AI-enabled Cloud SDN Controllers: Architecture, Scalability, and Security – A Comparative Study
DOI:
https://doi.org/10.31861/sisiot2025.1.01011Keywords:
software-defined networking, cloud infrastructure, artificial intelligence, quality of service, resource constraintsAbstract
This article investigates the applicability and advantages of deploying a software-defined networking (SDN) controller within a cloud infrastructure. The study begins by analyzing the architectural differences between on-premises SDN controllers and cloud-based implementations, including monolithic, microservice, and hybrid edge-cloud approaches. The motivation is driven by the need to address modern network challenges such as dynamic scalability, efficient control over geographically distributed systems, and the integration of advanced automation tools. Cloud-based SDN controllers offer more convenient maintenance and seamless integration with external services, including telemetry, monitoring, and DevOps pipelines, than their locally deployed counterparts. However, they also introduce latency concerns and potential risks related to data confidentiality, which must be mitigated through encryption and secure communication protocols. The article emphasizes the integration of artificial Intelligence (AI) into the control plane. AI-powered modules enable the prediction of traffic patterns, detection of network anomalies, dynamic adjustment of routing policies, and overall improvement in quality of service. Examples from recent research, including implementations such as TeraFlowSDN, demonstrate the viability of embedding machine learning components within cloud-hosted controllers to enhance their decision-making capabilities. Comparative evaluation demonstrates that cloud deployment is preferable in contexts such as IoT-oriented systems or rapidly evolving network infrastructures. Properly designed, cloud-based SDN controllers can deliver performance levels comparable to traditional systems while offering greater flexibility for future development and integration with intelligent network services.
Downloads
References
M. Priyadarsini and P. Bera, “Software defined networking architecture, traffic management, security, and placement: A survey,” Computer Networks, vol. 192, p. 108047, 2021, doi: 10.1016/j.comnet.2021.108047.
C. Manso, R. Vilalta, R. Casellas, R. Martinez, and R. Muñoz, “Cloud-native SDN Controller Based on Micro-Services for Transport Networks,” in Proc. IEEE Int. Conf. Network Softwarization (NetSoft), 2020, pp. 365–367, doi: 10.1109/NetSoft48620.2020.9165377.
F. P.-C. Lin and Z. Tsai, “Hierarchical Edge-Cloud SDN Controller System With Optimal Adaptive Resource Allocation for Load-Balancing,” IEEE Systems Journal, vol. 14, no. 1, pp. 265–276, Mar. 2020, doi: 10.1109/JSYST.2019.2894689.
M. Rahouti, K. Xiong, and Y. Xin, “Secure Software-Defined Networking Communication Systems for Smart Cities: Current Status, Challenges, and Trends,” IEEE Access, pp. 12083–12113, 2020, doi: 10.1109/ACCESS.2020.3047996.
Z. Eghbali and L. Zolfy, “A hierarchical approach for accelerating IoT data management process based on SDN principles,” Journal of Network and Computer Applications, vol. 181, 2021, doi: 10.1016/j.jnca.2021.103027.
R. Firouzi and R. Rahmani, “A Distributed SDN Controller for Distributed IoT,” IEEE Access, vol. 10, pp. 42873–42882, 2022, doi: 10.1109/ACCESS.2022.3168299.
I. E. Kamarudin, M. Ameedeen, M. Faizal, and A. Zabidi, “Integrating Edge Computing and Software Defined Networking in Internet of Things: A Systematic Review,” Iraqi Journal for Computer Science and Mathematics, vol. 4, pp. 121–150, 2023, doi: 10.52866/ijcsm.2023.04.04.011.
A. Mozo, A. Karamchandani, L. la Cal, S. Gómez-Canaval, A. Pastor, and L. Gifre, “A Machine-Learning-Based Cyberattack Detector for a Cloud-Based SDN Controller,” Applied Sciences, vol. 13, 2023, doi: 10.3390/app13084914.
R. Pérez, M. Rivera, Y. Salgueiro, C. R. Baier, and P. Wheeler, “Moving Microgrid Hierarchical Control to an SDN-Based Kubernetes Cluster: A Framework for Reliable and Flexible Energy Distribution,” Sensors, vol. 23, p. 3395, 2023, doi: 10.3390/s23073395.
D. Adanza, L. Gifre, P. Alemany, J.-P. Fernández-Palacios, O. González-de-Dios, R. Muñoz, and R. Vilalta, “Enabling traffic forecasting with cloud-native SDN controller in transport networks,” Computer Networks, vol. 250, p. 110565, 2024, doi: 10.1016/j.comnet.2024.110565.
M. Diouf, S. Ouya, J. Klein, and T. Bissyandé, “Software Security in Software-Defined Networking: A Systematic Literature Review,” arXiv preprint arXiv:2502.13828, 2025, doi: 10.48550/arXiv.2502.13828.
R. Yujie, W. Muqing, and C. Yiming, “An Effective Controller Placement Algorithm Based on Clustering in SDN,” in Proc. IEEE 6th Int. Conf. Computer and Communications (ICCC), Chengdu, China, 2020, pp. 2294–2299, doi: 10.1109/ICCC51575.2020.9345045.
P. Krishnan, K. Jain, A. Aldweesh, et al., “OpenStackDP: a scalable network security framework for SDN-based OpenStack cloud infrastructure,” Journal of Cloud Computing, vol. 12, art. no. 26, 2023, doi: 10.1186/s13677-023-00406-w.
S. Pal, N. Z. Jhanjhi, A. S. Abdulbaqi, D. Akila, A. A. Almazroi, and F. S. Alsubaei, “A Hybrid Edge-Cloud System for Networking Service Components Optimization Using the Internet of Things,” Electronics, vol. 12, 2023, doi: 10.3390/electronics12030649.
M. He, A. M. Alba, E. Mansour, and W. Kellerer, “Evaluating the Control and Management Traffic in OpenStack Cloud with SDN,” in Proc. IEEE 20th Int. Conf. High Performance Switching and Routing (HPSR), Xi’an, China, 2019, doi: 10.1109/HPSR.2019.8807989.
I. Ivkic, D. Thiede, N. Race, and M. Broadbent, “Security Evaluation in Software-Defined Networks,” arXiv preprint arXiv:2408.11486, 2024, doi: 10.48550/arXiv.2408.11486.
O. Belkadi, A. Vulpe, Y. Laaziz, and S. Halunga, “ML-Based Traffic Classification in an SDN-Enabled Cloud Environment,” Electronics, vol. 12, art. no. 269, 2023, doi: 10.3390/electronics12020269.
I. Abdulqadder, S. Zhou, D. Zou, I. Aziz, and S. Akber, “Multi-layered Intrusion Detection and Prevention in the SDN/NFV Enabled Cloud of 5G Networks using AI-based Defense Mechanisms,” Computer Networks, vol. 179, p. 107364, 2020, doi: 10.1016/j.comnet.2020.107364.
Y. Al-Dunainawi, B. R. Al-Kaseem, and H. S. Al-Raweshidy, “Optimized Artificial Intelligence Model for DDoS Detection in SDN Environment,” IEEE Access, vol. 11, pp. 106733–106748, 2023, doi: 10.1109/ACCESS.2023.3319214.
M. R. Belgaum, Z. Alansari, S. Musa, M. Alam, and M. Mazliham, “Role of artificial intelligence in cloud computing, IoT and SDN: Reliability and scalability issues,” International Journal of Electrical and Computer Engineering (IJECE), vol. 11, no. 5, pp. 4458–4470, 2021, doi: 10.11591/ijece.v11i5.pp4458-4470.
M. Rostami and S. Goli-Bidgoli, “An overview of QoS-aware load balancing techniques in SDN-based IoT networks,” Journal of Cloud Computing, vol. 13, art. no. 89, 2024, doi: 10.1186/s13677-024-00651-7.
B. J. Ospina Cifuentes, Á. Suárez, V. García Pineda, R. Alvarado Jaimes, A. O. Montoya Benitez, and J. D. Grajales Bustamante, “Analysis of the use of artificial intelligence in software-defined intelligent networks: A survey,” Technologies, vol. 12, art. no. 99, 2024, doi: 10.3390/technologies12070099.
Published
Issue
Section
License
Copyright (c) 2025 Security of Infocommunication Systems and Internet of Things
This work is licensed under a Creative Commons Attribution 4.0 International License.
