Software-defined network (SDN) presume virtualizing security functions from traditional hardware they liable to operate on. The data plane is responsible for forwarding all the data packets in accordance with flow rules.
The data plain layer is unruffled by switches and other basic devices which is responsible for forwarding, discarding, data processing and status collecting. It assurance the flow rules delivered by the controller. Therefore, Communication between the control plane and data plane has been enabled by open interface protocol called as OpenFlow (OF). Two basic principles that SDN data plane should follows ,
• Simplicity in the process of packets forwarding in Data Plane
• Generality indicated in the independence of SDN technology through which the network is implemented.
The typical security issues are mainly manifested in SDN data plain security are ,
• Malicious applications
• Legitimacy
• Controller vulnerability
• Consistency of flow rules
Three different attacks that can used to bargain with data plane that includes :
• Protocol Attack
• Side channel Attack
• Device Attack
Here, a device attack mention all those attacks where the challenger aims to exploit software and hardware vulnerabilities of SDN capable switch to agree with SDN data plane. The data plane architecture which consists of flexibility and programmability that supports the technologies for Data Plane implementation in order to provide key limitations such as ,
• Performance
• Energy Consumption
• Quality of Service
• Security and Reliability
• Measurement and Monitoring
• Support various network Technologies
• Network and Network Function Virtualization.