“…However, Software-Defined Networks (SDNs) also introduce new security challenges. In particular, we in this paper study threats introduced by an unreliable south-bound interface, i.e., we consider a threat model in which switches or routers do not behave as expected, but rather are malicious [13], and e.g., contain hardware backdoors [14]. While many existing network security and monitoring tools rely on the trustworthiness of switches and routers, this assumption has become questionable: Attackers have repeatedly demonstrated their ability to compromise switches and routers [15], [16], [17], thousands of compromised access and core routers are being traded underground [18], networking vendors have left backdoors open [19], [20], national security agencies can bug network equipment [14], hacker tools to scan and eventually exploit routers with weak passwords, default settings are openly available on the Web, etc.…”