Abstrakt
In Software Defined Networks (SDNs), the control plane of a network is decoupled from its data plane. For scalability and robustness, the logically centralized control plane is implemented by physically placing different controllers throughout the network. The determination of the number and placement of controllers is known as the Controller Placement Problem (CPP). In the regular (i.e., failure-free) state, the control plane must guarantee a given maximum delay between every switch and its primary controller and a given maximum delay between every pair of controllers. In general, these delay bounds allow multiple solutions and, so, other goals can be used to determine the best CPP solution. In this paper, we assess the connectivity-based resilience to malicious attacks against multiple network nodes of the CPP solutions obtained with three different aims: the regular state delay optimization without any concern about attacks, the regular state delay optimization taking into consideration the worst-case attacks and the resilience optimization to attacks against multiple nodes. We assess the CPP solutions considering attacks of targeted nature (when the attacker has complete knowledge of the data plane) and attacks of non-targeted nature (i.e., random and epidemic attacks). We present computational results providing an analysis of the CPP solutions to the different types of attacks. The main conclusion is that the connectivity-based resilience between the different CPP solutions strongly depends on the network topology, the regular state delay bounds and the type of attacks. Finally, we provide insights on how SDN operators can consider the conducted assessment when deciding the controller placements in their networks.
Cytowania
-
1 2
CrossRef
-
0
Web of Science
-
1 3
Scopus
Autorzy (4)
Cytuj jako
Pełna treść
- Wersja publikacji
- Accepted albo Published Version
- Licencja
- otwiera się w nowej karcie
Słowa kluczowe
Informacje szczegółowe
- Kategoria:
- Publikacja w czasopiśmie
- Typ:
- artykuły w czasopismach
- Opublikowano w:
-
IEEE Access
nr 9,
strony 58266 - 58286,
ISSN: 2169-3536 - Język:
- angielski
- Rok wydania:
- 2021
- Opis bibliograficzny:
- Santos D., de Sousa A., Mas-Machuca C., Rak J.: Assessment of Connectivity-based Resilience to Attacks Against Multiple Nodes in SDNs// IEEE Access -Vol. 9, (2021), s.58266-58286
- DOI:
- Cyfrowy identyfikator dokumentu elektronicznego (otwiera się w nowej karcie) 10.1109/access.2021.3071995
- Źródła finansowania:
- Weryfikacja:
- Politechnika Gdańska
wyświetlono 142 razy
Publikacje, które mogą cię zainteresować
Maximizing SDN resilience to node‐targeted attacks through joint optimization of the primary and backup controllers placements
- M. Pióro,
- M. Mycek,
- A. Tomaszewski
- + 1 autorów
Disciplines and measures of information resilience
- J. Rak,
- M. Jonsson,
- D. Hutchison
- + 1 autorów
Service-based Resilience via Shared Protection in Mission-critical Embedded Networks
- D. Ergenc,
- J. Rak,
- M. Fischer
Disaster Resilience of Optical Networks: State of the Art, Challenges, and Opportunities
- J. Rak,
- R. Girão-Silva,
- T. Gomes
- + 3 autorów