dc.contributor.author | Aryan, Ramtin | |
dc.contributor.author | Yazidi, Anis | |
dc.contributor.author | Engelstad, Paal E. | |
dc.date.accessioned | 2020-02-09T11:47:17Z | |
dc.date.accessioned | 2020-02-18T13:07:47Z | |
dc.date.available | 2020-02-09T11:47:17Z | |
dc.date.available | 2020-02-18T13:07:47Z | |
dc.date.issued | 2018 | |
dc.identifier.citation | Aryan R, Yazidi A, Engelstad P.E.. An Incremental Approach for Swift OpenFlow Anomaly Detection. Conference on Local Computer Networks. 2018 | en |
dc.identifier.issn | 0742-1303 | |
dc.identifier.issn | 0742-1303 | |
dc.identifier.uri | https://hdl.handle.net/10642/8135 | |
dc.description.abstract | Software Defined Networking (SDN) is designed for dynamic policy update where frequent changes are pushed to the forwarding devices. Different offline approaches for detecting misconfiguration anomalies in SDN by taking a snapshot of the state of the network have been developed in the literature. However, the detection process is time-consuming and unfeasible in the case of frequent changes to the OpenFlow tables as well in big size networks containing a large number of rules. This paper presents an incremental method for detecting potential anomalies in an online manner, i.e., after one or multiple simultaneous updates in the SDN policy. Whenever the OpenFlow tables are dynamically changed, a static approach that rechecks the whole policy is unnecessarily redundant in a sense that most of the policy remains intact. Hence the need for incremental verification method to reduce this overhead, and only the subset of the policy that is affected by the update is checked. Two different solutions are proposed based on whether the policy modifications take place in the ingress switches or in the middle switches. We provide some comprehensive experiments to demonstrate the detection performance for the case of single or multiple simultaneous changes in forwarding devices. The experiment results show that the incremental method is drastically faster than the static parallel approach, with a factor up to about 450 times in some cases. | en |
dc.language.iso | en | en |
dc.publisher | IEEE Explore | en |
dc.relation.ispartofseries | 2018 IEEE 43rd Conference on Local Computer Networks (LCN); | |
dc.rights | © 2019 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media,
including reprinting/republishing this material for advertising or promotional purposes, creating new collective works,
for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works. | en |
dc.subject | Anomaly detection | en |
dc.subject | Tools | en |
dc.subject | Conferences | en |
dc.subject | Computer networks | en |
dc.subject | Routings | en |
dc.subject | Control systems | en |
dc.title | An Incremental Approach for Swift OpenFlow Anomaly Detection | en |
dc.type | Conference object | en |
dc.date.updated | 2020-02-09T11:47:17Z | |
dc.description.version | acceptedVersion | en |
dc.identifier.doi | https://dx.doi.org/10.1109/LCN.2018.8638226 | |
dc.identifier.cristin | 1792318 | |
dc.source.journal | Conference on Local Computer Networks | |