When SDN Meets Low-rate Threats: A Survey of Attacks and Countermeasures in Programmable Networks

Low-rate threats are a class of attack vectors that are disruptive and stealthy, typically crafted for security vulnerabilities. They have been the significant concern for cyber security, impacting both conventional IP-based networks and emerging Software-Defined Networking (SDN). SDN is a revolutionary architecture that separates the control and data planes, offering advantages such as enhanced manageability, flexibility, and network programmability, as well as the ability to introduce new solutions to address security threats. However, its innovative design also poses new vulnerabilities and threats, especially susceptibility to low-rate threats. To this end, this article presents a comprehensive overview of low-rate threats in programmable networks. It explores low-rate threats and countermeasures within the SDN architecture, encompassing the data plane, control plane, control channel, and application plane, together with traditional low-rate threats and countermeasures in SDN. Furthermore, the article offers detailed insight into threats and countermeasures against low-rate attacks exploiting SDN vulnerabilities and low-rate attacks related to the programmable data plane. Additionally, it presents a comparative analysis and discussion of low-rate attacks versus high-volume attacks, along with suggestions for enhancing SDN security. This thorough review aims to assist researchers in developing more resilient and dependable countermeasures against low-rate threats in programmable networks.