Forensic Investigation-Based Framework for SDN Using Blockchain

Abstract

Software-defined networking (SDN) is a promising networking technology that provides a new way of network management to the customers. SDN provides more programmable and flexible network services. SDN breaks the vertical integration of control and data planes and promotes centralized network management. This unique characteristic of SDN offers security features to deal with the malicious activities. However, architectural design of SDN makes it vulnerable to several attacks. Therefore, it is important to investigate the crime through various forensic techniques. This work discusses a literature study of some possible forensic techniques. A framework is also presented for forensic investigation of SDN environment in attack scenario. The proposed framework includes the collection of evidence and preserves them against any damage. During investigation, protection of evidence and chain of custody are of utmost importance to avoid misleading of the investigators. The safe storage strategy as well as maintaining the custody link can be achieved through blockchain technology.