Visible to the public Piggybacking Network Functions on SDN Reactive Routing: A Feasibility Study

TitlePiggybacking Network Functions on SDN Reactive Routing: A Feasibility Study
Publication TypeConference Paper
Year of Publication2017
AuthorsLiu, Chang, Raghuramu, Arun, Chuah, Chen-Nee, Krishnamurthy, Balachander
Conference NameProceedings of the Symposium on SDN Research
Conference LocationNew York, NY, USA
ISBN Number978-1-4503-4947-5
Keywordsaugmented reality, Human Behavior, Network security, privacy, pubcrawl, resilience, Resiliency, Scalability, SDN

This paper explores the potential of enabling SDN security and monitoring services by piggybacking on SDN reactive routing. As a case study, we implement and evaluate a piggybacking based intrusion prevention system called SDN-Defense. Our study of university WiFi traffic traces reveals that up to 73% of malicious flows can be detected by inspecting just the first three packets of a flow, and 90% of malicious flows from the first four packets. Using such empirical insights, we propose to forward the first K packets of each new flow to an augmented SDN controller for security inspection, where K is a dynamically configurable parameter. We characterize the cost-benefit trade-offs of SDN-Defense using real wireless traces and discuss potential scalability issues. Finally, we discuss other applications which can be enhanced by using our proposed piggybacking approach.

Citation Keyliu_piggybacking_2017