Please use this identifier to cite or link to this item: http://hdl.handle.net/10071/32084
Author(s): Polónio, J.
Moura, J.
Marinheiro, R. N.
Date: 2024
Title: On the road to proactive vulnerability analysis and mitigation leveraged by Software Defined Networks: A systematic review
Journal title: IEEE Access
Volume: 12
Pages: 98546 - 98566
Reference: Polónio, J., Moura, J., & Marinheiro, R. N. (2024). On the road to proactive vulnerability analysis and mitigation leveraged by Software Defined Networks: A systematic review. IEEE Access, 12, 98546-98566. http://doi.org/10.1109/ACCESS.2024.3429269
ISSN: 2169-3536
DOI (Digital Object Identifier): 10.1109/ACCESS.2024.3429269
Keywords: System vulnerability
Assessment
Detection
Mitigation
Software Defined Networks
Risk evaluation
Automatic operation
Network security
Abstract: The discovery of security vulnerabilities and their mitigation in networked systems managed by Software-Defined Networking (SDN) are fundamental for ensuring their normal operation. The main goal of this survey was to investigate the literature on preventing system security vulnerabilities instead of detecting ongoing cyber-attacks as quickly as possible. Thus, in our opinion, organizations should fortify their systems’ security by identifying and eliminating any new security vulnerabilities before they can be successfully exploited. We comprehensively discuss different vulnerability detection approaches based on important comparison parameters such as vulnerability assessment, the SDN controller used, automation capability, system risk indicators, passive scanning and active probing of system vulnerabilities. The paper also analyzes relevant literature considering the mitigation mechanisms for discovered vulnerabilities such as the proposed SDN controller, automation capability, solution adaptation to system operational changes, risk indicators, and the solution’s impact on network quality metrics like latency and throughput. Despite the strengths of the surveyed work, we have also identified promising open issues that need further consideration by scholars, industry participants, and policymakers. We concluded that the majority of analyzed literature contributions are largely reactive in their implementation against running network threats. This suggests a new research domain for applying SDN in the automatic detection of security vulnerabilities and their proactive mitigation before external cyber-attackers can exploit them.
Peerreviewed: yes
Access type: Open Access
Appears in Collections:IT-RI - Artigos em revistas científicas internacionais com arbitragem científica

Files in This Item:
File SizeFormat 
article_104683.pdf1,6 MBAdobe PDFView/Open


FacebookTwitterDeliciousLinkedInDiggGoogle BookmarksMySpaceOrkut
Formato BibTex mendeley Endnote Logotipo do DeGóis Logotipo do Orcid 

Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.