[go: up one dir, main page]
Skip to main content
Springer Nature Link
Log in

Hybrid Routing for Efficient Fine-Grained Management of Specific Services in SDN

  • Conference paper
  • First Online:
Science of Cyber Security (SciSec 2022)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 13580))

Included in the following conference series:

  • 1075 Accesses

Abstract

Software Defined Networking (SDN), a novel network architecture providing a global field of vision through separating data planes and control planes, has recently attracted a lot of attention because of its programmability and centralized control. However, to support some customized services such as resource allocation, anomaly detection, and traffic engineering, most advanced SDN designs require fine-grained management of specific flows, which may quickly exhaust the flow table of an SDN switch and lead to undesired processing overhead. Therefore, this paper proposes to balance the trade-off between customized services and resource consumption through hybrid routing. We formulate the installment of hybrid rules as integer linear programming problems. Rounding-based algorithms are proposed to acquire reasonable solutions which instruct the controller to install forwarding rules. Further experiments show the high efficiency of our algorithm. Compared with the benchmark work, our work reduces the maximum number of flow rules in SDN switches by at least 20.1% and shows better network performance in packet loss ratio and flow setup delay.

Supported by the National Key R &D Program of China with No. 2018YFC0806900, Beijing Municipal Science & Technology Commission with Project No. Z191100007119009 and NSFC No. 61902397.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. The epoch topology. http://www.topology-zoo.org/maps/Epoch.jpg (2021)

  2. Openflow specification v1.3. http://opennetworking.wpengine.com/wp-content/uploads/2014/10/openflow-spec-v1.3.2.pdf (2021)

  3. Al-Fares, M., Loukissas, A., Vahdat, A.: A scalable, commodity data center network architecture. ACM SIGCOMM Comput. Commun. Rev. 38(4), 63–74 (2008)

    Article  Google Scholar 

  4. Azzouni, A., Pujolle, G.: NeuTm: a neural network-based framework for traffic matrix prediction in SDN. In: NOMS 2018–2018 IEEE/IFIP Network Operations and Management Symposium, pp. 1–5. IEEE (2018)

    Google Scholar 

  5. Bera, S., Misra, S., Jamalipour, A.: Flowstat: adaptive flow-rule placement for per-flow statistics in SDN. IEEE J. Sel. Areas Commun. 37(3), 530–539 (2019)

    Article  Google Scholar 

  6. Chen, K.Y., et al.: SDNshield: NFV-based defense framework against DDoS attacks on SDN control plane. IEEE/ACM Trans. Netw. 30(1), 1–17 (2022)

    Article  Google Scholar 

  7. Cohen, R., Lewin-Eytan, L., Naor, J.S., Raz, D.: On the effect of forwarding table size on SDN network utilization. In: IEEE INFOCOM 2014-IEEE Conference on Computer Communications, pp. 1734–1742. IEEE (2014)

    Google Scholar 

  8. Curtis, A.R., Mogul, J.C., Tourrilhes, J., Yalagandula, P., Sharma, P., Banerjee, S.: DevoFlow: scaling flow management for high-performance networks. In: Proceedings of the ACM SIGCOMM 2011 Conference, pp. 254–265 (2011)

    Google Scholar 

  9. Dodia, P., Zhauniarovich, Y.: Poster: SDN-based system to filter out DRDoS amplification traffic in ISP networks. In: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, pp. 2645–2647 (2019)

    Google Scholar 

  10. Guo, K., Hu, Y., Qian, Z., Sun, Y., Gao, J., Yin, B.: Dynamic graph convolution network for traffic forecasting based on latent network of Laplace matrix estimation. IEEE Trans. Intell. Transp. Syst. 23(2), 1009–1018 (2022)

    Article  Google Scholar 

  11. He, K., Rozner, E., Agarwal, K., Felter, W., Carter, J., Akella, A.: Presto: edge-based load balancing for fast datacenter networks. ACM SIGCOMM Comput. Commun. Rev. 45(4), 465–478 (2015)

    Article  Google Scholar 

  12. Hong, C.Y., et al.: Achieving high utilization with software-driven WAN. In: Proceedings of the ACM SIGCOMM 2013 Conference on SIGCOMM, pp. 15–26 (2013)

    Google Scholar 

  13. Liu, Y.F., Lin, C.J., Tseng, C.C.: Dynamic cluster-based flow management for software defined networks. IEEE Trans. Serv. Comput. PP(99) (2019)

    Google Scholar 

  14. Long, Z., Jinsong, W.: A hybrid method of entropy and SSAE-SVM based DDoS detection and mitigation mechanism in SDN. Comput. Secur. 115, 102604 (2022)

    Article  Google Scholar 

  15. MacDermott, Á., Baker, T., Buck, P., Iqbal, F., Shi, Q.: The internet of things: Challenges and considerations for cybercrime investigations and digital forensics. Int. J. Dig. Crime Forensics (IJDCF) 12(1), 1–13 (2020)

    Article  Google Scholar 

  16. McKeown, N., et al.: Openflow: enabling innovation in campus networks. ACM SIGCOMM Comput. Commun. Rev. 38(2), 69–74 (2008)

    Article  Google Scholar 

  17. Mimidis-Kentis, A., Pilimon, A., Soler, J., Berger, M., Ruepp, S.: A novel algorithm for flow-rule placement in SDN switches. In: 2018 4th IEEE Conference on Network Softwarization and Workshops (NetSoft), pp. 1–9. IEEE (2018)

    Google Scholar 

  18. Phan, T.V., Nguyen, T.G., Bauschert, T.: Deepmatch: fine-grained traffic flow measurement in SDN with deep dueling neural networks. IEEE J. Sel. Areas Commun. 39(7), 2056–2075 (2021)

    Article  Google Scholar 

  19. Phan, T.V., Nguyen, T.G., Dao, N.N., Huong, T.T., Thanh, N.H., Bauschert, T.: Deepguard: efficient anomaly detection in SDN with fine-grained traffic flow monitoring. IEEE Trans. Netw. Serv. Manage. 17(3), 1349–1362 (2020)

    Article  Google Scholar 

  20. Rifai, M., Huin, N., Caillouet, C., Giroire, F., Lopez-Pacheco\(\dagger \), D.: Too many SDN rules? compress them with MINNIE. In: IEEE Global Communications Conference (2015)

    Google Scholar 

  21. Saha, A., Ganguly, N., Chakraborty, S., De, A.: Learning network traffic dynamics using temporal point process. In: IEEE INFOCOM 2019-IEEE Conference on Computer Communications, pp. 1927–1935. IEEE (2019)

    Google Scholar 

  22. Suárez-Varela, J., Barlet-Ros, P.: Flow monitoring in software-defined networks: finding the accuracy/performance tradeoffs. Comput. Netw. 135, 289–301 (2018)

    Article  Google Scholar 

  23. Wang, H., Xu, H., Qian, C., Ge, J., Liu, J., Huang, H.: PrePass: load balancing with data plane resource constraints using commodity sdn switches. Comput. Netw. 178, 107339 (2020)

    Article  Google Scholar 

  24. Wang, P., Xu, H., Huang, L., He, J., Meng, Z.: Control link load balancing and low delay route deployment for software defined networks. IEEE J. Sel. Areas Commun. 35(11), 2446–2456 (2017)

    Article  Google Scholar 

  25. Wu, C., et al.: A hybrid intrusion detection system for IoT applications with constrained resources. Int. J. Dig. Crime Forensics (IJDCF) 12(1), 109–130 (2020)

    Article  Google Scholar 

  26. Xu, H., Huang, H., Chen, S., Zhao, G.: Scalable software-defined networking through hybrid switching. In: IEEE INFOCOM 2017-IEEE Conference on Computer Communications, pp. 1–9. IEEE (2017)

    Google Scholar 

  27. Jianfeng, W.L.X., Zhen, X.: Survey on resource consumption attacks and defenses in software-defined networking. J. Cyber Secur. 5(4), 72–95 (2020)

    Google Scholar 

  28. Yan, Q., Yu, R., Gong, Q., Li, J.: Software-defined networking (SDN) and distributed denial of service (DDoS) attacks in cloud computing environments: a survey, some research issues, and challenges. IEEE Commun. Surv. Tutorials 18(1), 602–622 (2016)

    Article  Google Scholar 

  29. Yang, X., Xu, H., Huang, L., Zhao, G., Xi, P., Qiao, C.: Joint virtual switch deployment and routing for load balancing in SDNs. IEEE J. Sel. Areas Commun. 36(3), 397–410 (2018)

    Google Scholar 

  30. Zhang, J., Xi, K., Luo, M., Chao, H.J.: Load balancing for multiple traffic matrices using SDN hybrid routing. In: 2014 IEEE 15th International Conference on High Performance Switching and Routing (HPSR), pp. 44–49. IEEE (2014)

    Google Scholar 

  31. Zhao, G., Xu, H., Fan, J., Huang, L., Qiao, C.: Achieving fine-grained flow management through hybrid rule placement in SDNs. IEEE Trans. Parallel Distrib. Syst. 32(3), 728–742 (2020)

    Article  Google Scholar 

  32. Zhou, Y., Cheng, G., Yu, S.: An SDN-enabled proactive defense framework for DDoS mitigation in IoT networks. IEEE Trans. Inf. Forensics Secur. 16, 5366–5380 (2021)

    Article  Google Scholar 

Download references

Acknowledgements

This work was supported by the National Key R &D Program of China with No. 2018YFC0806900, Beijing Municipal Science & Technology Commission with Project No. Z191100007119009, NSFC No. 61671448 and NSFC No.61902397.

Author information

Authors and Affiliations

  1. State Key Laboratory of Information Security, Institute of Information Engineering, CAS, Beijing, 100093, China

    Kun Jia & Jiazhi Liu

  2. School of Cyber Security, University of Chinese Academy of Sciences, Beijing, 100049, China

    Kun Jia & Jiazhi Liu

  3. Institute of information Engineering, CAS, Beijing, 100093, China

    Wen Wang & Feng Liu

Authors
  1. Kun Jia
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jiazhi Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Wen Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Feng Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Feng Liu .

Editor information

Editors and Affiliations

  1. University of Aizu, Aizuwakamatsu, Fukushima, Japan

    Chunhua Su

  2. Kyushu University, Fukuoka, Japan

    Kouichi Sakurai

  3. Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China

    Feng Liu

Rights and permissions

Reprints and permissions

Copyright information

© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Jia, K., Liu, J., Wang, W., Liu, F. (2022). Hybrid Routing for Efficient Fine-Grained Management of Specific Services in SDN. In: Su, C., Sakurai, K., Liu, F. (eds) Science of Cyber Security. SciSec 2022. Lecture Notes in Computer Science, vol 13580. Springer, Cham. https://doi.org/10.1007/978-3-031-17551-0_11

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-17551-0_11

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-17550-3

  • Online ISBN: 978-3-031-17551-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation