Creating and sharing knowledge for telecommunications

Robust SDN Controller Placement to Malicious Node Attacks

Santos, D. ; Sousa, A. F. ; Mas Machuca, C.

Robust SDN Controller Placement to Malicious Node Attacks, Proc Conf. on Innovation in Clouds, Internet and Networks ICIN, Paris, France, Vol. , pp. 1 - 8, February, 2018.

Digital Object Identifier: 10.1109/ICIN.2018.8401617

In software-defined networking (SDN), the control plane is separated from the switching plane (i.e., data plane). The logically centralized control plane is implemented by physically distributing several controllers throughout the network for scalability and resilience. The problem of finding the number and location of the SDN controllers is known as the controller placement problem (CPP). In this paper, we consider the following robust CPP problem variant. For a given maximum switch-controller (SC) delay and a given maximum controller-controller (CC) delay in the regular state, we aim to find a CPP solution that maximizes the network robustness for a given number of malicious node attacks. First, we guarantee that if all but one controller nodes are shutdown, there is still a switching path from any switch to the surviving controller. We propose an ILP based method aiming to enumerate all such solutions. Then, for different malicious node attacks corresponding to different attacker's strategies, we evaluate the previous solutions to determine the ones that maximize the minimum number of switches that can still be connected to at least one controller. We compare the robust CPP solutions with non-robust CPP solutions which aim solely to minimize the average SC delay or average CC delay. In the latter cases, we propose ILP models that can be solved efficiently by standard solvers. Finally, we present a set of computational results showing the trade-off between the robustness improvement of the proposed solutions against the resulting penalties on the SC and CC delays.