Dai, Y.
, Wang, A.
, Guo, Y.
and Chen, S.
(2023),
Elastically Augmenting the Control-Path Throughput in SDN to Deal with Internet DDoS Attacks, ACM Transactions on Internet Technology, [online], https://doi.org/10.1145/3559759
(Accessed April 27, 2024)
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Elastically Augmenting the Control-Path Throughput in SDN to Deal with Internet DDoS Attacks
Published
Author(s)
Yuanjun Dai, An Wang, , Songqing Chen
Abstract
Unobstructed communication between Software Defined Networks (SDN) switches and the controller is vital for SDN's normal operation. We find from measurements, however, that the software control agents on some of the switches have very limited throughput. This can cause performance degradation if the switch has to handle a high control traffic load, as for instance due to flash crowds or DDoS attacks. Such degradation can occur even when the data plane forwarding capacity is under-utilized. The goal of our paper is to design new mechanisms to enable the network to scale up its ability to handle high control traffic loads. For this purpose, we design, implement, and experimentally evaluate Scotch, a solution that elastically scales up the control plane capacity by using a vSwitch based overlay. Scotch takes advantage of both the high control plane capacity of a large number of vSwitches and the high data plane capacity of commodity hardware switches to increase the SDN network scalability and resiliency under normal (e.g., flash crowds) or abnormal (e.g., DDoS attacks) traffic surge.Citation
ACM Transactions on Internet Technology
Volume
23
Issue
1
Pub Type
Journals
Download Paper
Keywords
SDN, OpenFlow, vSwitch, control path, overlay
Citation
Created February 23, 2023, Updated May 18, 2023