• Osman Ahmed INTI International University
  • Mohammad Hafiz Mohd Yusof
Keywords: SDN, Northbound API, SDN Security, Tor Network, SDN Architecture


Software-defined networking (SDN) is an emerging technology that separated its architecture into three layers. Applications layer and Control layer communicates through the Northbound Interface (NBI), these communications can be targeted to fingerprinting even with the encryption applied. With the growth of cyber-attacks and zero-day vulnerabilities in network environments, SDN is more open to security issues than other technologies due to the isolation of its architecture. In this paper, we proposed a new architecture to add an extra layer of Tor network to anonymize the communication of NBI, the development of the combination of SDN and Tor experiment using VMware virtual machines for SDN controller, GNS3 networks and Wireshark for NBI traffic analysis. In the results of maximizing the security of SDN, anonymous communication can prevent NBI from the fingerprinting by allowing the requests and responses messages going through multiple nodes before reaching the destination comparing with the current SDN architecture that using direct communications. Lastly, we discussed the results towards the STRIDE model to show and ensure how the combination of SDN and Tor can provide the security and privacy to the SDN Network


Download data is not yet available.


Dargin, M. 2018. Secure your SDN controller. Network World.

Singh,D. and Kumar,S. 2019.Software Defined Networking (SDN) Challenges, issues and Solution. International journal of computer sciences and engineering, 7(1):884-889.

Cao, J., Yang, Z., Sun, K., Li,Q., Xu,M. and. Han, P. 2019. Fingerprinting SDN Applications via Encrypted Control Traffic. Beijing, China: 22nd International Symposium on Research in Attacks, Intrusions and Defences.

Hogg, S. 2014. SDN Security Attack Vectors and SDN Hardening. Network World.

Do Hoang,H., Phan,D.and Pham,V. 2019.A Security-Enhanced Monitoring System for Northbound Interface in SDN using Blockchain. The Tenth International Symposium.

Tseng,Y., Zhang,Z. and Nait-Abdesselam,F. 2016.ControllerSEPA: A Security-Enhancing SDN Controller Plug-in for OpenFlowApplications. 17th International Conference on Parallel and Distributed Computing, Applications and Technologies (PDCAT).

Bagher,S., Natanzi,S. and Majma,M. 2017.Secure Northbound Interface for SDN Applications with NTRU Public KeyInfrastructure. Tehran, Iran: 4th International Conference on Knowledge-Based Engineering and Innovation (KBEI-2017).

Kobus, R. 2019. Could the Blockchain Provide True Anonymity? Retrived from: Last Accessed Date: 15 February, 2020.

Meskanen, T. And Renvall, A. 2006. A wrap error attack against NTRUEncrypt. Discrete Applied Mathematics. Vol-154(2).

Howgrave-Graham,N., Nguyen,P.Q., Pointcheval,D. and Proos,J.2003. the Impact of Decryption Failure on the Security OF NTRU encryption. 23rd Annual International Cryptology Conference.

Bierman, A., YumaWorks, Bjorklund, M. 2014. Tail-f Systems. Watsen, Juniper Networks, Fernando R. and Cisco. 2014 RESTCONF Protocol.

Laan, J.J. 2015. Securing the SDN northbound interface with the AID of anomaly detection. Master Research Report submitted Faculty of Science, University of Amsterdam. Retrived from:

Ruffy,F., Hommel,W. and von Eye,F. 2016.A STRIDE-based Security Architecture for Software-Defined Networking. ICN2016: The Fifteenth International Conference on Networks.

Oktian,Y.E., Lee, S.G., Lee, H.J. and Lam,J.H. 2015. Secure your Northbound SDN API. 2015 Seventh International Conference on Ubiquitous and Future Networks, Sapporo.

Weng,J., Weng,J., Zhang,Y., Luo,W. and Lan,W., 2019"BENBI: Scalable and Dynamic Access Control on the Northbound Interface of SDN-Based VANET," in IEEE Transactions on Vehicular Technology, vol. 68, no. 1, Jan.

Cui,H., Karame,G.O., Klaedtke,F. and Bifulco,R.2016.On the Fingerprinting of Software-Defined Networks. in IEEE Transactions on Information Forensics and Security.11(10), Oct.

Hoang,N.P. and Pishva,D.2015.A TOR-based anonymous communication approach to secure smart home appliances. 2015 17th International Conference on Advanced Communication Technology (ICACT), Seoul.

How to Cite
Ahmed, O., & Mohd Yusof, M. H. (2020). ARCHITECTURE BASED ON TOR NETWORK FOR SECURING THE COMMUNICATION OF NORTHBOUND INTERFACE IN SDN. COMPUSOFT: An International Journal of Advanced Computer Technology, 9(7), 3755-3761. Retrieved from