Assessment of Connectivity-Based Resilience to Attacks Against Multiple Nodes in SDNs

Santos, Dorabella; Sousa, Amaro de; Machuca, Carmen Mas; Rak, Jacek

doi:10.1109/access.2021.3071995

Cited by 9 publications

(3 citation statements)

References 40 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Most of the works dealing with the problem of SDN network resilience against node‐targeted attacks assume that the attacker has full knowledge of the topology of the data plane network, but not about the actual location of the controllers, and knowingly selects the attacked nodes (and in this way constructing a node‐targeted attack) so as to achieve the most damaging effect on the network graph connectivity; such attacks are also called topological attacks or critical targeted attacks, see [4]. Recently, [23] presented an assessment of the resilience of long‐distance SDN networks to node‐targeted attacks. The paper compares the resilience of different controllers placement solutions to node‐targeted attacks and to node attacks of non‐targeted nature (in particular, random attacks), and one of the findings of this research is that node‐targeted attacks are much more damaging.…”

Section: Related Workmentioning

confidence: 99%

“…The first network ( cost266 ), consisting of

V=37

node locations and

E=57

links, is depicted in Figure 5 (and, for that matter, also in Figures 1 and 2); it is described in SNDlib [14] at http://sndlib.zib.de. The second network ( coronet conus ), composed of

V=75

node locations and

E=99

links, is shown in Figure 6; it is described for example in [25], [23].…”

Section: Numerical Studymentioning

confidence: 99%

See 1 more Smart Citation

Maximizing SDN resilience to node‐targeted attacks through joint optimization of the primary and backup controllers placements

Pióro,

Mycek,

Tomaszewski

et al. 2023

Networks

Self Cite

View full text Add to dashboard Cite

In software defined networks (SDN) packet data switches are configured by a limited number of SDN controllers, which respond to queries for packet forwarding decisions from the switches. To enable optimal control of switches in real time the placement of controllers at network nodes must guarantee that the controller‐to‐controller and switch‐to‐controller communications delays are bounded. Apart from the primary controllers that control the switches in the nominal state, separate backup controllers can be introduced that take over when the primary controllers are unavailable, and whose delay bounds are relaxed. In this paper, we present optimization models to jointly optimize the placement of primary and backup controllers in long‐distance SDN networks, aimed at maximizing the network's resilience to node‐targeted attacks. Applying the models to two well‐known network topologies and running a broad numerical study we show that, when compared with the standard approach of using only primary controllers, the use of backup controllers provides significant resilience gains, in particular in case of tight delay bounds.

show abstract

Section: Related Workmentioning

confidence: 99%

“…The first network ( cost266 ), consisting of

V=37

node locations and

E=57

links, is depicted in Figure 5 (and, for that matter, also in Figures 1 and 2); it is described in SNDlib [14] at http://sndlib.zib.de. The second network ( coronet conus ), composed of

V=75

node locations and

E=99

links, is shown in Figure 6; it is described for example in [25], [23].…”

Section: Numerical Studymentioning

confidence: 99%

Maximizing SDN resilience to node‐targeted attacks through joint optimization of the primary and backup controllers placements

Pióro,

Mycek,

Tomaszewski

et al. 2023

Networks

Self Cite

View full text Add to dashboard Cite

show abstract

“…The time interval until the complete network state view is reached is, in the worst case, the longest delay among all pairs of controllers, and hence the maximum controller-controller (CC) delay must also be bounded. Finally, the controller placement must be resilient to network disruptions, such as natural disasters [2], multiple link failures [3] or node-targeted attacks [4]. To improve the SDN resilience to these kinds of disruptions, in general additional controllers are required.…”

Section: Introductionmentioning

confidence: 99%

Optimizing primary and backup SDN controllers' placement resilient to node-targeted attacks

Mycek

Pióro

Tomaszewski

et al. 2021

2021 17th International Conference on Network and Service Management (CNSM)

Self Cite

View full text Add to dashboard Cite

In Software Defined Networks (SDNs), a number of controllers are placed in a given data plane network. In a standard logically centralized control plane, each controller acts simultaneously as a primary controller for some switches and as a backup controller for other switches, and the controller placements must meet given switch-controller (SC) and controllercontroller (CC) delay bounds. Then, the SDN should be resilient to network disruptions such as node-targeted attacks. To improve the SDN resilience to this kind of disruptions, we assume that some controllers are deployed only as backup controllers so that they take over the functions of primary controllers only in case of disruption. We propose an optimization model that solves a relevant primary and backup controller placement problem, where a minimum number of primary controllers minimizing the maximum SC delay is first established, and then a joint primary and backup controller placement maximizing the resilience of the SDN against a list of the most dangerous node-targeted attacks is determined. A numerical study illustrating the merits of the proposed optimization methodology is presented.

show abstract

PUAL-DBSCP: Personalized Ubiquitous Adaptive Learning for Density-Based Splitting Controller Placement in software-defined networks

Babbar,

Rani

2024

Computers in Human Behavior

View full text Add to dashboard Cite

Assessment of Connectivity-Based Resilience to Attacks Against Multiple Nodes in SDNs

Cited by 9 publications

References 40 publications

Maximizing SDN resilience to node‐targeted attacks through joint optimization of the primary and backup controllers placements

Maximizing SDN resilience to node‐targeted attacks through joint optimization of the primary and backup controllers placements

Optimizing primary and backup SDN controllers' placement resilient to node-targeted attacks

PUAL-DBSCP: Personalized Ubiquitous Adaptive Learning for Density-Based Splitting Controller Placement in software-defined networks

Contact Info

Product

Resources

About