Maximizing SDN resilience to node‐targeted attacks through joint optimization of the primary and backup controllers placements
Abstrakt
In Software Defined Networks (SDN) packet data switches are configured by a limited number of SDN controllers, which respond to queries for packet forwarding decisions from the switches. To enable optimal control of switches in real time the placement of controllers at network nodes must guarantee that the controller-to-controller and switch-to-controller communications delays are bounded. Apart from the primary controllers that control the switches in the nominal state, separate backup controllers can be introduced that take over when the primary controllers are unavailable, and whose delay bounds are relaxed. In this paper we present optimization models to jointly optimize the placement of primary and backup controllers in long-distance SDN networks, aimed at maximizing the network's resilience to node-targeted attacks. Applying the models to two well-known network topologies and running a broad numerical study we show that, when compared with the standard approach of using only primary controllers, the use of backup controllers provides significant resilience gains, in particular in case of strict delay bounds.
Cytowania
-
0
CrossRef
-
0
Web of Science
-
0
Scopus
Autorzy (4)
Cytuj jako
Pełna treść
- Wersja publikacji
- Accepted albo Published Version
- DOI:
- Cyfrowy identyfikator dokumentu elektronicznego (otwiera się w nowej karcie) 10.1002/net.22201
- Licencja
- Copyright (2023 Wiley Periodicals LLC)
Słowa kluczowe
Informacje szczegółowe
- Kategoria:
- Publikacja w czasopiśmie
- Typ:
- artykuły w czasopismach
- Opublikowano w:
-
NETWORKS
nr 83,
strony 428 - 467,
ISSN: 0028-3045 - Język:
- angielski
- Rok wydania:
- 2024
- Opis bibliograficzny:
- Pióro M., Mycek M., Tomaszewski A., de Sousa A.: Maximizing SDN resilience to node‐targeted attacks through joint optimization of the primary and backup controllers placements// NETWORKS -Vol. 83,iss. 2 (2024), s.428-467
- DOI:
- Cyfrowy identyfikator dokumentu elektronicznego (otwiera się w nowej karcie) 10.1002/net.22201
- Źródła finansowania:
-
- Działalność statutowa/subwencja
- Weryfikacja:
- Politechnika Gdańska
wyświetlono 77 razy
Publikacje, które mogą cię zainteresować
Assessment of Connectivity-based Resilience to Attacks Against Multiple Nodes in SDNs
- D. Santos,
- A. de Sousa,
- C. Mas-Machuca
- + 1 autorów
Service-based Resilience via Shared Protection in Mission-critical Embedded Networks
- D. Ergenc,
- J. Rak,
- M. Fischer
Disaster-resilient communication networks: Principles and best practices
- A. Mauthe,
- D. Hutchison,
- E. Cetinkaya
- + 6 autorów