groups, namely network testing and verification, flow rule installation mechanisms, network security and management issues related to SDN implementation, memory management studies, SDN simulators and emulators, SDN programming languages, and SDN controller platforms. We discussed each category in detail along with the implementation mechanisms and analyzed these mechanisms by summarizing and comparing each technique along with the lessons learned from the proposed techniques. Furthermore, we analyze and discuss the latest studies and compare these papers with our research paper. Finally, comprehensive future research guidelines are provided, and the paper is concluded.

Funding Statement

Taif University Researchers Support, project number TURSP-2020/302, Taif University, Taif, Saudi Arabia.

Author Contributions

Conceptualization, M.H. and N.S.; methodology, M.H. and R.A.; software, M.H.; validation, M.H. and N.S.; formal analysis, N.S.; investigation, M.H., A.A. and S.S.A.; resources, M.H. and R.A.; data curation, M.H. and N.S.; writing—original draft preparation, M.H. and N.S.; writing—review and editing, M.H., S.S.A. and S.M.R.; visualization, M.H., S.S.A. and S.M.R.; supervision, N.S.; project administration, A.A., S.M.R. and R.A.; funding acquisition, A.A. and S.S.A. All authors have read and agreed to the published version of the manuscript.

Institutional Review Board Statement

Informed consent statement.

Informed consent was obtained from all subjects involved in the study.

Data Availability Statement

Conflicts of interest.

The authors declare no conflict of interest.

Publisher’s Note: MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Help | Advanced Search

Computer Science > Networking and Internet Architecture

Title: software-defined networking: a comprehensive survey.

Abstract: Software-Defined Networking (SDN) is an emerging paradigm that promises to change this state of affairs, by breaking vertical integration, separating the network's control logic from the underlying routers and switches, promoting (logical) centralization of network control, and introducing the ability to program the network. The separation of concerns introduced between the definition of network policies, their implementation in switching hardware, and the forwarding of traffic, is key to the desired flexibility: by breaking the network control problem into tractable pieces, SDN makes it easier to create and introduce new abstractions in networking, simplifying network management and facilitating network evolution. In this paper we present a comprehensive survey on SDN. We start by introducing the motivation for SDN, explain its main concepts and how it differs from traditional networking, its roots, and the standardization activities regarding this novel paradigm. Next, we present the key building blocks of an SDN infrastructure using a bottom-up, layered approach. We provide an in-depth analysis of the hardware infrastructure, southbound and northbound APIs, network virtualization layers, network operating systems (SDN controllers), network programming languages, and network applications. We also look at cross-layer problems such as debugging and troubleshooting. In an effort to anticipate the future evolution of this new paradigm, we discuss the main ongoing research efforts and challenges of SDN. In particular, we address the design of switches and control platforms -- with a focus on aspects such as resiliency, scalability, performance, security and dependability -- as well as new opportunities for carrier transport networks and cloud providers. Last but not least, we analyze the position of SDN as a key enabler of a software-defined environment.

Submission history

Access paper:.

  • Download PDF
  • Other Formats

References & Citations

  • Google Scholar
  • Semantic Scholar

DBLP - CS Bibliography

Bibtex formatted citation.

BibSonomy logo

Bibliographic and Citation Tools

Code, data and media associated with this article, recommenders and search tools.

  • Institution

arXivLabs: experimental projects with community collaborators

arXivLabs is a framework that allows collaborators to develop and share new arXiv features directly on our website.

Both individuals and organizations that work with arXivLabs have embraced and accepted our values of openness, community, excellence, and user data privacy. arXiv is committed to these values and only works with partners that adhere to them.

Have an idea for a project that will add value for arXiv's community? Learn more about arXivLabs .

Book cover

Information Fusion for Cyber-Security Analytics pp 333–369 Cite as

A Systematic Literature Review on Software-Defined Networking

  • Izzat M. Alsmadi 5 ,
  • Iyad AlAzzam 6 &
  • Mohammed Akour 6  
  • First Online: 22 October 2016

1974 Accesses

11 Citations

Part of the Studies in Computational Intelligence book series (SCI,volume 691)

Software-Defined Networking (SDN) is a recently evolving networking architecture that focuses on the separation of control and data planes. Unlike traditional switches, SDN switches include flow tables that are remotely controlled by a separate software application, the controller. SDN is not completely new; it formulates an architecture on top of several good practices. In this paper, we examined the obtainable knowledge about SDN through conducting a systematic literature review (SLR) to evaluate the current SDN state of the art in terms of research tracks, publications, trends, etc. We systematically evaluate research in SDN based on questions formulated for this purpose. The results present outline information about the most active research areas, tools, security issues, obstacles, limitations, strengths, and opportunities in SDN.

  • Cloud Computing
  • Systematic Literature Review
  • Security Control
  • Mapping Research
  • Network Administrator

These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

This is a preview of subscription content, log in via an institution .

Buying options

  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
  • Available as EPUB and PDF
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
  • Durable hardcover edition

Tax calculation will be finalised at checkout

Purchases are for personal use only

Kawashima, R., Matsuo, H.: Performance evaluation of non-tunneling edge-overlay model on 40GbE environment. In: 2014 I.E. 3rd Symposium on Network Cloud Computing and Applications (NCCA), pp. 68–74, 5–7 February 2014

Google Scholar  

Carrozzo, G., Monno, R., Belter, B., Krzywania, R., Pentikousis, K., Broadbent, M., Kudoh, T., Takefusa, A., Vieo-Oton, A., Fernandez, C., Puvpe, B., Tanaka, J.: Large-scale SDN experiments in federated environments. In: 2014 International Conference on Smart Communications in Network Technologies (SaCoNeT), pp. 1–6, 18–20 June 2014

Huang, C., Zhu, J., Luo, M., Chou, W.: A new mechanism for SDN network virtualization service. In: 2014 International Conference on Smart Communications in Network Technologies (SaCoNeT), pp. 1–6, 18–20 June 2014

Jmal, R., Chaari Fourati, L.: Implementing shortest path routing mechanism using Openflow POX controller. In: The 2014 International Symposium on Networks, Computers and Communications, pp. 1–6, 17–19 June 2014

Kawai, Y., Sato, Y., Ata, S., Huang, D., Medhi, D., Oka, I.: A database oriented management for asynchronous and consistent reconfiguration in Software-Defined Networks. In: 2014 I.E. on Network Operations and Management Symposium (NOMS), pp. 1–5, 5–9 May 2014

Araniti, G., Cosmas, J., Iera, A., Molinaro, A., Morabito, R., Orsino, A.: OpenFlow over wireless networks: performance analysis. In: 2014 I.E. International Symposium on Broadband Multimedia Systems and Broadcasting (BMSB), pp. 1–5, 25–27 June 2014

Huang, W.-Y., Chou, T.-Y., Hu, J.-W., Liu, T.-L.: Automatical end to end topology discovery and flow viewer on SDN. In: 2014 28th International Conference on Advanced Information Networking and Applications Workshops (WAINA), pp. 910–915, 13–16 May 2014

Gorja, P., Kurapati, R.: Extending open vSwitch to L4-L7 service aware OpenFlow switch. In: 2014 I.E. International on Advance Computing Conference (IACC), pp. 343–347, 21–22 February 2014

Cvijetic, N., Tanaka, A., Ji, P.N., Sethuraman, K., Murakami, S., Wang, T.: SDN and OpenFlow for dynamic flex-grid optical access and aggregation networks. J. Lightwave Technol. 32 (4), 864–870 (2014)

Article   Google Scholar  

Lara, A., Kolasani, A., Ramamurthy, B.: Network innovation using OpenFlow: a survey. IEEE Commun. Surv. Tut. 16 (1), 493–512 (2014). First Quarter

Sato, G., Uchida, N., Shibata, Y.: Performance evaluation of PC router based cognitive wireless network for disaster-resilient WANs. In: 2014 28th International Conference on Advanced Information Networking and Applications Workshops (WAINA), pp. 611–616, 13–16 May 2014

Javid, T., Riaz, T., Rasheed, A.: A layer2 firewall for software defined network. In: 2014 Conference on Information Assurance and Cyber Security (CIACS), pp. 39–42, 12–13 June 2014

Broadbent, M., Georgopoulos, P., Kotronis, V., Plattner, B., Race, N.: OpenCache: leveraging SDN to demonstrate a customisable and configurable cache. In: 2014 I.E. Conference on Computer Communications Workshops (INFOCOM WKSHPS), pp. 151–152, 27 April 2014–2 May 2014

Nunes, B., Mendonca, M., Nguyen, X., Obraczka, K., Turletti, T.: A survey of Software-Defined Networking: past, present, and future of programmable networks. IEEE Commun. Surv. Tut. PP (99), 1–18

Kim, H., Kim, J., Ko, Y.-B.: Developing a cost-effective OpenFlow testbed for small-scale Software Defined Networking. In: 2014 16th International Conference on Advanced Communication Technology (ICACT), pp. 758–761, 16–19 February 2014

de Oliveira, R.L.S., Shinoda, A.A., Schweitzer, C.M., Rodrigues Prete, L.: Using Mininet for emulation and prototyping software-defined networks. In: 2014 I.E. Colombian Conference on Communications and Computing (COLCOM), pp. 1–6, 4–6 June 2014

Phemius, K., Bouet, M., Leguay, J.: DISCO: distributed multi-domain SDN controllers. In: 2014 I.E. Network Operations and Management Symposium (NOMS), pp. 1–4, 5–9 May 2014

Suh, M., Park, S.H., Lee, B., Yang, S.: Building firewall over the software-defined network controller. In: 2014 16th International Conference on Advanced Communication Technology (ICACT), pp. 744–748, 16–19 February 2014

Sher-DeCusatis, C.J., DeCusatis, C.: Developing a software defined networking curriculum through industry partnerships. In: 2014 Zone 1 Conference of the American Society for Engineering Education (ASEE Zone 1), pp. 1–7, 3–5 April 2014

Camillo Penna, M., Jamhour, E., Miguel, M.L.F.: A clustered SDN architecture for large scale WSON. In: 2014 I.E. 28th International Conference on Advanced Information Networking and Applications (AINA), pp. 374–381, 13–16 May 2014

Smith, P., Schaeffer-Filho, A., Hutchison, D., Mauthe, A.: Management patterns: SDN-enabled network resilience management. In: 2014 I.E. Network Operations and Management Symposium (NOMS), pp. 1–9, 5–9 May 2014

Izquierdo-Zaragoza, J.-L., Fernandez-Gambin, A., Pedreno-Manresa, J.-J., Pavon-Marino, P.: Leveraging Net2Plan planning tool for network orchestration in OpenDaylight. In: 2014 International Conference on Smart Communications in Network Technologies (SaCoNeT), pp. 1–6, 18–20 June 2014

Kim, E.-D., Lee, S.-I., Choi, Y., Shin, M.-K., Kim, H.-J.: A flow entry management scheme for reducing controller overhead. In: 2014 16th International Conference on Advanced Communication Technology (ICACT), pp. 754–757, 16–19 February 2014

Karl, M., Herfet, T.: Transparent multi-hop protocol termination. In: 2014 I.E. 28th International Conference on Advanced Information Networking and Applications (AINA), pp. 253–259, 13–16 May 2014

Malacarne, A., Paolucci, F., Cugini, F., Mastropaolo, A., Bottari, G., Poti, L.: Multiplexing of asynchronous and independent ASK and PSK transmissions in SDN-controlled intra-data center network. J. Lightwave Technol. 32 (9), 1794–1800 (2014)

Rodrigues Prete, L., Schweitzer, C.M., Shinoda, A.A., Santos de Oliveira, R.L.: Simulation in an SDN network scenario using the POX Controller. In: 2014 I.E. Colombian Conference on Communications and Computing (COLCOM), pp. 1–6, 4–6 June 2014

Kim, S.-M., Choi, H.-Y., Park, P.-W., Min, S.-G., Han, Y.-H.: OpenFlow-based Proxy mobile IPv6 over software defined network (SDN). In: 2014 I.E. 11th Consumer Communications and Networking Conference (CCNC), pp. 119–125, 10–13 January 2014

Xu, X., Zhang, H., Dai, X., Hou, Y., Tao, X., Zhang, P.: SDN based next generation mobile network with service slicing and trials. In: Communications, China, vol. 11, no. 2, pp. 65–77, February 2014

Dotcenko, S., Vladyko, A.; Letenko, I.: A fuzzy logic-based information security management for software-defined networks. In: 2014 16th International Conference on Advanced Communication Technology (ICACT), pp. 167–171, 16–19 February 2014

Malboubi, M., Wang, L., Chuah, C.-N., Sharma, P.: Intelligent SDN based traffic (de)Aggregation and Measurement Paradigm (iSTAMP). In: 2014 Proceedings IEEE INFOCOM, pp. 934–942, 27 April 2014–2 May 2014

Masutani, H., Nakajima, Y., Kinoshita, T., Hibi, T., Takahashi, H., Obana, K., Shimano, K., Fukui, M.: Requirements and design of flexible NFV network infrastructure node leveraging SDN/OpenFlow. In: 2014 International Conference on Optical Network Design and Modeling, pp. 258–263, 19–22 May 2014

Cleder Machado, C., Zambenedetti Granville, L., Schaeffer-Filho, A., Araujo Wickboldt, J.: Towards SLA policy refinement for QoS management in Software-Defined Networking. In: 2014 I.E. 28th International Conference on Advanced Information Networking and Applications (AINA), pp. 397–404, 13–16 May 2014

Zuo Q., Chen, M., Ding K., Xu B.: On generality of the data plane and scalability of the control plane in Software-Defined Networking. In: Communications, China, vol. 11, no. 2, pp. 55–64, February 2014

Bozakov, Z., Papadimitriou, P.: Towards a scalable software-defined network virtualization platform. In: 2014 I.E. Network Operations and Management Symposium (NOMS), pp. 1–8, 5–9 May 2014

Laga, S., Van Cleemput, T., Van Raemdonck, F., Vanhoutte, F., Bouten, N., Claeys, M., De Turck, F.: Optimizing scalable video delivery through OpenFlow layer-based routing. In: 2014 I.E. Network Operations and Management Symposium (NOMS), pp. 1–4, 5–9 May 2014

Munoz, R., Casellas, R., Martinez, R., Vilalta, R.: PCE: what is it, how does it work and what are its limitations? J. Lightwave Technol. 32 (4), 528–543 (2014)

Iyer, A.; Kumar, P., Mann, V.: Avalanche: data center Multicast using software defined networking. In: 2014 Sixth International Conference on Communication Systems and Networks (COMSNETS), pp. 1–8, 6–10 January 2014

Sambo, N., Meloni, G., Paolucci, F., Cugini, F., Secondini, M., Fresi, F., Poti, L., Castoldi, P.: Programmable transponder, code and differentiated filter configuration in elastic optical networks. J. Lightwave Technol. 32 (11), 2079–2086 (2014)

Zinner, T., Jarschel, M., Blenk, A., Wamser, F., Kellerer, W.: Dynamic application-aware resource management using Software-Defined Networking: implementation prospects and challenges. In: 2014 I.E. Network Operations and Management Symposium (NOMS), pp. 1–6, 5–9 May 2014

Martinello, M., Ribeiro, M.R.N., de Oliveira, R.E.Z., de Angelis Vitoi, R.: Keyflow: a prototype for evolving SDN toward core network fabrics. IEEE Netw. 28 (2), 12–19 (2014)

Mueller, J., Chen, Y., Reichel, B., Vlad, V., Magedanz, T.: Design and implementation of a Carrier Grade Software Defined Telecommunication Switch and Controller. In: 2014 I.E. Network Operations and Management Symposium (NOMS), pp. 1–7, 5–9 May 2014

Hu, F., Hao, Q., Bao, K.: A survey on Software Defined Networking (SDN) and OpenFlow: from concept to implementation. IEEE Commun. Surv. Tut. PP (99), 1

Autenrieth, A.; Szyrkowiec, T., Grobe, K., Elbers, J.-P., Kaczmarek, P., Kostecki, P., Kellerer, W.: Evaluation of virtualization models for optical connectivity service providers. In: 2014 International Conference on Optical Network Design and Modeling, pp. 264–268, 19–22 May 2014

Kim, W.-S., Chung, S.-H., Ahn, C.-W., Do, M.-R.: Seamless handoff and performance anomaly reduction schemes based on OpenFlow access points. In: 2014 28th International Conference on Advanced Information Networking and Applications Workshops (WAINA), pp. 316–321, 13–16 May 2014

Alvizu, R., Maier, G.: Can open flow make transport networks smarter and dynamic? An overview on transport SDN. In: 2014 International Conference on Smart Communications in Network Technologies (SaCoNeT), pp. 1–6, 18–20 June 2014

Sharma, S., Staessens, D., Colle, D., Palma, D., Goncalves, J., Pickavet, M., Cordeiro, L., Demeester, P.: Demonstrating resilient quality of service in Software Defined Networking. In: 2014 I.E. Conference on Computer Communications Workshops (INFOCOM WKSHPS), pp. 133–134, 27 April 2014–2 May 2014

Soltani, A.; Bazlamacci, C.F.: HyFI: hybrid flow initiation in software defined networks. In: 2014 5th International Conference on Information and Communication Systems (ICICS), pp. 1–6, 1–3 April 2014

Xia, W., Wen, Y., Foh, C.H., Niyato, D., Xie, H.: A survey on Software-Defined Networking. IEEE Commun. Surv. Tut. PP (99), 1 (2014)

Munoz, R., Casellas, R., Vilalta, R., Martinez, R.: Dynamic and adaptive control plane solutions for flexi-grid optical networks based on stateful PCE. J. Lightwave Technol. 32 (16), 2703–2715 (2014)

Awobuluyi, O.: Periodic control update overheads in OpenFlow-based enterprise networks. In: 2014 I.E. 28th International Conference on Advanced Information Networking and Applications (AINA), pp. 390–396, 13–16 May 2014

Chang, D., Kwak, M., Choi, N., Kwon, T., Choi, Y.: C-flow: an efficient content delivery framework with OpenFlow. In: 2014 International Conference on Information Networking (ICOIN), pp. 270–275, 10–12 February 2014

Sama, M.R., Ben Hadj Said, S., Guillouard, K., Suciu, L.: Enabling network programmability in LTE/EPC architecture using OpenFlow. In: 2014 12th International Symposium on Modeling and Optimization in Mobile, Ad Hoc, and Wireless Networks (WiOpt), pp. 389–396, 12–16 May 2014

Latifi, S., Durresi, A., Cico, B.: Emulating enterprise network environments for fast transition to software-defined networking. In: 2014 3rd Mediterranean Conference on Embedded Computing (MECO), pp. 294–297, 15–19 June 2014

Sgambelluri, A., Adami, D., Donatini, L., Gharbaoui, M., Martini, B., Giordano, S., Castoldi, P.: IT and network SDN orchestrator for Cloud Data Center. In: 2014 I.E. Network Operations and Management Symposium (NOMS), pp. 1–2, 5–9 May 2014

Roy, A.R., Bari, M.F., Zhani, M.F., Ahmed, R., Boutaba, R.: Design and management of DOT: a distributed OpenFlow Testbed. In: 2014 I.E. Network Operations and Management Symposium (NOMS), pp. 1–9, 5–9 May 2014

Shin, Y.Y., Kang, S.H., Kwak, J.Y., Lee, B.Y., Hyang, S.: The study on configuration of multi-tenant networks in SDN controller. In: 2014 16th International Conference on Advanced Communication Technology (ICACT), pp. 1223–1226, 16–19 February 2014

Ji, Y., Zhang, J., Zhao, Y., Li, H., Yang, Q., Ge, C., Xiong, Q., Xue, D., Yu, J., Qiu, S.: All Optical switching networks with energy-efficient technologies from components level to network level. IEEE J. Sel. Areas Commun. PP (99), 1

Papagianni, C., Androulidakis, G., Papavassiliou, S.: Virtual topology mapping in SDN-enabled clouds. In: 2014 I.E. 3rd Symposium on Network Cloud Computing and Applications (NCCA), pp. 62–67, 5–7 February 2014

Chowdhury, S.R., Bari, M.F., Ahmed, R., Boutaba, R.: PayLess: a low cost network monitoring framework for Software Defined Networks. In: 2014 I.E. Network Operations and Management Symposium (NOMS), pp. 1–9, 5–9 May 2014

Lee, B., Park, S.H., Shin, J., Yang, S.: IRIS: the Openflow-based recursive SDN controller. In: 2014 16th International Conference on Advanced Communication Technology (ICACT), pp. 1227–1231, 16–19 February 2014

Rosa, R.V., Esteve Rothenberg, C., Madeira, E.: Virtual data center networks embedding through Software Defined Networking. In: 2014 I.E. Network Operations and Management Symposium (NOMS), pp. 1–5, 5–9 May 2014

Zhao, Y., Zhang, J., Yang, H., Yu, X.: Data center optical networks (DCON) with OpenFlow based Software Defined Networking (SDN). In: 2013 8th International ICST Conference on Communications and Networking in China (CHINACOM), pp. 771–775, 14–16 August 2013

Guimaraes, C., Corujo, D., Aguiar, R.L., Silva, F., Frosi, P.: Empowering software defined wireless Networks through Media Independent Handover management. In: 2013 I.E. Global Communications Conference (GLOBECOM), pp. 2204–2209, 9–13 December 2013

Binczewski, A., Bogacki, W., Dolata, L., Lechert, L., Podleski, L., Przywecki, M., Oehlschlaeger, A., Dunne, J., Simeonidou, D., Zervas, G., Rofoee, B.R.: Enabling service market in metro and access networks—the ADDONAS project. In: 2013 Second European Workshop on Software Defined Networks (EWSDN), pp. 19–24, 10–11 October 2013

Mann, V., Kannan, K., Vishnoi, A., Iyer, A.S.: NCP: Service replication in data centers through software defined networking. In: 2013 IFIP/IEEE International Symposium on Integrated Network Management (IM 2013), pp. 561–567, 27–31 May 2013

Fratczak, T., Broadbent, M., Georgopoulos, P., Race, N.: HomeVisor: adapting home network environments. In: 2013 Second European Workshop on Software Defined Networks (EWSDN), pp. 32–37, 10–11 October 2013

Shirali-Shahreza, S., Ganjali, Y.: Empowering Software Defined Network controller with packet-level information. In: 2013 I.E. International Conference on Communications Workshops (ICC), pp. 1335–1339, 9–13 June 2013

Thanh, N.H., Cuong, B.D., Thien, T.D., Nam, P.N., Thu, N.Q., Huong, T.T., Nam, T.M.: ECODANE: a customizable hybrid testbed for green data center networks. In: 2013 International Conference on Advanced Technologies for Communications (ATC), pp. 312–317, 16–18 October 2013

Crowcroft, J., Oliver, H., Bar-Geva, Y.: Tearing down the Protocol Wall with Software Defined Networking. In: 2013 I.E. SDN for Future Networks and Services (SDN4FNS), pp. 1–9, 11–13 November 2013

Ben Hadj Said, S., Sama, M.R., Guillouard, K., Suciu, L., Simon, G., Lagrange, X., Bonnin, J.-M.: New control plane in 3GPP LTE/EPC architecture for on-demand connectivity service. In: 2013 I.E. 2nd International Conference on Cloud Networking (CloudNet), pp. 205–209, 11–13 November 2013

Gurusanthosh, P., Rostami, A., Manivasakan, R.: SDMA: a semi-distributed mobility anchoring in LTE networks. In: 2013 International Conference on Selected Topics in Mobile and Wireless Networking (MoWNeT), pp. 133–139, 19–21 August 2013

Lee, B.-S., Kanagavelu, R., Aung, K.M.M.: An efficient flow cache algorithm with improved fairness in Software-Defined Data Center Networks. In: 2013 I.E. 2nd International Conference on Cloud Networking (CloudNet), pp. 18–24, 11–13 November 2013

Lin, W.-C., Liu, G.-H., Kuo, K.-T., Wen, C.H.-P.: D2ENDIST-FM: flow migration in routing of OpenFlow-based cloud networks. In: 2013 I.E. 2nd International Conference on Cloud Networking (CloudNet), pp. 170–174, 11–13 November 2013

Zhao, Y., Zhang, J., Gao, L., Yang, H.: Unified control system for heterogeneous networks with Software Defined Networking (SDN). In: 2013 8th International ICST Conference on Communications and Networking in China (CHINACOM), pp. 781–784, 14–16 August 2013

Jarschel, M., Zinner, T., Hohn, T., Phuoc, T.-G.: On the accuracy of leveraging SDN for passive network measurements. In: 2013 Australasian Telecommunication Networks and Applications Conference (ATNAC), pp. 41–46, 20–22 November 2013

Bari, M.F., Chowdhury, S.R., Ahmed, R., Boutaba, R.: PolicyCop: an autonomic QoS policy enforcement framework for Software Defined Networks. In: 2013 I.E. SDN for Future Networks and Services (SDN4FNS), pp. 1–7, 11–13 November 2013

Shimamura, M., Yamanaka, H., Uratani, Y., Nagata, A., Ishii, S., Iida, K., Kawai, E., Tsuru, M.: Architecture for resource controllable NVE to meet service providers’ dynamic QoS demands. In: 2013 Fourth International Conference on the Network of the Future (NOF), pp. 1–6, 23–25 October 2013

Jin, R., Wang, B.: Malware detection for mobile devices using Software-Defined Networking. In: 2013 Second GENI Research and Educational Experiment Workshop (GREE), pp. 81–88, 20–22 March 2013

Kanagavelu, R., Lee, B.S., Felipe Miguel, R., Dat, L.N.T., Mingjie, L.N.: Software defined network based adaptive routing for data replication in Data Centers. In: 2013 19th IEEE International Conference on Networks (ICON), pp. 1–6, 11–13 December 2013

Shang, Z., Chen, W., Ma, Q., Wu, B.: Design and implementation of server cluster dynamic load balancing based on OpenFlow. In: 2013 International Joint Conference on Awareness Science and Technology and Ubi-Media Computing (iCAST-UMEDIA), pp. 691–697, 2–4 November 2013

Zhang, Y., Beheshti, N., Beliveau, L., Lefebvre, G., Manghirmalani, R., Mishra, R., Patneyt, R., Shirazipour, M., Subrahmaniam, R., Truchan, C., Tatipamula, M.: StEERING: a software-defined networking for inline service chaining. In: 2013 21st IEEE International Conference on Network Protocols (ICNP), pp. 1–10, 7–10 October 2013

Sugiki, A.: An integrated management framework for virtual machines, switches, and their SDNs. In: 2013 19th IEEE International Conference on Networks (ICON), pp. 1–6, 11–13 December 2013

Song, S., Hong, S., Guan, X., Choi, B.-Y., Choi, C.: NEOD: Network Embedded On-line Disaster management framework for Software Defined Networking. In: 2013 IFIP/IEEE International Symposium on Integrated Network Management (IM 2013), pp. 492–498, 27–31 May 2013

Farias, F., Salvatti, J., Victor, P., Abelem, A.: Integrating legacy forwarding environment to OpenFlow/SDN control plane. In: 2013 15th Asia-Pacific Network Operations and Management Symposium (APNOMS), pp. 1–3, 25–27 September 2013

Jivorasetkul, S., Shimamura, M., Iida, K.: Better network latency with end-to-end header compression in SDN architecture. In: 2013 I.E. Pacific Rim Conference on Communications, Computers and Signal Processing (PACRIM), pp. 183–188, 27–29 August 2013

Nguyen, K., Minh, Q.T., Yamada, S.: Towards optimal disaster recovery in backbone networks. In: 2013 I.E. 37th Annual Computer Software and Applications Conference (COMPSAC), pp. 826–827, 22–26 July 2013

Yamashita, S., Tanaka, H., Hori, Y., Otani, M., Watanabe, K.: Development of network user authentication system using OpenFlow. In: 2013 Eighth International Conference on Broadband and Wireless Computing, Communication and Applications (BWCCA), pp. 566–569, 28–30 October 2013

Shimonishi, H., Shinohara, Y., Chiba, Y.: Vitalizing data-center networks using OpenFlow. In: 2013 I.E. Photonics Society Summer Topical Meeting Series, pp. 250–251, 8–10 July 2013

Simeonidou, D., Nejabati, R., Channegowda, M.P.: Software defined optical networks technology and infrastructure: enabling software-defined optical network operations. In: 2013 Optical Fiber Communication Conference and Exposition and the National Fiber Optic Engineers Conference (OFC/NFOEC), pp. 1–3, 17–21 March 2013

Kawasumi, R., Hirota, Y., Murakami, K., Tode, H.: Multicast distribution system with functions of time-shift and loss-recovery based on in-network caching and OpenFlow control. In: 2013 Eighth International Conference on P2P, Parallel, Grid, Cloud and Internet Computing (3PGCIC), pp. 641–646, 28–30 October 2013

Sgambelluri, A., Paolucci, F., Cugini, F., Valcarenghi, L., Castoldi, P.: Generalized SDN control for access/metro/core integration in the framework of the interface to the Routing System (I2RS). In: 2013 I.E. Globecom Workshops (GC Wkshps), pp. 1216–1220, 9–13 December 2013

Nguyen, K., Minh, Q.T., Yamada, S.: Increasing resilience of OpenFlow WANs using multipath communication. In: 2013 International Conference on IT Convergence and Security (ICITCS), pp. 1–2, 16–18 December 2013

Sadasivarao, A., Syed, S., Pan, P., Liou, C., Monga, I., Guok, C., Lake, A.: Bursting data between data centers: case for transport SDN. In: 2013 I.E. 21st Annual Symposium on High-Performance Interconnects (HOTI), pp. 87–90, 21–23 August 2013

Woesner, H., Fritzsche, D.: SDN and OpenFlow for converged access/aggregation networks. In: 2013 Optical Fiber Communication Conference and Exposition and the National Fiber Optic Engineers Conference (OFC/NFOEC), pp. 1–3, 17–21 March 2013

Munoz, R., Casellas, R., Martinez, R.: PCE: what is it, how does it work and what are its limitations? In: 2013 Optical Fiber Communication Conference and Exposition and the National Fiber Optic Engineers Conference (OFC/NFOEC), pp. 1–55, 17–21 March 2013

Kloti, R., Kotronis, V., Smith, P.: OpenFlow: a security analysis. In: 2013 21st IEEE International Conference on Network Protocols (ICNP), pp. 1–6, 7–10 October 2013

Vahlenkamp, M., Schneider, F., Kutscher, D., Seedorf, J.: Enabling information centric networking in IP networks using SDN. In: 2013 I.E. SDN for Future Networks and Services (SDN4FNS), pp. 1–6, 11–13 November 2013

Foster, N., Guha, A., Reitblatt, M., Story, A., Freedman, M.J., Katta, N.P., Monsanto, C., Reich, J., Rexford, J., Schlesinger, C., Walker, D., Harrison, R.: Languages for software-defined networks. IEEE Commun. Mag. 51 (2), 128–134 (2013)

Othman, M.M.O., Okamura, K.: Hybrid control model for flow-based networks. In: 2013 I.E. 37th Annual Computer Software and Applications Conference Workshops (COMPSACW), pp. 765–770, 22–26 July 2013

Ortiz, S.: Software-defined networking: on the verge of a breakthrough? Computer 46 (7), 10–12 (2013)

Katrinis, K., Wang, G., Schares, L.: SDN control for hybrid OCS/electrical datacenter networks: an enabler or just a convenience? In: 2013 I.E. Photonics Society Summer Topical Meeting Series, pp. 242–243, 8–10 July 2013

Ishimori, A., Farias, F., Cerqueira, E., Abelem, A.: Control of multiple packet schedulers for improving QoS on OpenFlow/SDN networking. In: 2013 Second European Workshop on Software Defined Networks (EWSDN), pp. 81–86, 10–11 October 2013

Meyer, D.: The software-defined-networking research group. IEEE Internet Comput. 17 (6), 84–87 (2013)

Pongracz, G., Molnar, L., Kis, Z.L.: Removing roadblocks from SDN: OpenFlow software switch performance on Intel DPDK. In: 2013 Second European Workshop on Software Defined Networks (EWSDN), pp. 62–67, 10–11 October 2013

Sanchez, R., Hernandez, J.A., Larrabeiti, D.: Using transparent WDM metro rings to provide an out-of-band control network for OpenFlow in MAN. In: 2013 15th International Conference on Transparent Optical Networks (ICTON), pp. 1–4, 23–27 June 2013

Park, S.M., Ju, S., Kim, J., Lee, J.: Software-defined-networking for M2M services. In: 2013 International Conference on ICT Convergence (ICTC), pp. 50–51, 14–16 October 2013

Sun, G., Liu, G., Zhang, H., Tan, W.: Architecture on mobility management in OpenFlow-based radio access networks. In: 2013 I.E. Global High Tech Congress on Electronics (GHTCE), pp. 88–92, 17–19 November 2013

Bari, M.F., Roy, A.R., Chowdhury, S.R., Zhang, Q., Zhani, M.F., Ahmed, R., Boutaba, R.: Dynamic controller provisioning in Software Defined Networks. In: 2013 9th International Conference on Network and Service Management (CNSM), pp. 18–25, 14–18 October 2013

Bakshi, K.: Considerations for Software Defined Networking (SDN): approaches and use cases. In: 2013 I.E. Aerospace Conference, pp. 1–9, 2–9 March 2013

Skoldstrom, P., John, W.: Implementation and evaluation of a carrier-grade OpenFlow virtualization scheme. In: 2013 Second European Workshop on Software Defined Networks (EWSDN), pp. 75–80, 10–11 October 2013

Kang, M., Kang, E.-Y., Hwang, D.-Y., Kim, B.-J., Nam, K.-H., Shin, M.-K., Choi, J.-Y.: Formal modeling and verification of SDN-OpenFlow. In: 2013 I.E. Sixth International Conference on Software Testing, Verification and Validation (ICST), pp. 481–482, 18–22 March 2013

Tajik, S., Rostami, A.: MultiFlow: enhancing IP multicast over IEEE 802.11 WLAN. In: 2013 IFIP Wireless Days (WD), pp. 1–8, 13–15 November 2013

Liu, L., Choi, H.Y., Casellas, R., Tsuritani, T., Morita, I., Martinez, R., Munoz, R.: Demonstration of a dynamic transparent optical network employing flexible transmitters/receivers controlled by an OpenFlow-stateless PCE integrated control plane [invited]. IEEE/OSA J. Opt. Commun. Networking 5 (10), A66–A75 (2013)

Othman, M.M.O., Okamura, K.: Enhancing control model to ease off centralized control of flow-based SDNs. In: 2013 I.E. 37th Annual Computer Software and Applications Conference (COMPSAC), pp. 467–470, 22–26 July 2013

Patel, A.N., Ji, P.N., Wang, T.: QoS-aware optical burst switching in OpenFlow based Software-Defined Optical Networks. In: 2013 17th International Conference on Optical Network Design and Modeling (ONDM), pp. 275–280, 16–19 April 2013

Basta, A., Kellerer, W., Hoffmann, M., Hoffmann, K., Schmidt, E.-D.: A virtual SDN-enabled LTE EPC architecture: a case study for S-/P-Gateways functions. In: 2013 I.E. SDN for Future Networks and Services (SDN4FNS), pp. 1–7, 11–13 November 2013

Natarajan, S., Ramaiah, A., Mathen, M.: A software defined Cloud-Gateway automation system using OpenFlow. In: 2013 I.E. 2nd International Conference on Cloud Networking (CloudNet), pp. 219–226, 11–13 November 2013

Huong, T.T., Thanh, N.H., Hung, N.T., Mueller, J., Magedanz, T.: QoE-aware resource provisioning and adaptation in IMS-based IPTV using OpenFlow. In: 2013 19th IEEE Workshop on Local & Metropolitan Area Networks (LANMAN), pp. 1–3, 10–12 April 2013

Zhao, Y., Zhang, J., Zhou, T., Yang, H., Gu, W., Lin, Y., Han, J., Li, G., Xu, H.: Time-aware software defined networking (Ta-SDN) for flexi-grid optical networks supporting data center application. In: 2013 I.E. Globecom Workshops (GC Wkshps), pp. 1221–1226, 9–13 December 2013

Ramos, R.M., Martinello, M., Esteve Rothenberg, C.: SlickFlow: resilient source routing in Data Center Networks unlocked by OpenFlow. In: 2013 I.E. 38th Conference on Local Computer Networks (LCN), pp. 606–613, 21–24 October 2013

Dimogerontakis, E., Vilata, I., Navarro, L.: Software Defined Networking for community network testbeds. In: 2013 I.E. 9th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob), pp. 111–118, 7–9 October 2013

Arefin, A., Nahrstedt, K.: Multi-stream frame rate guarantee using cross-layer synergy. In: 2013 21st IEEE International Conference on Network Protocols (ICNP), pp. 1–2, 7–10 October 2013

Vahlenkamp, M., Schneider, F., Kutscher, D., Seedorf, J.: Enabling ICN in IP networks using SDN. In: 2013 21st IEEE International Conference on Network Protocols (ICNP), pp. 1–2, 7–10 October 2013

Takagiwa, K., Ishida, S., Nishi, H.: SoR-based programmable network for future software-Defined Network. In: 2013 I.E. 37th Annual Computer Software and Applications Conference (COMPSAC), pp. 165–166, 22–26 July 2013

Bifulco, R., Schneider, F.: OpenFlow rules interactions: definition and detection. In: 2013 I.E. SDN for Future Networks and Services (SDN4FNS), pp. 1–6, 11–13 November 2013

Hu, G., Xu, K., Wu, J.: SuperFlow: a reliable, controllable and scalable architecture for large-scale enterprise networks. In: 2013 I.E. 10th International Conference on High Performance Computing and Communications & 2013 I.E. International Conference on Embedded and Ubiquitous Computing (HPCC_EUC), pp. 1195–1202, 13–15 November 2013

Casellas, R., Martinez, R., Munoz, R., Vilalta, R., Liu, L., Tsuritani, T., Morita, I.: Control and management of flexi-grid optical networks with an integrated stateful path computation element and OpenFlow controller [invited]. IEEE/OSA J. Opt. Commun. Networking 5 (10), A57–A65 (2013)

Valdivieso Caraguay, A.L., Barona Lopez, L.I., Garcia Villalba, L.J.: Evolution and challenges of Software Defined Networking. In: 2013 I.E. SDN for Future Networks and Services (SDN4FNS), pp. 1–7, 11–13 November 2013

Shah, S.A., Faiz, J., Farooq, M., Shafi, A., Mehdi, S.A.: An architectural evaluation of SDN controllers. In: 2013 I.E. International Conference on Communications (ICC), pp. 3504–3508, 9–13 June 2013

Kim, T., Lee, T., Kim, K.-H., Yeh, H., Hong, M.: An efficient packet processing protocol based on exchanging messages between switches and controller in OpenFlow networks. In: 2013 10th International Conference and Expo on Emerging Technologies for a Smarter World (CEWIT), pp. 1–5, 21–22 October 2013

Zhou, T., Gong X., Hu, Y., Que, X., Wang, W.: PindSwitch: a SDN-based protocol-independent autonomic flow processing platform. In: 2013 I.E. Globecom Workshops (GC Wkshps), pp. 842–847, 9–13 December 2013

Liu, L., Zhang, D., Tsuritani, T., Vilalta, R., Casellas, R., Hong, L., Morita, I., Guo, H., Wu, J., Martinez, R., Munoz, R.: Field trial of an OpenFlow-based unified control plane for multilayer multigranularity optical switching networks. J. Lightwave Technol. 31 (4), 506–514 (2013)

Rendon, O.M.C., Estrada-Solano, F., Granville, L.Z.: A mashup-based approach for virtual SDN management. In: 2013 I.E. 37th Annual Computer Software and Applications Conference (COMPSAC), pp. 143–152, 22–26 July 2013

Kawashima, R., Matsuo, H.: Non-tunneling edge-overlay model using OpenFlow for cloud datacenter networks. In: 2013 I.E. 5th International Conference on Cloud Computing Technology and Science (CloudCom), vol. 2, pp. 176–181, 2–5 December 2013

Kong, X., Wang, Z., Shi, X., Yin, X., Li, D.: Performance evaluation of software-defined networking with real-life ISP traffic. In: 2013 I.E. Symposium on Computers and Communications (ISCC), pp. 000541–000547, 7–10 July 2013

Channegowda, M., Nejabati, R., Simeonidou, D.: Software-defined optical networks technology and infrastructure: enabling software-defined optical network operations [invited]. IEEE/OSA J. Opt. Commun. Networking 5 (10), A274–A282 (2013)

Narayanan, R., Lin, G., Syed, A.A.; Shafiq, S., Gilani, F.: A framework to rapidly test SDN use-cases and accelerate middlebox applications. In: 2013 I.E. 38th Conference on Local Computer Networks (LCN), pp. 763–770, 21–24 October 2013

Shiraki, O., Nakagawa, Y., Hyoudou, K., Kobayashi, S., Shimizu, T.: Managing storage flows with SDN approach in I/O converged networks. In: 2013 I.E. Globecom Workshops (GC Wkshps), pp. 890–895, 9–13 December 2013

Wang, S.-Y., Chou, C.-L., Yang, C.-M.: EstiNet openflow network simulator and emulator. IEEE Commun. Mag. 51 (9), 110–117 (2013)

Hata, H.: A study of requirements for SDN switch platform. In: 2013 International Symposium on Intelligent Signal Processing and Communications Systems (ISPACS), pp. 79–84, 12–15 November 2013

Wang, J.-Q., Fu, H., Cao, C.: Software defined networking for telecom operators: architecture and applications. In: 2013 8th International ICST Conference on Communications and Networking in China (CHINACOM), pp. 828–833, 14–16 August 2013

Teixeira, J., Antichi, G., Adami, D., Del Chiaro, A., Giordano, S., Santos, A.: Datacenter in a box: test your SDN cloud-datacenter controller at home. In: 2013 Second European Workshop on Software Defined Networks (EWSDN), pp. 99–104, 10–11 October 2013

Kempf, J., Zhang, Y., Mishra, R., Beheshti, N.: Zeppelin—a third generation data center network virtualization technology based on SDN and MPLS. In: 2013 I.E. 2nd International Conference on Cloud Networking (CloudNet), pp. 1–9, 11–13 November 2013

Watashiba, Y., Hirabara, S., Date, S., Abe, H., Ichikawa, K., Kido, Y., Shimojo, S., Takemura, H.: OpenFlow network visualization software with flow control interface. In: 2013 I.E. 37th Annual Computer Software and Applications Conference (COMPSAC), pp. 475–477, 22–26 July 2013

Shimizu, T., Nakamura, T., Iwashina, S., Takita, W., Iwata, A.; Kiuchi, M., Kubota, Y., Ohhashi, M.: An experimental evaluation of dynamic virtualized networking resource control on an Evolved mobile core network: a new approach to reducing massive traffic congestion after a devastating disaster. In: 2013 I.E. Region 10 Humanitarian Technology Conference (R10-HTC), pp. 270–275, 26–29 August 2013

Azodolmolky, S., Wieder, P., Yahyapour, R.: Performance evaluation of a scalable software-defined networking deployment. In: 2013 Second European Workshop on Software Defined Networks (EWSDN), pp. 68–74, 10–11 October 2013

Sgambelluri, A., Giorgetti, A., Cugini, F., Paolucci, F., Castoldi, P.: OpenFlow-based segment protection in Ethernet networks. IEEE/OSA J. Opt. Commun. Networking 5 (9), 1066–1075 (2013)

Azodolmolky, S., Nejabati, R., Pazouki, M., Wieder, P., Yahyapour, R., Simeonidou, D.: An analytical model for software defined networking: a network calculus-based approach. In: 2013 I.E. Global Communications Conference (GLOBECOM), pp. 1397–1402, 9–13 December 2013

Bhattacharya, B., Das, D.: SDN based architecture for QoS enabled services across networks with dynamic service level agreement. In: 2013 I.E. International Conference on Advanced Networks and Telecommuncations Systems (ANTS), pp. 1–6, 15–18 December 2013

Jarschel, M., Wamser, F., Hohn, T., Zinner, T., Tran-Gia, P.: SDN-based application-aware networking on the example of YouTube video streaming. In: 2013 Second European Workshop on Software Defined Networks (EWSDN), pp. 87–92, 10–11 October 2013

Hock, D., Hartmann, M., Gebert, S., Jarschel, M., Zinner, T., Tran-Gia, P.: Pareto-optimal resilient controller placement in SDN-based core networks. In: 2013 25th International Teletraffic Congress (ITC), pp. 1–9, 10–12 September 2013

Choumas, K., Makris, N., Korakis, T., Tassiulas, L., Ott, M.: Exploiting OpenFlow resources towards a content-centric LAN. In: 2013 Second European Workshop on Software Defined Networks (EWSDN), pp. 93–98, 10–11 October 2013

da Cruz, M.A., Castro e Silva, L., Correa, S., Cardoso, K.V.: Accurate online detection of bidimensional Hierarchical Heavy Hitters in software-defined networks. In: 2013 I.E. Latin-America Conference on Communications (LATINCOM), pp. 1–6, 24–26 November 2013

Batalle, J., Ferrer Riera, J., Escalona, E., Garcia-Espin, J.A.: On the implementation of NFV over an OpenFlow infrastructure: routing function virtualization. In: 2013 I.E. SDN for Future Networks and Services (SDN4FNS), pp. 1–6, 11–13 November 2013

Detti, A., Pisa, C., Salsano, S., Blefari-Melazzi, N.: Wireless mesh Software Defined Networks (wmSDN). In: 2013 I.E. 9th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob), pp. 89–95, 7–9 October 2013

Tseng, C.-W., Yang, Y.-T., Chou, L.-D.: An IPv6-enabled Software-Defined Networking architecture. In: 2013 15th Asia-Pacific Network Operations and Management Symposium (APNOMS), pp. 1–3, 25–27 September 2013

Skoldstrom, P., Chial Sanchez, B.: Virtual aggregation using SDN. In: 2013 Second European Workshop on Software Defined Networks (EWSDN), pp. 56–61, 10–11 October 2013

Guan, X., Choi, B.-Y., Song, S.: Reliability and scalability issues in Software Defined Network frameworks. In: 2013 Second GENI Research and Educational Experiment Workshop (GREE), pp. 102–103, 20–22 March 2013

Arefin, A., Rivas, R., Tabassum, R., Nahrstedt, K.: OpenSession: SDN-based cross-layer multi-stream management protocol for 3D teleimmersion. In: 2013 21st IEEE International Conference on Network Protocols (ICNP), pp. 1–10, 7–10 October 2013

Pereini, P., Kuzniar, M., Kostic, D.: OpenFlow needs you! A call for a discussion about a cleaner OpenFlow API. In: 2013 Second European Workshop on Software Defined Networks (EWSDN), pp. 44–49, 10–11 October 2013

Luo, M.-Y., Chen, J.-Y.: Software Defined Networking across distributed datacenters over cloud. In: 2013 I.E. 5th International Conference on Cloud Computing Technology and Science (CloudCom), vol. 1, pp. 615–622, 2–5 December 2013

Hong, W., Wang, K., Hsu, Y.-H.: Application-aware resource allocation for SDN-based cloud datacenters. In: 2013 International Conference on Cloud Computing and Big Data (CloudCom-Asia), pp. 106–110, 16–19 December 2013

Autenrieth, A., Elbers, J.-P., Kaczmarek, P., Kostecki, P.: Cloud orchestration with SDN/OpenFlow in carrier transport networks. In: 2013 15th International Conference on Transparent Optical Networks (ICTON), pp. 1–4, 23–27 June 2013

Choi, H.Y., Liu, L., Tsuritani, T., Morita, I.: Demonstration of BER-adaptive WSON employing flexible transmitter/receiver with an extended OpenFlow-based control plane. IEEE Photon. Technol. Lett. 25 (2), 119–121 (2013)

Schwarz, M.F., Rojas, M.A.T., Miers, C.C., Redigolo, F.F., Carvalho, T.C.M.B.: Emulated and software defined networking convergence. In: 2013 IFIP/IEEE International Symposium on Integrated Network Management (IM 2013), pp. 700–703, 27–31 May 2013

Todorovic, M.J., Krajnovic, N.D.: Simulation analysis of SDN network capabilities. In: 2013 21st Telecommunications Forum (TELFOR), pp. 38–41, 26–28 November 2013

Bueno, I., Aznar, J.I., Escalona, E., Ferrer, J., Antoni Garcia-Espin, J.: An OpenNaaS based SDN framework for dynamic QoS control. In: 2013 I.E. SDN for Future Networks and Services (SDN4FNS), pp. 1–7, 11–13 November 2013

Namal, S., Ahmad, I., Gurtov, A., Ylianttila, M.: Enabling secure mobility with OpenFlow. In: 2013 I.E. SDN for Future Networks and Services (SDN4FNS), pp. 1–5, 11–13 November 2013

Kim, N., Yoo, J.-Y., Kim, N.L., Kim, J.: A programmable networking switch node with in-network processing support. In: 2012 I.E. International Conference on Communications (ICC), pp. 6611–6615, 10–15 June 2012

Haleplidis, E., Denazis, S., Koufopavlou, O., Halpern, J., Salim, J.H.: Software-Defined Networking: experimenting with the control to forwarding plane interface. In: 2012 European Workshop on Software Defined Networking (EWSDN), pp. 91–96, 25–26 October 2012

Gunter, D., Kettimuthu, R., Kissel, E., Swany, M., Yi, J., Zurawski, J.: Exploiting network parallelism for improving data transfer performance. In: 2012 SC Companion High Performance Computing, Networking, Storage and Analysis (SCC), pp. 1600–1606, 10–16 November 2012

Kissel, E., Fernandes, G., Jaffee, M., Swany, M., Zhang, M.: Driving Software Defined Networks with XSP. In: 2012 I.E. International Conference on Communications (ICC), pp. 6616–6621, 10–15 June 2012

Shirazipour, M., Zhang, Y., Beheshti, N., Lefebvre, G., Tatipamula, M.: OpenFlow and multi-layer extensions: overview and next steps. In: 2012 European Workshop on Software Defined Networking (EWSDN), pp. 13–17, 25–26 October 2012

Syrivelis, D., Parisis, G., Trossen, D., Flegkas, P., Sourlas, V., Korakis, T., Tassiulas, L.: Pursuing a Software Defined Information-centric network. In: 2012 European Workshop on Software Defined Networking (EWSDN), pp. 103–108, 25–26 October 2012

Hu, Y., Wang, W., Gong, X., Que, X., Cheng, S.: BalanceFlow: controller load balancing for OpenFlow networks. In: 2012 I.E. 2nd International Conference on Cloud Computing and Intelligent Systems (CCIS), vol. 02, pp. 780–785, 30 October 2012–1 November 2012

Kawashima, R.: vNFC: a virtual networking function container for SDN-enabled virtual networks. In: 2012 Second Symposium on Network Cloud Computing and Applications (NCCA), pp. 124–129, 3–4 December 2012

de Oliveira Silva, F., de Souza Pereira, J.H., Rosa, P.F., Kofuji, S.T.: Enabling future internet architecture research and experimentation by using Software Defined Networking. In: 2012 European Workshop on Software Defined Networking (EWSDN), pp. 73–78, 25–26 October 2012

Ujcich, B., Wang, K.-C., Parker, B., Schmiedt, D.: Thoughts on the Internet architecture from a modern enterprise network outage. In: 2012 I.E. Network Operations and Management Symposium (NOMS), pp. 494–497, 16–20 April 2012

Wang, W., Hu, Y., Que, X., Gong, X.: Autonomicity design in OpenFlow based Software Defined Networking. In: 2012 I.E. Globecom Workshops (GC Wkshps), pp. 818–823, 3–7 December 2012

Lara, A., Kolasani, A., Ramamurthy, B.: Simplifying network management using Software Defined Networking and OpenFlow. In: 2012 I.E. International Conference on Advanced Networks and Telecommuncations Systems (ANTS), pp. 24–29, 16–19 December 2012

Narayan, S., Bailey, S., Daga, A: Hadoop acceleration in an OpenFlow-based cluster. In: 2012 SC Companion High Performance Computing, Networking, Storage and Analysis (SCC), pp. 535–538, 10–16 November 2012

Narayanan, R., Kotha, S., Lin, G., Khan, A., Rizvi, S., Javed, W., Khan, H., Khayam, S.A.: Macroflows and microflows: enabling rapid network innovation through a split SDN data plane. In: 2012 European Workshop on Software Defined Networking (EWSDN), pp. 79–84, 25–26 October 2012

Jarschel, M., Lehrieder, F., Magyari, Z., Pries, R.: A flexible OpenFlow-controller benchmark. In: 2012 European Workshop on Software Defined Networking (EWSDN), pp. 48–53, 25–26 October 2012

Shirazipour, M., John, W., Kempf, J., Green, H., Tatipamula, M.: Realizing packet-optical integration with SDN and OpenFlow 1.1 extensions. In: 2012 I.E. International Conference on Communications (ICC), , pp. 6633–6637, 10–15 June 2012

Risdianto, A.C., Mulyana, E.: Implementation and analysis of control and forwarding plane for SDN. In: 2012 7th International Conference on Telecommunication Systems, Services, and Applications (TSSA), pp. 227–231, 30–31 October 2012

Veltri, L., Morabito, G., Salsano, S., Blefari-Melazzi, N., Detti, A.: Supporting information-centric functionality in software defined networks. In: 2012 I.E. International Conference on Communications (ICC), pp. 6645–6650, 10–15 June 2012

Bennesby, R., Fonseca, P., Mota, E., Passito, A: An inter-AS routing component for software-defined networks. In: 2012 I.E. Network Operations and Management Symposium (NOMS), pp. 138–145, 16–20 April 2012

Sonkoly, B., Gulyas, A., Nemeth, F., Czentye, J., Kurucz, K., Novak, B., Vaszkun, G.: On QoS support to Ofelia and OpenFlow. In: 2012 European Workshop on Software Defined Networking (EWSDN), pp. 109–113, 25–26 October 2012

Egilmez, H.E., Dane, S.T., Bagci, K.T., Tekalp, A.M.: OpenQoS: an OpenFlow controller design for multimedia delivery with end-to-end Quality of Service over Software-Defined Networks. In: 2012 Asia-Pacific Signal & Information Processing Association Annual Summit and Conference (APSIPA ASC), pp. 1–8, 3–6 December 2012

Kind, M., Westphal, F., Gladisch, A., Topp, S.: SplitArchitecture: applying the Software Defined Networking concept to carrier networks. In: 2012 World Telecommunications Congress (WTC), pp. 1–6, 5–6 March 2012

Ruth, P., Mandal, A., Xin, Y., Baldine, I., Heerman, C., Chase, J.: Dynamic network provisioning for data intensive applications in the cloud. In: 2012 I.E. 8th International Conference on E-Science (e-Science), pp. 1–2, 8–12 October 2012

Fonseca, P., Bennesby, R., Mota, E., Passito, A.: A replication component for resilient OpenFlow-based networking. In: 2012 I.E. Network Operations and Management Symposium (NOMS), pp. 933–939, 16–20 April 2012

Paul, S., Jain, R.: OpenADN: mobile apps on global clouds using OpenFlow and Software Defined Networking. In: 2012 I.E. Globecom Workshops (GC Wkshps), pp. 719–723, 3–7 December 2012

de Oliveira Silva, F., Goncalves, M.A., de Souza Pereira, J.H., Pasquini, R., Rosa, P.F., Kofuji, S.T.: On the analysis of multicast traffic over the Entity Title Architecture. In: 2012 18th IEEE International Conference on Networks (ICON), , pp. 30–35, 12–14 December 2012

Devlic, A., John, W., Skoldstrom, P.: A use-case based analysis of network management functions in the ONF SDN model. In: 2012 European Workshop on Software Defined Networking (EWSDN), pp. 85–90, 25–26 October 2012

Kawai, E.: Can SDN Help HPC?. In: 2012 IEEE/IPSJ 12th International Symposium on Applications and the Internet (SAINT), pp. 210–210, 16–20 July 2012

Monga, I., Pouyoul, E., Guok, C.: Software-Defined Networking for big-data science—architectural models from campus to the WAN. In: 2012 SC Companion High Performance Computing, Networking, Storage and Analysis (SCC), pp. 1629–1635, 10–16 November 2012

Das, S., Parulkar, G., McKeown, N.: Why OpenFlow/SDN can succeed where GMPLS failed. In: 2012 38th European Conference and Exhibition on Optical Communications (ECOC), pp. 1–3, 16–20 September 2012

Matias, J., Tornero, B., Mendiola, A., Jacob, E., Toledo, N.: Implementing layer 2 network virtualization using OpenFlow: challenges and solutions. In: 2012 European Workshop on Software Defined Networking (EWSDN), pp. 30–35, 25–26 October 2012

Naudts, B., Kind, M., Westphal, F., Verbrugge, S., Colle, D., Pickavet, M.: Techno-economic analysis of Software Defined Networking as architecture for the virtualization of a mobile network. In: 2012 European Workshop on Software Defined Networking (EWSDN), pp. 67–72, 25–26 October 2012

Kempf, J., Johansson, B., Pettersson, S., Luning, H., Nilsson, T.: Moving the mobile Evolved Packet Core to the cloud. In: 2012 I.E. 8th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob), pp. 784–791, 8–10 October 2012

Jeong, K., Kim, J., Kim, Y.-T.: QoS-aware network operating system for software defined networking with generalized OpenFlows. In: 2012 I.E. Network Operations and Management Symposium (NOMS), pp. 1167–1174, 16–20 April 2012

Bifulco, R., Canonico, R., Brunner, M., Hasselmeyer, P., Mir, F.: A practical experience in designing an OpenFlow controller. In: 2012 European Workshop on Software Defined Networking (EWSDN), pp. 61–66, 25–26 October 2012

Kang, M., Park, J., Choi, J.-Y., Nam, K.-H., Shin, M.-K.: Process algebraic specification of Software Defined Networks. In: 2012 Fourth International Conference on Computational Intelligence, Communication Systems and Networks (CICSyN), pp. 359–363, 24–26 July 2012

Lin, H., Sun, L., Fan, Y., Guo, S.: Apply embedded openflow MPLS technology on wireless Openflow—OpenRoads. In: 2012 2nd International Conference on Consumer Electronics, Communications and Networks (CECNet), pp. 916–919, 21–23 April 2012

Boughzala, B., Ben Ali, R., Lemay, M., Lemieux, Y., Cherkaoui, O.: OpenFlow supporting inter-domain virtual machine migration. In: 2011 Eighth International Conference on Wireless and Optical Communications Networks (WOCN), pp. 1–7, 24–26 May 2011

Scott-Hayward, S., O’Callaghan, G., Sezer, S.: SDN security: a survey in 2013 I.E. SDN for Future Networks and Services (SDN4FNS).

Jarraya, Y., Madi, T., Debbabi, M.: A survey and a layered taxonomy of Software-Defined Networking. IEEE Commun. Surv. Tut. 16 (1) (2014)

Mendonca, M., Nunes, B.A.A., Nguyen, X.-N., Obraczka, K., Turletti, T.: A survey of Software-Defined Networking: past, present, and future of programmable networks. hal-00825087, version 2 (2013)

Kreutz, D., Ramos, F.M.V., Verissimo, P., Rothenberg, C.E., Azodolmolky, S., Uhlig, S.: Software-Defined Networking: a comprehensive survey. Proc. IEEE 104 , 14–76 (2014)

Hu, F., Hao, Q., Bao, K.: A survey on Software-Defined Network (SDN) and OpenFlow: from concept to implementation. IEEE Commun. Surv. Tut. (2014)

Casado, M., Garfinkel, T., Akella, A., Freedman, M.J., Boneh, D., McKeown, N., Shenker, S.: SANE: a protection architecture for enterprise networks. In: Proceedings of the 15th Conference on USENIX Security Symposium, vol. 15, ser. USENIX-SS’06, Berkeley, CA, USA (2006)

Feamster, N., Balakrishnan, H., Rexford, J., Shaikh, A., van der Merwe, J.: The case for separating routing from routers. In: Proceedings of the ACM SIGCOMM Workshop on Future Directions in Network Architecture, ser. FDNA’04. ACM, New York, NY, USA, pp. 5–12 (2004)

Casado, M., Freedman, M.J., Pettit, J., Luo, J., McKeown, N., Shenker, S.: Ethane: taking control of the enterprise. In: SIGCOMM, pp. 1–12 (2007)

McKeown, N., Anderson, T., Balakrishnan, H., Parulkar, G.M., Peterson, L.L., Rexford, J., Shenker, S., Turner, J.S.: OpenFlow: enabling innovation in campus networks. Comput. Commun. Rev. 38 (2), 69–74 (2008)

Gude, N., Koponen, T., Pettit, J., Pfaff, B., Casado, M., McKeown, N.: Scott Shenker: NOX: towards an operating system for networks. Comput. Commun. Rev. 38 (3), 105–110 (2008)

Benson, T., Akella, A., Maltz, D.A.: Network traffic characteristics of data centers in the wild. In: Internet Measurement Conference, pp. 267–280 (2010)

Mysore, R.N., Pamboris, A., Farrington, N., Huang, N., Miri, P., Radhakrishnan, S., Subramanya, V., Vahdat, A.: PortLand: a scalable fault-tolerant layer 2 data center network fabric. In: SIGCOMM, pp. 39–50 (2009)

Heller, B., Seetharaman, S., Mahadevan, P., Yiakoumis, Y., Sharma, P., Banerjee, S., McKeown, N.: ElasticTree: saving energy in data center networks. In: NSDI, pp. 249–264 (2010)

Koponen, T., Casado, M., Gude, N., Stribling, J., Poutievski, L., Zhu, M., Ramanathan, R., Iwata, Y., Inoue, H., Hama, T., Shenker, S.: Onix: a distributed control platform for large-scale production networks. In: OSDI, pp. 351–364 (2010)

Dobrescu, M., Egi, N., Argyraki, K.J., Chun, B.-G., Fall, K.R., Iannaccone, G., Knies, A., Manesh, M., Ratnasamy, S.: RouteBricks: exploiting parallelism to scale software routers. In: SOSP, pp. 15–28 (2009)

Han, S., Jang, K., Park, K., Moon, S.B.: PacketShader: a GPU-accelerated software router. In: SIGCOMM, pp. 195–206 (2010)

Curtis, A.R., Mogul, J.C., Tourrilhes, J., Yalagandula, P., Sharma, P., Banerjee, S.: DevoFlow: scaling flow management for high-performance networks. In: SIGCOMM, pp. 254–265 (2011)

Farrington, N., Porter, G., Radhakrishnan, S., Bazzaz, H.H., Subramanya, V., Fainman, Y., Papen, G., Vahdat, A.: Helios: a hybrid electrical/optical switch architecture for modular data centers. In: SIGCOMM, pp. 339–350 (2010)

Lantz, B., Heller, B., McKeown, N.: A network in a laptop: rapid prototyping for software-defined networks. In: HotNets, p. 19 (2010)

Sherwood, R., Gibb, G., Yap, K.-K., Appenzeller, G., Casado, M., McKeown, N., Parulkar, G.: FlowVisor: a network virtualization. Layer. Tech. Rep. OPENFLOW-TR-2009-01, OpenFlow Consortium, October 2009

Guo, C., Lu, G., Wang, H.J., Yang, S., Kong, C., Sun, P., Wu, W., Zhang, Y.: SecondNet: a data center network virtualization architecture with bandwidth guarantees. In: CoNEXT, p. 15 (2010)

Sherwood, R., Gibb, G., Yap, K.-K., Appenzeller, G., Casado, M., McKeown, N., Parulkar, G.M.: Can the production network be the Testbed? In: OSDI, pp. 365–378 (2010)

Ganjali, Y., Tootoonchian, A.: HyperFlow: a distributed control plane for OpenFlow. In: INM/WREN (2008)

Foster, N., Harrison, R., Freedman, M.J., Monsanto, C., Rexford, J., Story, A., Walker, D.: Frenetic: a network programming language. In: ICFP, pp. 279–291 (2011)

Reitblatt, M., Foster, N., Rexford, J., Schlesinger, C., Walker, D.: Abstractions for network update. In: SIGCOMM, pp. 323–334 (2012)

Kazemian, P., Varghese, G., McKeown, N.: Header space analysis: static checking for networks. In: NSDI, pp. 113–126 (2012)

Sherwood, R., Chan, M., Adam Covington, G., Gibb, G., Flajslik, M., Handigol, N., Huang, T.-Y., Kazemian, P., Kobayashi, M., Naous, J., Seetharaman, S., Underhill, D., Yabe, T., Yap, K.-K., Yiakoumis, Y., Zeng, H., Appenzeller, G., Johari, R., McKeown, N., Parulkar, G.M.: Carving research slices out of your production networks with OpenFlow. Comput. Commun. Rev. 40 (1), 129–130 (2010)

Khurshid, A., Zou, X., Zhou, W., Caesar, M., Brighten Godfrey, P.: VeriFlow: verifying network-wide invariants in real time. In: NSDI, pp. 15–27 (2013)

Song, H.: Protocol-oblivious forwarding: unleash the power of SDN through a future-proof forwarding plane. In: Proceedings of the Second ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking (HotSDN '13). ACM, New York, NY, USA, pp. 127–132. doi: 10.1145/2491185.2491190 (2013)

Cabral, C.M.S., Rothenberg, C.E., Magalhes, M.F.: Reproducing real NDN experiments using mini-CCNx. In: Proceedings of the 3rd ACM SIGCOMM Workshop on Information-Centric Networking (ICN '13). ACM, New York, NY, USA, pp. 45–46. doi: 10.1145/2491224.2491242 (2013)

Voellmy, A., Kim, H., Feamster, N.: Procera: a language for high-level reactive network control. In: Proceedings of the First Workshop on Hot Topics in Software Defined Networks (HotSDN '12). ACM, New York, NY, USA, pp. 43–48. doi: 10.1145/2342441.2342451 (2012)

Qazi, Z.A., Tu, C.-C., Chiang, L., Miao, R., Sekar, V., Yu, M.: SIMPLE-fying middlebox policy enforcement using SDN. SIGCOMM Comput. Commun. Rev. 43 (4), 27–38 (2013). doi: 10.1145/2534169.2486022

Fayazbakhsh, S.K., Sekar, V., Yu, M., Mogul, J.C.: FlowTags: enforcing network-wide policies in the presence of dynamic middlebox actions. In: Proceedings of the Second ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking (HotSDN '13). ACM, New York, NY, USA, pp. 19–24. doi: 10.1145/2491185.2491203 (2013)

Monaco, M., Michel, O., Keller, E.: Applying operating system principles to SDN controller design. In: Proceedings of the Twelfth ACM Workshop on Hot Topics in Networks (HotNets-XII). ACM, New York, NY, USA, Article 2, 7 pages. doi: 10.1145/2535771.2535789 (2013)

McGeer, R.: A correct, zero-overhead protocol for network updates. In: Proceedings of the Second ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking (HotSDN '13). ACM, New York, NY, USA, pp. 161–162. doi: 10.1145/2491185.2491217 (2013)

Gupta, M., Sommers, J., Barford, P.: Fast, accurate simulation for SDN prototyping. In: Proceedings of the Second ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking (HotSDN '13). ACM, New York, NY, USA, pp. 31–36. doi: 10.1145/2491185.2491202 (2013)

Kuzniar, M., Peresini, P., Canini, M., Venzano, D., Kostic, D.: A SOFT way for openflow switch interoperability testing. In: Proceedings of the 8th International Conference on Emerging Networking Experiments and Technologies (CoNEXT '12). ACM, New York, NY, USA, pp. 265–276. doi: 10.1145/2413176.2413207 (2012)

Vishnoi, A., Poddar, R., Mann, V., Bhattacharya, S., Effective switch memory management in OpenFlow networks. In: Proceedings of the 8th ACM International Conference on Distributed Event-Based Systems (DEBS '14). ACM, New York, NY, USA, pp. 177–188. doi: 10.1145/2611286.2611301 (2014)

Haw, R., Hong, C.S., Lee, S.: An efficient content delivery framework for SDN based LTE network. In: Proceedings of the 8th International Conference on Ubiquitous Information Management and Communication (ICUIMC '14). ACM, New York, NY, USA, Article 71, 6 pages. doi: 10.1145/2557977.2558087 (2014)

Voellmy, A., Wang, J., Yang, Y.R., Ford, B., Hudak, P.: Maple: simplifying SDN programming using algorithmic policies. SIGCOMM Comput. Commun. Rev. 43 (4), 87–98 (2013). doi: 10.1145/2534169.2486030

Choi, T., Kang, S., Yoon, S., Yang, S., Song, S., Park, H.: SuVMF: software-defined unified virtual monitoring function for SDN-based large-scale networks. In: Proceedings of the Ninth International Conference on Future Internet Technologies (CFI '14). ACM, New York, NY, USA, Article 4, 6 pages. doi: 10.1145/2619287.2619299 (2014)

Nelson, T., Ferguson, A.D., Scheer, M.J.G., Krishnamurthi, S.: Tierless programming and reasoning for software-defined networks. In: Proceedings of the 11th USENIX Conference on Networked Systems Design and Implementation (NSDI'14). USENIX Association, Berkeley, CA, USA, pp. 519-531 (2014)

Erickson, D.: The beacon openflow controller. In: Proceedings of the Second ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking (HotSDN '13). ACM, New York, NY, USA, pp. 13–18. doi: 10.1145/2491185.2491189 (2013)

Bozakov, Z., Papadimitriou, P.: AutoSlice: automated and scalable slicing for software-defined networks. In: Proceedings of the 2012 ACM Conference on CoNEXT Student Workshop (CoNEXT Student '12). ACM, New York, NY, USA, pp. 3–4. doi: 10.1145/2413247.2413251 (2012)

Reitblatt, M., Canini, M., Guha, A., Foster, N.: FatTire: declarative fault tolerance for software-defined networks. In: Proceedings of the Second ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking</em > (HotSDN '13). ACM, New York, NY, USA, pp. 109–114. doi: 10.1145/2491185.2491187 (2013)

Porras, P., Shin, S., Yegneswaran, V., Fong, M., Tyson, M., Gu, G.: A security enforcement kernel for OpenFlow networks. In: Proceedings of the First Workshop on Hot Topics in Software Defined Networks (HotSDN '12). ACM, New York, NY, USA, pp. 121–126. doi: 10.1145/2342441.2342466 (2012)

Monsanto, C., Foster, N., Harrison, R., Walker, D.: A compiler and run-time system for network programming languages. In: Proceedings of the 39th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL '12). ACM, New York, NY, USA, pp. 217–230. doi: 10.1145/2103656.2103685 (2012)

Georgopoulos, P., Elkhatib, Y., Broadbent, M., Mu, M., Race, N.: Towards network-wide QoE fairness using openflow-assisted adaptive video streaming. In: Proceedings of the 2013 ACM SIGCOMM Workshop on Future Human-Centric Multimedia Networking (FhMN '13). ACM, New York, NY, USA, pp. 15–20. doi: 10.1145/2491172.2491181 (2013)

Handigol, N., Heller, B., Jeyakumar, V., Mazires, D., McKeown, N.: Where is the debugger for my software-defined network?. In: Proceedings of the First Workshop on Hot Topics in Software Defined Networks (HotSDN '12). ACM, New York, NY, USA, pp. 55–60. doi: 10.1145/2342441.2342453 (2012)

Vanbever, L., Reich, J., Benson, T., Foster, N., Rexford, J.: HotSwap: correct and efficient controller upgrades for software-defined networks. In: Proceedings of the Second ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking (HotSDN '13). ACM, New York, NY, USA, pp. 133–138. doi: 10.1145/2491185.2491194 (2013)

Anderson, C.J., Foster, N., Guha, A., Jeannin, J.-B., Kozen, D., Schlesinger, C., Walker, D.: NetKAT: semantic foundations for networks. In: Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL '14). ACM, New York, NY, USA, pp. 113–126. doi: 10.1145/2535838.2535862 (2014)

Qazi, Z.A., Lee, J., Jin, T., Bellala, G., Arndt, M., Noubir, G.: Application-awareness in SDN. SIGCOMM Comput. Commun. Rev. 43 (4), 487–488 (2013). doi: 10.1145/2534169.2491700

Khan, K.R., Ahmed, Z., Ahmed, S., Syed, A., Khayam, S.A.: Rapid and scalable isp service delivery through a programmable middlebox. SIGCOMM Comput. Commun. Rev. 44 (3), 31–37 (2014). doi: 10.1145/2656877.2656882

Jafarian, J.H., Al-Shaer, E., Duan, Q.: Openflow random host mutation: transparent moving target defense using software defined networking. In: Proceedings of the First Workshop on Hot Topics in Software Defined Networks (HotSDN '12). ACM, New York, NY, USA, pp. 127–132. doi: 10.1145/2342441.2342467 (2012)

Dixit, A., Hao, F., Mukherjee, S., Lakshman, T.V., Kompella, R.: Towards an elastic distributed SDN controller. SIGCOMM Comput. Commun. Rev. 43 (4), 7–12 (2013). doi: 10.1145/2534169.2491193

Yu, Z., Li, M., Liu, Y., Li, X. GatorCloud: a fine-grained and dynamic resourcesharing architecture for multiple cloud services. In: Proceedings of the 2014 ACM International Workshop on Software-Defined Ecosystems (BigSystem '14). ACM, New York, NY, USA, pp. 13–20. doi: 10.1145/2609441.2609640 (2014)

Sun, W., Ricci, R.: Fast and flexible: parallel packet processing with GPUs and click. In: Proceedings of the Ninth ACM/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS '13). IEEE Press, Piscataway, NJ, USA, pp. 25–36 (2013)

Vestin, J., Dely, P., Kassler, A., Bayer, N., Einsiedler, H., Peylo, C.: CloudMAC: towards software defined WLANs. SIGMOBILE Mob. Comput. Commun. Rev. 16 (4), 42–45 (2013). doi: 10.1145/2436196.2436217

Hong, C.-Y., Kandula, S., Mahajan, R., Zhang, M., Gill, V., Nanduri, M., Wattenhofer, R.: Achieving high utilization with software-driven WAN. SIGCOMM Comput. Commun. Rev. 43 (4), 15–26 (2013). doi: 10.1145/2534169.2486012

Nelson, T., Guha, A., Dougherty, D.J., Fisler, K., Krishnamurthi, S.: A balance of power: expressive, analyzable controller programming. In: Proceedings of the Second ACM SIGCOMM workshop on Hot Topics in Software Defined Networking (HotSDN '13). ACM, New York, NY, USA, pp. 79–84. doi: 10.1145/2491185.2491201 (2013)

Ghobadi, M., Yeganeh, S.H., Ganjali, Y.: Rethinking end-to-end congestion control in software-defined networks. In: Proceedings of the 11th ACM Workshop on Hot Topics in Networks (HotNets-XI). ACM, New York, NY, USA, pp. 61–66. doi: 10.1145/2390231.2390242 (2012)

Sezer, S., Scott-Hayward, S., Chouhan, P.K., Fraser, B., Lake, D., Finnegan, J., Viljoen, N., Miller, M., Rao, N.: Are we ready for SDN? Implementation challenges for software-defined networks. IEEE Commun. Mag. 51 (7), 36–43 (2013). doi: 10.1109/MCOM.2013.6553676

Hakiria, A., Gokhale, A., Berthoua, P., Schmidt, D.C., Thierrya. G.: Software-defined Networking: challenges and research opportunities for FutureInternet. Preprint submitted to Elsevier 30 July 2014

Yeganeh, S.H., Tootoonchian, A., Ganjali, Y.: On scalability of software-defined networking. IEEE Commun. Mag. 51 (2), 136–141 (2013). doi: 10.1109/MCOM.2013.6461198

Tootoonchian, A. et al.: On controller performance in Software-Defined Networks. In: Proc. USENIX Hot-ICE’12, p. 10 (2012)

Yu, M. et al.: Scalable flow-based networking with DIFANE. In: Proc. ACM SIGCOMM 2010 Conf., pp. 351–362 (2010)

Banafa, A.: Software-Defined Networking (SDN): an opportunity ? a distinguished tenured faculty in Heald College, 30 March 2014

Yegulalp, S.: five sdn benefits enterprises should consider, 12, July 2013. http://www.networkcomputing.com/networking/five-sdn-benefits-enterprises-should-consider/a/d-id/1234292 ? Accessed 12 September 2014

Kepes, B., SDN meets the real-world: implementation benefits and challenges, Gigaom Research, 29 May 2014. http://www.nuagenetworks.net/wp-content/uploads/2014/06/Gigaom-Research-SDN-Meets-the-Real-World-Final.pdf . Accessed 12 September 2014

Li, L.E., Mao, Z.M., Rexford, J.: Toward Software-Defined Cellularnetworks. In: Proceedings of IEEE EWSDN (2012)

Jin, X., Li, L.E., Vanbever, L., Rexford, J.: SoftCell: Scalable and FlexibleCellular Core Network Architecture. In: Proceedings of ACM CoNEXT2013 (2013)

Feamster, N., Rexford, J., Zegura, E.: The road to SDN: an intellectual history of programmable networks. SIGCOMM Comput. Commun. Rev. 44 (2), 87–98 (2014)

Levin, D., Wundsam, A., Heller, B., Handigol, N., Feldmann, A.: Logically centralized?: state distribution trade-offs in software defined networks. In: Proceedings of the First Workshop on Hot Topics in Software Defined Networks (HotSDN '12). ACM, New York, NY, USA (2012)

Kreutz, D., Ramos, F.M.V., Verissimo, P.: Towards secure and dependable software-defined networks. In: Proceedings of the Second ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking (HotSDN '13). ACM, New York, NY, USA (2013)

Jammala, M., Singha, T., Shamia, A., Asal, R., Li, Y.: Software-Defined Networking: state of the art and research challenges. Submitted for review and possible publication in Elsevier’s Journal of Computer Networks (2014)

Kim, Y.-J., He, K., Thottan, M., Deshpande, J.G.: Self-configurable and scalable utility communications enabled by software-defined networks. In: Proceedings of the 5th International Conference On Future Energy Systems (e-Energy '14). ACM, New York, NY, USA (2014)

Voellmy, A., Wang, J.: Scalable software defined network controllers. SIGCOMM Comput. Commun. Rev. 42 (4), 289–290 (2012)

IBM, Software-Defined Networking: a new paradigm for virtual, dynamic, flexible networking, October 2012

Sun, L., Suzuki, K., Yasunobu, C., Hatano, Y., Shimonishi, H.: A network management solution based on OpenFlow towards new challenges of multitenant data centers. In: Proceedings, 2012 Ninth Asia Pacific Symposium on Information and Telecommunication Technologies (APSITT), pp. 1–6, 5–9 November 2012

Pries, R., Jarschel, M., Goll, S.: On the usability of OpenFlow in data center environments. In: Proceedings, 2012 I.E. International Conference on Communications (ICC), pp. 5533–5537, 10–15 June 2012

HP: Realizing the power of SDN with HP virtual application networks. http://h17007.www1.hp.com/docs/interopny/4AA4-3871ENW.pdf (2012)

Brocade communications systems: network transformation with software-defined networking and Ethernet fabrics, CA, USA (2012)

Nunes, B.A.A., Mendonca, M., Nguyen, X.-N., Obraczka, K., Turletti, T.: A survey of Software-Defined Networking: past, present, and future of programmable networks. IEEE Commun. Surv. Tut. (2014)

Scott, C., Wundsam, A., Raghavan, B., Panda, A., Or, A., Lai, J., Huang, E., Liu, Z., El-Hassany, A., Whitlock, S., Acharya, H.B., Zarifis, K., Shenker, S.: Troubleshooting blackbox SDN control software with minimal causal sequences. In: Proceedings of the 2014 ACM Conference on SIGCOMM (SIGCOMM '14). ACM, New York, NY, USA (2014)

Kotronis, V., Dimitropoulos, X., Ager, B.: Outsourcing the routing control logic: better internet routing based on SDN principles. In: Proceedings of the 11th ACM Workshop on Hot Topics in Networks (HotNets-XI). ACM, New York, NY, USA (2012)

Heller, B., Scott, C., McKeown, N., Shenker, S., Wundsam, A., Zeng, H., Whitlock, S., Jeyakumar, V., Handigol, N., McCauley, J., Zarifis, K., Kazemian, P.: Leveraging SDN layering to systematically troubleshoot networks. In: Proceedings of the Second ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking (HotSDN '13). ACM, New York, NY, USA (2013)

Agarwal, K., Rozner, E., Dixon, C., Carter, J. SDN traceroute: tracing SDN forwarding without changing network behavior. In: Proceedings of the Third Workshop on Hot Topics in Software Defined Networking (HotSDN '14). ACM, New York, NY, USA (2014)

Jin, D., Nicol, D.M.: Parallel simulation of software defined networks. In: Proceedings of the 2013 ACM SIGSIM Conference on Principles of Advanced Discrete Simulation (SIGSIM-PADS '13). ACM, New York, NY, USA (2013)

Farhadi, A., Du, P., Nakao, A.: User-defined actions for SDN. In: Proceedings of the Ninth International Conference on Future Internet Technologies (CFI '14). ACM, New York, NY (2014)

Na, T., Kim, J.W.: Inter-connection automation for OF@TEIN multi-point international OpenFlow islands. In: Proceedings of the Ninth International Conference on Future Internet Technologies (CFI '14). ACM, New York, NY, USA (2014)

Sivaraman, V., Moors, T., Gharakheili, H.H., Ong, D., Matthews, J., Russell, C. Virtualizing the access network via open APIs. In: Proceedings of the Ninth ACM Conference on Emerging Networking Experiments and Technologies (CoNEXT '13). ACM, New York, NY, USA (2013)

Ashton, M. et al.: Ten Things to Look for in an SDN Controller, Technical Report (2013)

Yazıcı, V., Sunay, O., Ercan, A.O.: Controlling a Software-Defined Network via distributed controllers. NEM Summit, Istanbul, Turkey. http://faculty.ozyegin.edu.tr/aliercan/files/2012/10/YaziciNEM12.pdf , October (2012)

Macapuna, C.A.B., Rothenberg, C.E., Magalhaes, M.F.: In-PacketBloom filter-based data-center networking with distributed OpenFlow controllers. In: IEEE 2010GLOBECOM Workshops, pp. 584–588, 6–10 December 2010

Marsan, C.D.: IAB Panel Debates Management Benefits, SecurityChallenges of Software-Defined Networking. IETF Journal, October 2012

Cai, Z., Cox, A.L., Ng, T.S.E.: Maestro: a system for scalable OpenFlow control. Rice University Technical Report TR10-08, December 2010

Cai, Z., Cox, A.L., Ng, T.S.E., Maestro: balancing fairness, latency, and throughput in the OpenFlow control plane. Rice University Technical Report TR11-07, December 2011

Heller, B., Sherwood, R., McKeown, N.: The controller placement problem. In: First workshop on hot topics in Software-Defined Networks, pp. 7–12 (2012)

Hu, Y.-N., Wang,W.-D., et al.: On the placement of controllers in Software-Defined Networks. , October 2012

Alsmadi, I.: The integration of access control levels based on SDN. Int. J. High Perform. Comput. Netw. 9 (4), 281–290 (2016). doi: 10.1504/IJHPCN.2016.077820

Aleroud, A., Alsmadi, I.: Identifying DoS attacks on Software Defined Networks: a relation context approach. In: NOMS (2016)

Alsmadi, I., Munakami, M., Xu, D.: Model-based testing of SDN firewalls: a case study. In: Proceedings of the Second International Conference on Trustworthy Systems and Their Applications (TSA’15), Taiwan, July 2015

Alsmadi, I., Xu, D.: Security of Software Defined Networks: a survey. Comput. Secur. 53 , 79–108 (2015)

Baker, C., Anjum, A., Hill, R., Bessis, N., Kiani, S.L.: Improving cloud datacenter scalability, agility and performance using OpenFlow. In: Proceedings, 2012 Fourth International Conference on Intelligent Networking and Collaborative Systems (INCoS), pp. 20–27, 19–21 September 2012

Download references

Author information

Authors and affiliations.

Department of Computing and Cyber Security, University of Texas A&M, One University Way, San Antonio, 78224, TX, USA

Izzat M. Alsmadi

Computer Information Systems Department, Yarmouk University, Irbid, Jordan

Iyad AlAzzam & Mohammed Akour

You can also search for this author in PubMed   Google Scholar

Corresponding author

Correspondence to Izzat M. Alsmadi .

Editor information

Editors and affiliations.

Department of Computing and Cyber Security, University of Texas A&M, San Antonio, Texas, USA

Izzat M Alsmadi

Department of Information Systems, University of Maryland Baltimore County (UMBC), Baltimore, Maryland, USA

George Karabatis

Department of Computer Information Systems, Yarmouk University, Irbid, Jordan

Ahmed Aleroud

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing Switzerland

About this chapter

Cite this chapter.

Alsmadi, I.M., AlAzzam, I., Akour, M. (2017). A Systematic Literature Review on Software-Defined Networking. In: Alsmadi, I., Karabatis, G., Aleroud, A. (eds) Information Fusion for Cyber-Security Analytics. Studies in Computational Intelligence, vol 691. Springer, Cham. https://doi.org/10.1007/978-3-319-44257-0_14

Download citation

DOI : https://doi.org/10.1007/978-3-319-44257-0_14

Published : 22 October 2016

Publisher Name : Springer, Cham

Print ISBN : 978-3-319-44256-3

Online ISBN : 978-3-319-44257-0

eBook Packages : Engineering Engineering (R0)

Share this chapter

Anyone you share the following link with will be able to read this content:

Sorry, a shareable link is not currently available for this article.

Provided by the Springer Nature SharedIt content-sharing initiative

  • Publish with us

Policies and ethics

  • Find a journal
  • Track your research

Software Defined Networking

Ieee account.

  • Change Username/Password
  • Update Address

Purchase Details

  • Payment Options
  • Order History
  • View Purchased Documents

Profile Information

  • Communications Preferences
  • Profession and Education
  • Technical Interests
  • US & Canada: +1 800 678 4333
  • Worldwide: +1 732 981 0060
  • Contact & Support
  • About IEEE Xplore
  • Accessibility
  • Terms of Use
  • Nondiscrimination Policy
  • Privacy & Opting Out of Cookies

A not-for-profit organization, IEEE is the world's largest technical professional organization dedicated to advancing technology for the benefit of humanity. © Copyright 2024 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.

  • P-ISSN 0974-6846 E-ISSN 0974-5645

Indian Journal of Science and Technology

Indian Journal of Science and Technology

Software Defined Networking: Research Issues, Challenges and Opportunities

  • Full-Text HTML
  • Full-Text PDF
  • How to Cite

DOI : 10.17485/ijst/2017/v10i29/112447

Year : 2017, Volume : 10, Issue : 29, Pages : 1-9

Original Article

Software Defined Networking: Research Issues, Challenges and Opportunities

Shailendra Mishra 1* and Mohammed Abdul Rahman AlShehri 2

1 Department of Computer Engineering, College of Computer & Information, Majmaah University, Saudi Arabia; [email protected]                                                                 2 Department of Information Technology, College of Computer & Information Sciences, Majmaah University, Saudi Arabia

*Author For Correspondence Shailendra Mishra                                                                                                                      Department of Computer Engineering, College of Computer & Information, Majmaah University, Saudi Arabia;                                                                                                    [email protected]  

Creative Commons License

Objectives: This paper focuses on challenges, opportunities and research issues of software defined networking (SDN), as well as how to select the best possible SDN controller, which in result will help to reduce the complexity of a network, price of implementation and maintenance of the network in any big organization. Methods/Statistical Analysis: In order to meet the objective, the review of literature has been carried out in the following contexts; Software defined networking, SDN protocol (Open Flow) and SDN research challenges. Software defined networking is one of the most discussed topic these days. This technology is being considered one of the favorable technologies for isolation of control plane and data plane and logical placement of centralized control from SDN controller. This research focuses on major issues, challenges and current requirements of network implemented in any big organization where traditional network is being implemented. Findings: To solve the issues of multiple located branch networks, cost, technical resources at each location, expertise, separate control plane for configurations, decentralized visibility of network devices, separate VLANs for each branch, complex traffic engineering, limited physical access of branches w.r.t working hours, bandwidth bottleneck at each branch, we surveyed literatures and web resources for the existing SDN controllers like NOX, POX, Ryu, Floodlight, and Open Daylight etc. All these controllers are based on Open Flow protocol. The primary concern is that a conventional system develops gradually, it has a generally abnormal state of operational expenditure and moderately static in nature. SDN holds the guarantee of overcoming those confinements. Major issues which are being faced are increasing requirements from user side, bandwidth availability, hardware (switches requirement at every place), technical resources are required at remote site for configurations, scalability issues, cost, high level processing power at each device, traffic engineering, resiliency against failures, decentralized visibility of hardware devices etc. SDN will helps to improve centralized visibility as all the underlying open flow switches are connected to controller, all switches can be configured from SDN controller without accessing individual switches. Research papers referred in this paper provide a bird eye view of what may cause hurdles further in development and technology integration of technology. Application/Improvements: This research will help how to select the best possible SDN controller which in result will help scalability, less hardware and software requirements, less technical resources requirements, centralized visibility, hassle free traffic engineering and high availability of network.

Keywords: AHP, MCDM, Openflow, SDN, SDN Controller

  • 22 April 2020

research papers on software defined networking

How to cite this paper

Mishra and AlShehri, Software Defined Networking: Research Issues, Challenges and Opportunities . Indian Journal of Science and Technology. 2017: 10(29);1-9

More articles

FPGA Implementation of Decoder Architectures for High Throughput Irregular LDPC Codes

FPGA Implementation of Decoder Architectures for High Throughput Ir...

31 May 2020

Alleviate the Parental Stress in Neonatal Intensive Care Unit using Ontology

Alleviate the Parental Stress in Neonatal Intensive Care Unit using...

08 May 2020

The Application of Multimedia and Wireless Technology in Education

The Application of Multimedia and Wireless Technology in Education

26 May 2020

Review on Admission of Preheated Vegetable Oil in C.I. Engine

Review on Admission of Preheated Vegetable Oil in C.I. Engine

28 April 2020

An Approach for Enhancing Data Access Security in Heterogeneous Database Systems

An Approach for Enhancing Data Access Security in Heterogeneous Dat...

03 April 2020

Comparison of XReal and XDMA for Keyword Search in XML Databases: A Case Study

Comparison of XReal and XDMA for Keyword Search in XML Databases: A...

06 May 2020

Revisiting the Issue of the Molecular-genetic Structure of the Causative Agent of the Bovine Leukemia Virus in the Russian Federation

Revisiting the Issue of the Molecular-genetic Structure of the Caus...

18 May 2020

Ammonia Behaviour in Wastewater Reclamation by Soil Aquifer Treatment

Ammonia Behaviour in Wastewater Reclamation by Soil Aquifer Treatment

Starting a Financial Endowment by a Nonprofit Organization in Higher Education

Starting a Financial Endowment by a Nonprofit Organization in Highe...

Analysis of the Powder Forging Processes for Vehicle Timing Belt Pulley by Finite Element Analysis

Analysis of the Powder Forging Processes for Vehicle Timing Belt Pu...

Don't miss out.

Subscribe now for latest articles and news.

  • Generative AI
  • Business Operations
  • IT Leadership
  • Application Security
  • Business Continuity
  • Cloud Security
  • Critical Infrastructure
  • Identity and Access Management
  • Network Security
  • Physical Security
  • Risk Management
  • Security Infrastructure
  • Vulnerabilities
  • Software Development
  • Artificial Intelligence
  • United States
  • United Kingdom
  • Newsletters
  • Foundry Careers
  • Terms of Service
  • Privacy Policy
  • Cookie Policy
  • Member Preferences
  • About AdChoices
  • E-commerce Links
  • Your California Privacy Rights

Our Network

  • Computerworld
  • Network World

Shweta Sharma

Software security debt piles up for organizations even as critical flaws drop

Software security debt, defined in the research as any flaw that persisted unremediated for over a year, was found in 42% of all applications.

A broken link in a digital chaing / weakness / vulnerability

While the prevalence of high-severity security flaws in applications has dropped significantly in the last few years, a large number of organizations still have critical security debt, according to research by Veracode.

The research is based on data collected from Veracode’s recent static application security testing (SAST), dynamic application security testing (DAST), and software component analysis (SCA) scans for over one million applications.

“The proliferation of AI-generated code brings with it insecure code at scale and the likelihood of it becoming security debt,” said Chris Eng, chief research officer at Veracode. “Given the extent of security debt that we found, it is worth considering whether AI-assisted remediation tools may be helpful to pay down that debt, without the need to redirect your development teams or to increase their size.”

The research also found a considerable number of flaws in first-party as well as third-party codes, underlining the importance of testing them both throughout the software development life cycle (SDLC).

Critical flaws down, not out

The research found prevalence of high-severity flaws has dropped in 2023 (in 17.9% of applications) to half of what it was in 2016 (in 37.9% of applications). While only 3.2% of all flaws were found to be highly severe (CVSS 9 and above), almost 16% of such flaws were “very likely” to be exploited.

This meant that a little less than 1% (0.7%) of all the flaws detected in 2023 were both critical and highly exploitable.

Overall, 80% of all active applications were detected to have unresolved flaws using Veracode’s SAST, DAST, and SCA scans, while this was 73% for SAST-only scans which consider issues specifically in the development phase of the applications.

Flaws detected in third-party, open-source components were on par with those detected in first-party codes. In fact, 63.4% of applications had flaws in first-party codes, while 70.2% of applications had flaws in the third-party code. This, the research noted, has to do with the wider AI adoption and necessitates deep scanning of both sources in the software supply chain.

Additionally, it was found that, on average, a typical application has 42 flaws for every 1 MB of code. Cross-site scripting, injection, path traversal, and vulnerable and outdated components were found to be the top flaws in applications with high intensity (average findings per application) and volume (percent of applications).

Security debt piles on

Software security debt, defined in the research as any flaw that persisted without remediation for over a year, was found in 42% of all applications. This number drops to 23% if applications less than one year old are added to the mix, meaning 57% of applications are with flaws but no debt.

The picture is a little different when critical security debt (non-remediated critical flaws) is taken into account. “A large majority of organizations (71%) have security debt at some level,” according to the research. “And close to half of all firms (46%) have high-severity persistent flaws that we’ll classify as critical security debt.”

A quarter of organizations with security debt have security debt in less than 17% of applications, with a quarter of them having debt in more than 67% of applications, the research noted. On average, almost half of all the flaws (47%) an organization has can be attributed to security debt.

To deal with software security debt, the research makes a few recommendations, including integrating security into SDLC, continuous remediation, prioritizing remediation for critical security debts, building developer security competency, and knowing your language’s debt profile.

Related content

Microsoft outlook flaw opens door to 1-click remote code execution attacks, lawmakers see power grid security risks from chinese storage batteries, google launches a slew of ai initiatives to enhance cybersecurity, top cybersecurity product news of the week, from our editors straight to your inbox.

Shweta Sharma

Shweta Sharma is a senior journalist covering enterprise information security and digital ledger technologies for IDG’s CSO Online, Computerworld, and other enterprise sites.

More from this author

Bigid adds access governance targeted at sensitive data and privileges, tool sprawl is hurting application security, us csos say, ai adoption in security taking off amid budget, trust, and skill-based issues, most popular authors.

research papers on software defined networking

  • Cynthia Brumfield Contributing Writer

research papers on software defined networking

Show me more

Visibility, alarm fatigue top remediation concerns in cloud security.

Image

Attack campaign targeting Azure environments compromised hundreds of accounts

Image

Surge in "hunter-killer" malware poses significant challenge to security teams

Image

CSO Executive Sessions Australia with Sunil Sale, CISO at MinterEllison

Image

CSO Executive Sessions Australia with Robbie Whittome, CISO at Curtin University

Image

CSO Executive Sessions / ASEAN: Cisco's Anthony Grieco on opportunities in Southeast Asia's cybersecurity landscape

Image

Reaping the Benefits of Security Metrics

Image

Don’t Lose Your Focus: It’s Not About the AI; It’s About the Data

Image

Preventing the Cracks from Becoming a Hole that Becomes a Crater

Image

Sponsored Links

  • Read this IDC spotlight to learn what commonly prevents value realization – and how to solve it
  • Want to justify your IT investments faster? IDC reports on how to measure business impact.
  • Tomorrow’s cybersecurity success starts with next-level innovation today. Join the discussion now to sharpen your focus on risk and resilience.

IMAGES

  1. (PDF) Software Defined Networking concepts and challenges

    research papers on software defined networking

  2. (PDF) Software-defined networking (SDN): A survey

    research papers on software defined networking

  3. Software Defined Networking (SDN) overview

    research papers on software defined networking

  4. Structure of a software‐defined networking

    research papers on software defined networking

  5. (PDF) A Review on Software Defined Networking

    research papers on software defined networking

  6. (PDF) Software Defined Networking (SDN) Challenges, issues and Solution

    research papers on software defined networking

VIDEO

  1. Software Defined Network Guide

  2. Software Defined Networks demo

  3. Network Research Project Explained

  4. What is Software-Defined Networking?

  5. Network analysis of professional role predictors: international journalistic community case study

  6. Software Defined Networking

COMMENTS

  1. Software-Defined Networking (SDN): A Review

    Software-Defined Networking (SDN): A Review Abstract: The Internet of Everything (IoE) connects millions of machines, vehicles, nodes, smoke detectors, watches, glasses, webcams, and other devices to the internet. These entities need the proper guidance and control for expected performance.

  2. A Review Paper on Software Defined Networking

    ... This traditional networking is identified by features that are implemented on a particular device always. These dedicated devices in conventional networking can be any one among switches,...

  3. Software-Defined Networking: An Evolving Network Architecture ...

    This paper focuses on the evolving network architecture, the software-defined networking.

  4. Software defined networking: State of the art and research challenges

    Network as a service Network virtualization Network function virtualization 1. Introduction Today's Internet applications require the underlying networks to be fast, carry large amounts of traffic, and to deploy a number of distinct, dynamic applications and services.

  5. Software-Defined Networking: Categories, Analysis, and Future

    Software-defined networking (SDN) is an innovative network architecture that splits the control and management planes from the data plane. It helps in simplifying network manageability and programmability, along with several other benefits. Due to the programmability features, SDN is gaining popularity in both academia and industry.

  6. (PDF) Software-Defined Networking: Challenges and research

    Software-Defined Networking: Challenges and research opportunities for Future Internet Computer Networks DOI: 10.1016/j.comnet.2014.10.015 Authors: Akram Hakiri Institut Supérieur des...

  7. Software-Defined Networking: Challenges and research opportunities for

    Software-Defined Networking: Challenges and research opportunities for Future Internet Hakiri, Aniruddha Gokhale, Pascal Berthou, Douglas C. Schmidt, Thierry Gayraud Add to Mendeley https://doi.org/10.1016/j.comnet.2014.10.015 Get rights and content Abstract

  8. A Literature Review on Challenges and Effects of Software Defined

    Software defined networking (SDN) can thereby counteract such issues by giving new functions to the whole network topology. With SDN, administrators have the possibility to abstract the underlying network infrastructure for applications and network services.

  9. Software Defined Networking concepts and challenges

    Abstract: Software Defined Networking (SDN) is an emerging networking paradigm that greatly simplifies network management tasks. In addition, it opens the door for network innovation through a programmable flexible interface controlling the behavior of the entire network.

  10. Software-Defined Networking: A Comprehensive Survey

    Software-Defined Networking: A Comprehensive Survey Abstract: The Internet has led to the creation of a digital society, where (almost) everything is connected and is accessible from anywhere. However, despite their widespread adoption, traditional IP networks are complex and very hard to manage.

  11. [1406.0440] Software-Defined Networking: A Comprehensive Survey

    Software-Defined Networking (SDN) is an emerging paradigm that promises to change this state of affairs, by breaking vertical integration, separating the network's control logic from the underlying routers and switches, promoting (logical) centralization of network control, and introducing the ability to program the network. The separation of concerns introduced between the definition of ...

  12. A Systematic Literature Review on Software-Defined Networking

    Software-Defined Networking (SDN) is a recently evolving networking architecture that focuses on the separation of control and data planes. ... Research papers indicated that most traditional security controls will need to be revisited based on SDN to evaluate the required changes and how could those security controls be modified to optimize ...

  13. Software-Defined Networking (SDN): the security review

    The search for better networking paradigms has fostered the emergence of Software Defined Networking (SDN), which allows the decoupling of the data plane from the control plane and to configure the network dynamically. ... Imad received Best Research Paper Award at the Third International Conference on Cognitive and Behavioral Psychology (CBP ...

  14. [PDF] Software-Defined Networking: Challenges and research

    This paper argues software defined networking (SDN) can simplify the design and management of cellular data networks, while enabling new services, but supporting many subscribers, frequent mobility, fine-grained measurement and control, and real-time adaptation introduces new scalability challenges that future SDN architectures should address.

  15. (PDF) A Review on Software Defined Networking

    Software Defined Network March 2021 International Journal of Scientific Research in Computer Science Engineering and Information Technology Authors: Rohini Sharma Abstract...

  16. A Research Survey on Software Defined Networking (SDN)

    In this paper, we have discussed the advantages of software-defined networks and the challenges plus how they are addressed with this concept plus its scalability and reliability. Keywords: Software Defined Networks, SDN, Network, Fast Networks Suggested Citation:

  17. Software defined networking: State of the art and research challenges

    Software-defined networking and openflow architecture. ... He has edited two books and published research papers in leading international conferences and journals. He is currently acting as Senior Guest Editor for Journal of Mobile Multimedia Special Issue on Cloud Computing Operation. His current interest focuses primarily on the Cloud ...

  18. (PDF) A Systematic Literature Review on Software-Defined Networking

    Software-Defined Networking (SDN) is a recently evolving networking architecture that focuses on the separation of control and data planes. Unlike traditional switches, SDN switches include...

  19. [PDF] Software defined networking: State of the art and research

    A split architecture in which the control plane is decoupled from the data plane is referred to as Software-Defined Networking (SDN), which provides a more structured software environment for developing network-wide abstractions while potentially simplifying the data planes. Expand. 537. Highly Influential.

  20. Software Defined Networking

    Software Defined Networking Abstract: This paper investigates the notion of software-defined networking (SDN), whose southbound interface can be applied through the OpenFlow protocol. The aim of this study is to discover the SDN architecture and the OpenFlow standard in some details.

  21. Software Defined Networking: Research Issues, Challenges and Opportunities

    Abstract. Objectives: This paper focuses on challenges, opportunities and research issues of software defined networking (SDN), as well as how to select the best possible SDN controller, which in result will help to reduce the complexity of a network, price of implementation and maintenance of the network in any big organization.

  22. PDF A Research Survey on Software Defined Networking (SDN)

    I. INTRODUCTION1 Nowadays everything is moving on cloud that entails a fast and robust internet network that can carry high bandwidth plus server virtualization and interconnected data centers has augment the demand of high speed bandwidth network enormously.

  23. Electronics

    The main focus of this paper is the multi-DAG task scheduling problem within the integrated Software-Defined Networking (SDN) satellite network architecture. In the DAG selection phase, we not only calculate task priorities but also incorporate the concept of fair scheduling to prevent potential excessive delays in the scheduling of low ...

  24. (PDF) Software Defined Networking: Research Issues, Challenges and

    This paper is an overview of the functioning of enterprises in the networking perspective along with current software defined approaches being used in enterprise networking which will soon take ...

  25. Software security debt piles up for organizations even as critical

    Software security debt, defined in the research as any flaw that persisted unremediated for over a year, was found in 42% of all applications. Credit: Getty Images While the prevalence of high ...