Geodesic
Algorithm for reducing the number of forwarding rules created by SDN applications
Modelirovanie i analiz informacionnyh sistem, Tome 26 (2019) no. 1, pp. 122-133 Cet article a éte moissonné depuis la source Math-Net.Ru

Voir la notice de l'article

Software-Defined Networking (SDN) is a network architecture that introduces a physical separation of data-plane from control-plane. It implements a new way of analyzing network statistics through counters installed on forwarding rules. These counters measure the number of packets processed by these rules and represent per-flow network statistics. In order to get information about the number of packets from different flows SDN applications can install additional forwarding rules, sole purpose of which is to count packets with specific headers. But in order to produce a full network statistics analysis these applications may install a large amount of forwarding rules thus limiting the space in the forwarding table for other applications. So we need algorithms to minimize the number of such rules. In this paper, we consider the problem of minimizing the number of forwarding rules installed on SDN switches by applications that analyze network statistics. We introduce a heuristic algorithm that creates a reduced representation for sets of rules installed in the network. The experimental results show that this algorithm reduces the number of rules by at least 2.2 times on uniformly distributed random input.
Keywords: SDN, network statistics, forwarding rule counters. 
@article{MAIS_2019_26_1_a8,
     author = {I. S. Petrov},
     title = {Algorithm for reducing the number of forwarding rules created by {SDN} applications},
     journal = {Modelirovanie i analiz informacionnyh sistem},
     pages = {122--133},
     year = {2019},
     volume = {26},
     number = {1},
     language = {ru},
     url = {http://geodesic.mathdoc.fr/item/MAIS_2019_26_1_a8/}
}
TY  - JOUR
AU  - I. S. Petrov
TI  - Algorithm for reducing the number of forwarding rules created by SDN applications
JO  - Modelirovanie i analiz informacionnyh sistem
PY  - 2019
SP  - 122
EP  - 133
VL  - 26
IS  - 1
UR  - http://geodesic.mathdoc.fr/item/MAIS_2019_26_1_a8/
LA  - ru
ID  - MAIS_2019_26_1_a8
ER  - 
%0 Journal Article
%A I. S. Petrov
%T Algorithm for reducing the number of forwarding rules created by SDN applications
%J Modelirovanie i analiz informacionnyh sistem
%D 2019
%P 122-133
%V 26
%N 1
%U http://geodesic.mathdoc.fr/item/MAIS_2019_26_1_a8/
%G ru
%F MAIS_2019_26_1_a8
I. S. Petrov. Algorithm for reducing the number of forwarding rules created by SDN applications. Modelirovanie i analiz informacionnyh sistem, Tome 26 (2019) no. 1, pp. 122-133. http://geodesic.mathdoc.fr/item/MAIS_2019_26_1_a8/

[1] Petrov I.S., Smeliansky R.L., “Minimization of Multicast Traffic and Ensuring Its Fault Tolerance in Software-Defined Networks”, Journal of Computer and Systems Sciences International, 57:3 (2018), 407–419 | DOI | DOI | Zbl

[2] Petrov I. S., “Mathematical model for predicting forwarding rule counter values in SDN”, Young Researchers in Electrical and Electronic Engineering, 2018 IEEE Conference of Russian, IEEE, 2018, 1313–1317

[3] Smeliansky R.L., “Software Defined Network”, Open Systems. DBMS, 9 (2012), 15–26 (in Russian)

[4] OpenFlow Switch Specification, Version 1.5.1 (Protocol version 0x06), Open Networkig Foundation, 2015

[5] Kazemian P., Varghese G., McKeown N., “Header Space Analysis: Static Checking for Networks”, Proceedings of NSDI'12, 2012, 1–14

[6] Lozhkin S. A., Lektsii po osnovam kibernetiki, Moscow, 2017, 20–30 (in Russian)

[7] Akyildiz I.F., et al., “A roadmap for traffic engineering in SDN-OpenFlow networks”, Computer Networks, 71 (2014), 1–30 | DOI

[8] Pang Chunhui, Yong Jiang, Qi Li, “FADE: Detecting forwarding anomaly in software-defined networks”, 2016 IEEE International Conference on Communications, ICC, IEEE, 2016, 1–6

[9] Kamisinski A., Carol F., “Flowmon: Detecting malicious switches in software-defined networks”, Proceedings of the 2015 Workshop on Automated Decision Making for Active Cyber Defense, ACM, 2015, 39–45 | DOI

[10] Chao Tzu-Wei, et al., “Securing data planes in software-defined networks”, NetSoft Conference and Workshops, NetSoft, IEEE, 2016, 465–470

[11] Gaivoronskaya S.A., Petrov I.S., “Towards Applicability of Shellcode Detection Methods Based on x86 Platform for Arm”, Information Security Problems. Computer Systems, 2014, no. 3, 115–122 (in Russian)

[12] Dhawan M., et al., “SPHINX: Detecting Security Attacks in Software-Defined Networks”, NDSS, 2015, 8–11