Software-Defined-Networking-Based One-versus-Rest Strategy for Detecting and Mitigating Distributed Denial-of-Service Attacks in Smart Home Internet of Things Devices.

The number of connected devices or Internet of Things (IoT) devices has rapidly increased. According to the latest available statistics, in 2023, there were approximately 17.2 billion connected IoT devices; this is expected to reach 25.4 billion IoT devices by 2030 and grow year over year for the foreseeable future. IoT devices share, collect, and exchange data via the internet, wireless networks, or other networks with one another. IoT interconnection technology improves and facilitates people's lives but, at the same time, poses a real threat to their security. Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) attacks are considered the most common and threatening attacks that strike IoT devices' security. These are considered to be an increasing trend, and it will be a major challenge to reduce risk, especially in the future. In this context, this paper presents an improved framework (SDN-ML-IoT) that works as an Intrusion and Prevention Detection System (IDPS) that could help to detect DDoS attacks with more efficiency and mitigate them in real time. This SDN-ML-IoT uses a Machine Learning (ML) method in a Software-Defined Networking (SDN) environment in order to protect smart home IoT devices from DDoS attacks. We employed an ML method based on Random Forest (RF), Logistic Regression (LR), k-Nearest Neighbors (kNN), and Naive Bayes (NB) with a One-versus-Rest (OvR) strategy and then compared our work to other related works. Based on the performance metrics, such as confusion matrix, training time, prediction time, accuracy, and Area Under the Receiver Operating Characteristic curve (AUC-ROC), it was established that SDN-ML-IoT, when applied to RF, outperforms other ML algorithms, as well as similar approaches related to our work. It had an impressive accuracy of 99.99%, and it could mitigate DDoS attacks in less than 3 s. We conducted a comparative analysis of various models and algorithms used in the related works. The results indicated that our proposed approach outperforms others, showcasing its effectiveness in both detecting and mitigating DDoS attacks within SDNs. Based on these promising results, we have opted to deploy SDN-ML-IoT within the SDN. This implementation ensures the safeguarding of IoT devices in smart homes against DDoS attacks within the network traffic.

Secure multi-path routing for Internet of Things based on trust evaluation.

In the realm of the Internet of Things (IoT), ensuring the security of communication links and evaluating the safety of nodes within these links remains a significant challenge. The continuous threat of anomalous links, harboring malicious switch nodes, poses risks to data transmission between edge nodes and between edge nodes and cloud data centers. To address this critical issue, we propose a novel trust evaluation based secure multi-path routing (TESM) approach for IoT. Leveraging the software-defined networking (SDN) architecture in the data transmission process between edge nodes, TESM incorporates a controller comprising a security verification module, a multi-path routing module, and an anomaly handling module. The security verification module ensures the ongoing security validation of data packets, deriving trust scores for nodes. Subsequently, the multi-path routing module employs multi-objective reinforcement learning to dynamically generate secure multiple paths based on node trust scores. The anomaly handling module is tasked with handling malicious switch nodes and anomalous paths. Our proposed solution is validated through simulation using the Ryu controller and P4 switches in an SDN environment constructed with Mininet. The results affirm that TESM excels in achieving secure data forwarding, malicious node localization, and the secure selection and updating of transmission paths. Notably, TESM introduces a minimal 12.4% additional forwarding delay and a 5.46% throughput loss compared to traditional networks, establishing itself as a lightweight yet robust IoT security defense solution.

Internet of medical things and blockchain-enabled patient-centric agent through SDN for remote patient monitoring in 5G network.

During the COVID-19 pandemic, there has been a significant increase in the use of internet resources for accessing medical care, resulting in the development and advancement of the Internet of Medical Things (IoMT). This technology utilizes a range of medical equipment and testing software to broadcast patient results over the internet, hence enabling the provision of remote healthcare services. Nevertheless, the preservation of privacy and security in the realm of online communication continues to provide a significant and pressing obstacle. Blockchain technology has shown the potential to mitigate security apprehensions across several sectors, such as the healthcare industry. Recent advancements in research have included intelligent agents in patient monitoring systems by integrating blockchain technology. However, the conventional network configuration of the agent and blockchain introduces a level of complexity. In order to address this disparity, we present a proposed architectural framework that combines software defined networking (SDN) with Blockchain technology. This framework is specially tailored for the purpose of facilitating remote patient monitoring systems within the context of a 5G environment. The architectural design contains a patient-centric agent (PCA) inside the SDN control plane for the purpose of managing user data on behalf of the patients. The appropriate handling of patient data is ensured by the PCA via the provision of essential instructions to the forwarding devices. The suggested model is assessed using hyperledger fabric on docker-engine, and its performance is compared to that of current models in fifth generation (5G) networks. The performance of our suggested model surpasses current methodologies, as shown by our extensive study including factors such as throughput, dependability, communication overhead, and packet error rate.

An IoT-based low-cost architecture for smart libraries using SDN.

In the evolving landscape of smart libraries, this research pioneers an IoT-based low-cost architecture utilizing Software-Defined Networking (SDN). The increasing demand for more efficient and economical solutions in library management, particularly in the realm of RFID-based processes such as authentication, property circulation, and book loans, underscores the significance of this study. Leveraging the collaborative potential of IoT and SDN technologies, our proposed system introduces a fresh perspective to tackle these challenges and advance intelligent library management. In response to the evolving landscape of smart libraries, our research presents an Internet of Things (IoT)-based low-cost architecture utilizing SDN. The exploration of this architectural paradigm arises from a recognized gap in the existing literature, pointing towards the necessity for more efficient and cost-effective solutions in managing library processes. Our proposed algorithm integrates IoT and SDN technologies to intelligently oversee various library activities, specifically targeting RFID-based processes such as authentication, property circulation management, and book loan management. The system's architecture, encompasses components like the data center, SDN controllers, RFID tags, tag readers, and other network sensors. By leveraging the synergy between RFID and SDN, our innovative approach reduces the need for constant operator supervision in libraries. The scalability and software-oriented nature of the architecture cater to extensive library environments. Our study includes a two-phase investigation, combining practical implementation in a small-scale library with a simulation environment using MATLAB 2021. This research not only fills a crucial gap in current knowledge but also lays the foundation for future advancements in the integration of IoT and SDN technologies for intelligent library management.

Smart library architecture based on internet of things (IoT) and software defined networking (SDN).

Internet of Things (IoT) is being widely developed in various fields, and its penetration rate in daily life is continuously increasing. The nature of the social function of objects and giving them an identity has made it possible to successfully integrate this technology into many traditional systems and improve their performance by automation. Libraries are one of the most obvious examples of smartening by IoT architecture. So far, various architectures have been presented for smartening libraries through IoT technology. However, a low-cost and ideal architecture that can cover all the requirements in a wide range of smart library applications has not been provided. This article attempts to fill some of the existing research gaps in this field by presenting a new architecture for smartening libraries. In the proposed method, Software Defined Networking (SDN) is used to reduce implementation costs and improve the management process of network components. In this architecture, the communication platform of network active objects is formed based on a cluster-based topology. Also, passive Radio Frequency IDentification (RFID) tags are utilized to manage books and library property. Two stages of evaluation have been conducted for the suggested method's performance: actual deployment and computer simulations. Based on the findings, it can be concluded that this study has succeeded in creating an effective and affordable design for smart libraries, which is a major advancement over conventional libraries.

RC-LAHR: Road-Side-Unit-Assisted Cloud-Based Location-Aware Hybrid Routing for Software-Defined Vehicular Ad Hoc Networks.

The reliability of the communication link is quite common and challenging to handle as the topology changes frequently in vehicular ad hoc networks (VANETs). Another problem with VANETs is that the vehicles are from different manufacturers. Hence, the heterogeneity of hardware is obvious. These heterogeneity and reliability problems affect the message dissemination in VANETs. This paper aims to address these challenges by proposing a robust routing protocol capable of ensuring reliable, scalable, and heterogeneity-tolerant message dissemination in VANETs. We first introduced a hybrid hierarchical architecture based on software-defined networking (SDN) principles for VANETs, leveraging SDN's inherent scalability and adaptability to heterogeneity. Further, a road-side unit (RSU)-assisted cloud-based location-aware hybrid routing for software-defined VANETs (SD-VANETs) that we call RC-LAHR was proposed. RC-LAHR was rigorously tested and analyzed for its performance in terms of packet delivery ratio (PDR) and end-to-end delay (EED), along with a comprehensive assessment of network traffic and load impacts on cloud infrastructure and RSUs. The routing protocol is compared with state-of-the-art protocols, Greedy Perimeter Stateless Routing (GPSR) and Opportunistic and Position-Based Routing (OPBR). The proposed routing protocol performs well as compared to GPSR and OPBR. The result shows that the EED is reduced to 20% and the PDR is increased to 30%. The network reliability is also increased up to 5% as compared to the OPBR and GPSR.

A lightweight path consistency verification based on INT in SDN.

The existing path consistency verification solutions in software-defined networking (SDN) were implemented by proactive injecting large number of probing packets or by embedding linear-scale tags as the path lengthens, which incurred significant bandwidth and communication overhead. A lightweight path consistency validation mechanism based on in-band network telemetry (INT) in SDN is proposed. Based on INT, in the scheme, the ingress switch inserts a telemetry instruction header with probability, each subsequent switch updates the telemetry data using a uniform sampling algorithm and only carries partial path information in INT packet to keep the head space size constant, the egress switch reports the final sampled telemetry data to the controller to verify the path compliance according to aggregated telemetry data. A heuristic flow selection algorithm is proposed to implement network-level path consistency validation. The proposed scheme was implemented and evaluated. The analyses and experiments demonstrate the proposed mechanism effectively limits the packet head overhead and introduces less than 7% of additional forwarding delays and 6% of throughput degradation at most.

Reducing Flow Table Update Costs in Software-Defined Networking.

In software-defined networking (SDN), the traffic forwarding delay highly depends on the latency associated with updating the forwarding rules in flow tables. With the increase in fine-grained flow control requirements, due to the flexible control capabilities of SDN, more rules are being inserted and removed from flow tables. Moreover, the matching fields of these rules might overlap since multiple control domains might generate different rules for similar flows. This overlap implies dependency relationships among the rules, imposing various restrictions on forwarding entries during updates, e.g., by following update orders or storing entries at specified locations, especially in flow tables implemented using ternary content addressable memory (TCAM); otherwise, mismatching or packet dropping will occur. It usually takes a while to resolve and maintain dependencies during updates, which hinders high forwarding efficiency. To reduce the delay associated with updating dependent rules, in this paper, we propose an updating algorithm for TCAM-based flow tables. We formulate the TCAM maintenance process as an NP-hard problem and analyze the inefficiency of existing moving approaches. To solve the problem, we propose an optimal moving chain for single rule updates and provide theoretical proof for its minimum moving steps. For multiple rules arriving at a switch simultaneously, we designed a dynamic approach to update concurrent entries; it is able to update multiple rules heuristically within a restricted TCAM region. As the update efficiency concerns dependencies among rules, we evaluate our flow table by updating algorithms with different dependency complexities. The results show that our approach achieves about 6% fewer moving steps than existing approaches. The advantage is more pronounced when the flow table is heavily utilized and rules have longer dependency chains.

An intelligent zero trust secure framework for software defined networking.

Software-defined networking (SDN) faces many of the same security threats as traditional networks. The separation of the SDN control plane and data plane makes the controller more vulnerable to cyber attacks. The conventional "perimeter defense" network security model cannot prevent lateral movement attacks caused by malicious insider users or hardware and software vulnerabilities. The "zero trust architecture" has become a new security network model to protect enterprise network security. In this article, we propose an intelligent zero-trust security framework IZTSDN for the software-defined networking by integrating deep learning and zero-trust architecture, which adopts zero-trust architecture to protect every resource and network connection in the network. IZTSDN uses a traffic anomaly detection mode CALSeq2Seql based on a deep learning algorithm to analyze users' network behavior in real-time and achieve continuous tracking and analysis of users, restrict malicious users from accessing network resources, and realize the dynamic authorization process. Finally, the Mininet simulation platform is extended to build the simulation platform MiniIZTA supporting zero-trust architecture and the proposed security framework IZTSDN is experimentally analyzed. The experimental results show that the IZTSDN security framework can provide about 80.5% of throughput when the network is attacked. The accuracy of abnormal traffic detection reaches 99.56% on the SDN dataset, which verifies that the reliability and availability of the IZTSDN security framework are verified.

Efficient Internet-of-Things Cyberattack Depletion Using Blockchain-Enabled Software-Defined Networking and 6G Network Technology.

Low-speed internet can negatively impact incident response by causing delayed detection, ineffective response, poor collaboration, inaccurate analysis, and increased risk. Slow internet speeds can delay the receipt and analysis of data, making it difficult for security teams to access the relevant information and take action, leading to a fragmented and inadequate response. All of these factors can increase the risk of data breaches and other security incidents and their impact on IoT-enabled communication. This study combines virtual network function (VNF) technology with software -defined networking (SDN) called virtual network function software-defined networking (VNFSDN). The adoption of the VNFSDN approach has the potential to enhance network security and efficiency while reducing the risk of cyberattacks. This approach supports IoT devices that can analyze large volumes of data in real time. The proposed VNFSDN can dynamically adapt to changing security requirements and network conditions for IoT devices. VNFSDN uses threat filtration and threat-capturing and decision-driven algorithms to minimize cyber risks for IoT devices and enhance network performance. Additionally, the integrity of IoT devices is safeguarded by addressing the three risk categories of data manipulation, insertion, and deletion. Furthermore, the prioritized delegated proof of stake (PDPoS) consensus variant is integrated with VNFSDN to combat attacks. This variant addresses the scalability issue of blockchain technology by providing a safe and adaptable environment for IoT devices that can quickly be scaled up and down to pull together the changing demands of the organization, allowing IoT devices to efficiently utilize resources. The PDPoS variant provides flexibility to IoT devices to proactively respond to potential security threats, preventing or mitigating the impact of cyberattacks. The proposed VNFSDN dynamically adapts to the changing security requirements and network conditions, improving network resiliency and enabling proactive threat detection. Finally, we compare the proposed VNFSDN to existing state-of-the-art approaches. According to the results, the proposed VNFSDN has a 0.08 ms minimum response time, a 2% packet loss rate, 99.5% network availability, a 99.36% threat detection rate, and a 99.77% detection accuracy with 1% malicious nodes.

Managing Energy Consumption of Devices with Multiconnectivity by Deep Learning and Software-Defined Networking.

Multiconnectivity allows user equipment/devices to connect to multiple radio access technologies simultaneously, including 5G, 4G (LTE), and WiFi. It is a necessity in meeting the increasing demand for mobile network services for the 5G and beyond wireless networks, while ensuring that mobile operators can still reap the benefits of their present investments. Multipath TCP (MPTCP) has been introduced to allow uninterrupted reliable data transmission over multiconnectivity links. However, energy consumption is a significant issue for multihomed wireless devices since most of them are battery-powered. This paper employs software-defined networking (SDN) and deep neural networks (DNNs) to manage the energy consumption of devices with multiconnectivity running MPTCP. The proposed method involves two lightweight algorithms implemented on an SDN controller, using a real hardware testbed of dual-homed wireless nodes connected to WiFi and cellular networks. The first algorithm determines whether a node should connect to a specific network or both networks. The second algorithm improves the selection made by the first by using a DNN trained on different scenarios, such as various network sizes and MPTCP congestion control algorithms. The results of our extensive experimentation show that this approach effectively reduces energy consumption while providing better network throughput performance compared to using single-path TCP or MPTCP Cubic or BALIA for all nodes.

A Method of DDoS Attack Detection and Mitigation for the Comprehensive Coordinated Protection of SDN Controllers.

Software defined networking (SDN) improves the flexibility and programmability of the network by separating the control plane and the data plane and effectively realizes the global control of the network infrastructure. However, the centralized structure design of SDN exposes the controller to potential threats. Attackers have used the active flow table delivery mode to launch distributed denial of service (DDoS) attacks on the SDN controller, resulting in the controller failure and seriously affecting the network performance. To overcome this problem, this paper proposes a defense framework called CC-Guard. The framework consists of four modules: attack detection triggering, switch migration, anomaly detection, and mitigation. Among them, the attack detection trigger module improves the system's timely response to DDoS attacks. The switch migration module effectively unclogs the controller congestion problem and provides convenience for network flow transmission. The anomaly detection module uses a coarse-grained method for two-stage detection, which improves the detection accuracy. The mitigation module uses the idea of cross-domain cooperation of the controller to clear the abnormal flow in the blacklist. Experimental results show that our proposed CC-Guard has real-time DDoS attack defense capability and high detection accuracy, as well as efficient network resource utilization.

Traffic Management in IoT Backbone Networks Using GNN and MAB with SDN Orchestration.

Traffic management is a critical task in software-defined IoT networks (SDN-IoTs) to efficiently manage network resources and ensure Quality of Service (QoS) for end-users. However, traditional traffic management approaches based on queuing theory or static policies may not be effective due to the dynamic and unpredictable nature of network traffic. In this paper, we propose a novel approach that leverages Graph Neural Networks (GNNs) and multi-arm bandit algorithms to dynamically optimize traffic management policies based on real-time network traffic patterns. Specifically, our approach uses a GNN model to learn and predict network traffic patterns and a multi-arm bandit algorithm to optimize traffic management policies based on these predictions. We evaluate the proposed approach on three different datasets, including a simulated corporate network (KDD Cup 1999), a collection of network traffic traces (CAIDA), and a simulated network environment with both normal and malicious traffic (NSL-KDD). The results demonstrate that our approach outperforms other state-of-the-art traffic management methods, achieving higher throughput, lower packet loss, and lower delay, while effectively detecting anomalous traffic patterns. The proposed approach offers a promising solution to traffic management in SDNs, enabling efficient resource management and QoS assurance.

A DDoS Detection Method Based on Feature Engineering and Machine Learning in Software-Defined Networks.

Distributed denial-of-service (DDoS) attacks pose a significant cybersecurity threat to software-defined networks (SDNs). This paper proposes a feature-engineering- and machine-learning-based approach to detect DDoS attacks in SDNs. First, the CSE-CIC-IDS2018 dataset was cleaned and normalized, and the optimal feature subset was found using an improved binary grey wolf optimization algorithm. Next, the optimal feature subset was trained and tested in Random Forest (RF), Support Vector Machine (SVM), K-Nearest Neighbor (k-NN), Decision Tree, and XGBoost machine learning algorithms, from which the best classifier was selected for DDoS attack detection and deployed in the SDN controller. The results show that RF performs best when compared across several performance metrics (e.g., accuracy, precision, recall, F1 and AUC values). We also explore the comparison between different models and algorithms. The results show that our proposed method performed the best and can effectively detect and identify DDoS attacks in SDNs, providing a new idea and solution for the security of SDNs.

DoSDefender: A Kernel-Mode TCP DoS Prevention in Software-Defined Networking.

The limited computation resource of the centralized controller and communication bandwidth between the control and data planes become the bottleneck in forwarding the packets in Software-Defined Networking (SDN). Denial of Service (DoS) attacks based on Transmission Control Protocol (TCP) can exhaust the resources of the control plane and overload the infrastructure of SDN networks. To mitigate TCP DoS attacks, DoSDefender is proposed as an efficient kernel-mode TCP DoS prevention framework in the data plane for SDN. It can prevent TCP DoS attacks from entering SDN by verifying the validity of the attempts to establish a TCP connection from the source, migrating the connection, and relaying the packets between the source and the destination in kernel space. DoSDefender conforms to the de facto standard SDN protocol, the OpenFlow policy, which requires no additional devices and no modifications in the control plane. Experimental results show that DoSDefender can effectively prevent TCP DoS attacks in low computing consumption while maintaining low connection delay and high packet forwarding throughput.

Composition of caching and classification in edge computing based on quality optimization for SDN-based IoT healthcare solutions.

This paper proposes a novel approach that uses a spectral clustering method to cluster patients with e-health IoT devices based on their similarity and distance and connect each cluster to an SDN edge node for efficient caching. The proposed MFO-Edge Caching algorithm is considered for selecting the near-optimal data options for caching based on considered criteria and improving QoS. Experimental results demonstrate that the proposed approach outperforms other methods in terms of performance, achieving decrease in average time between data retrieval delays and the cache hit rate of 76%. Emergency and on-demand requests are prioritized for caching response packets, while periodic requests have a lower cache hit ratio of 35%. The approach shows improvement in performance compared to other methods, highlighting the effectiveness of SDN-Edge caching and clustering for optimizing e-health network resources.

Cooperative-Aware Radio Resource Allocation Scheme for 5G Network Slicing in Cloud Radio Access Networks.

The 5G network is designed to serve three main use cases: enhanced mobile broadband (eMBB), massive machine-type communications (mMTC), and ultra-reliable and low-latency communications (uRLLC). There are many new technological enablers, including the cloud radio access network (C-RAN) and network slicing, that can support 5G and meet its requirements. The C-RAN combines both network virtualization and based band unit (BBU) centralization. Using the network slicing concept, the C-RAN BBU pool can be virtually sliced into three different slices. 5G slices require a number of Quality of service (QoS) metrics, such as average response time and resource utilization. In order to enhance the C-RAN BBUs utilization while protecting the minimum QoS of the coexisting three slices, a priority-based resource allocation with queuing model is proposed. The uRLLC is given the highest priority, while eMBB has a higher priority than mMTC services. The proposed model allows the eMBB and mMTC to be queued and the interrupted mMTC to be restored in its queue to increase its chance to reattempt the service later. The proposed model's performance measures are defined and derived using a continuous-time Markov chain (CTMC) model and evaluated and compared using different methodologies. Based on the results, the proposed scheme can increase C-RAN resource utilization without degrading the QoS of the highest-priority uRLLC slice. Additionally, it can reduce the forced termination priority of the interrupted mMTC slice by allowing it to re-join its queue. Therefore, the comparison of the results shows that the proposed scheme outperforms the other states of the art in terms of improving the C-RAN utilization and enhancing the QoS of eMBB and mMTC slices without degrading the QoS of the highest priority use case.

A Systematic Literature Review on Machine Learning and Deep Learning Approaches for Detecting DDoS Attacks in Software-Defined Networking.

Software-defined networking (SDN) is a revolutionary innovation in network technology with many desirable features, including flexibility and manageability. Despite those advantages, SDN is vulnerable to distributed denial of service (DDoS), which constitutes a significant threat due to its impact on the SDN network. Despite many security approaches to detect DDoS attacks, it remains an open research challenge. Therefore, this study presents a systematic literature review (SLR) to systematically investigate and critically analyze the existing DDoS attack approaches based on machine learning (ML), deep learning (DL), or hybrid approaches published between 2014 and 2022. We followed a predefined SLR protocol in two stages on eight online databases to comprehensively cover relevant studies. The two stages involve automatic and manual searching, resulting in 70 studies being identified as definitive primary studies. The trend indicates that the number of studies on SDN DDoS attacks has increased dramatically in the last few years. The analysis showed that the existing detection approaches primarily utilize ensemble, hybrid, and single ML-DL. Private synthetic datasets, followed by unrealistic datasets, are the most frequently used to evaluate those approaches. In addition, the review argues that the limited literature studies demand additional focus on resolving the remaining challenges and open issues stated in this SLR.

Moving Microgrid Hierarchical Control to an SDN-Based Kubernetes Cluster: A Framework for Reliable and Flexible Energy Distribution.

Software Defined Networking (SDN) is a communication alternative to increase the scalability and resilience of microgrid hierarchical control. The common architecture has a centralized and monolithic topology, where the controller is highly susceptible to latency problems, resiliency, and scalability issues. This paper proposes a novel and intelligent control network to improve the performance of microgrid communications, solving the typical drawback of monolithic SDN controllers. The SDN controller's functionalities are segregated into microservices groups and distributed through a bare-metal Kubernetes cluster. Results are presented from PLECS hardware in the loop simulation to validate the seamless transition between standard hierarchical control to the SDN networked microgrid. The microservices significantly impact the performance of the SDN controller, decreasing the latency by 10.76% compared with a monolithic architecture. Furthermore, the proposed approach demonstrates a 42.23% decrease in packet loss versus monolithic topologies and a 53.41% reduction in recovery time during failures. Combining Kubernetes with SDN microservices can eliminate the single point of failure in hierarchical control, improve application recovery time, and enhance containerization benefits, including security and portability. This proposal represents a reference framework for future edge computing and intelligent control approaches in networked microgrids.

Secure Networking with Software-Defined Reconfigurable Intelligent Surfaces.

Reconfigurable intelligent surfaces (RIS) are considered of paramount importance to improve air-ground and THz communications performance for 6G systems. Recently, RISs were proposed in Physical Layer Security (PLS), as they can (i) improve the secrecy capacity due to the controlled directional reflections' capability of RIS elements and (ii) avoid potential eavesdroppers, redirecting data streams towards the intended users. This paper proposes the integration of a multi-RISs system within a Software Defined Networking (SDN) architecture to provide a specific control layer for secure data flows forwarding. The optimisation problem is properly characterised in terms of an objective function and an equivalent graph theory model is considered to address the optimal solution. Moreover, different heuristics are proposed, trading off complexity and PLS performance, to evaluate the more suitable multi-beam routing strategy. Numerical results are also provided, focusing on a worst case scenario which points out the improvement of the secrecy rate from the increase in the number of eavesdroppers. Furthermore, the security performance is investigated for a specific user mobility pattern in a pedestrian scenario.