Palvelunestohyökkäyksen vaikutukset ohjelmisto-ohjatun tietoverkon ohjaimiin

Software-defined networking (SDN) is used especially in cloud computing, because it is more flexible than traditional networks. In this study, first, vulnerabilities found in SDN controllers are described based on literature research. The vulnerabilities found are related to network fingerprinting, forged topology information, applications used by the controller and the interfaces between controller, switches and applications. Second, a comparative experiment is conducted, where three controllers are put under Denial-of-Service attack and their performance is measured. It was found that in the worst case the attack can crash the controller. During the attack the controller consumes more CPU time and memory and can’t serve legit users of the network properly. The attack traffic strains also connections between network users. Out of the controllers used in this study, Floodlight’s performance was the worst because the controller crashed and couldn’t recover. OpenDaylight consumed quite a lot resources but performed effectively. Ryu used the least amount of CPU time. Comparing the controllers’ results it was aknowledged that not all the tools picked for this experiment were up to the task. The good and bad choices in designing the experiment can be used infurther research to conduct better studies.