An OpenvSwitch extension for SDN traceback

Danni Ren, Wenti Jiang, Huakang Li, Guozi Sun*

*Corresponding author for this work

Research output: Chapter in Book or Report/Conference proceedingConference Proceedingpeer-review

2 Citations (Scopus)

Abstract

While software-defined networking (SDN) opens a new chapter for network administrators to manage and to maintain network, the vital characteristic of logically centralized control draws attackers to exploit different network technologies to hijack the controller. How to develop a security mechanism to determine the root of an anomaly and to identify the responsible entities is an urgent but challenging task now. Therefore, in this paper we conduct a research on SDN traceback with an OpenvSwitch extension, which is based on the technology of packet marking and logging. The traceback mainly consists of three functional mechanisms: mapping-table creation, packet marking and traceback, which is used to reconstruct the forwarding path of the packet with given features without changing network behaviors. We describe the dependent theoretical model and design concept of traceback, and demonstrate the validity, feasibility and practicability of traceback with an experiment. Similarly, the traceback we propose can play an important role in the fields of debugger and network behavior analysis.

Original languageEnglish
Title of host publicationNetwork and System Security - 12th International Conference, NSS 2018, Proceedings
EditorsMan Ho Au, Xiapu Luo, Jin Li, Kamil Kluczniak, Siu Ming Yiu, Cong Wang, Aniello Castiglione
PublisherSpringer Verlag
Pages423-435
Number of pages13
ISBN (Print)9783030027438
DOIs
Publication statusPublished - 2018
Externally publishedYes
Event12th International Conference on Network and System Security, NSS 2018 - Hong Kong, China
Duration: 27 Aug 201829 Aug 2018

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume11058 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference12th International Conference on Network and System Security, NSS 2018
Country/TerritoryChina
CityHong Kong
Period27/08/1829/08/18

Keywords

  • Logging
  • OpenvSwitch
  • Packet marking
  • Software-defined networking
  • Traceback

Cite this