An OpenvSwitch Extension for SDN Traceback
While software-defined networking (SDN) opens a new chapter for network administrators to manage and to maintain network, the vital characteristic of logically centralized control draws attackers to exploit different network technologies to hijack the controller. How to develop a security mechanism to determine the root of an anomaly and to identify the responsible entities is an urgent but challenging task now. Therefore, in this paper we conduct a research on SDN traceback with an OpenvSwitch extension, which is based on the technology of packet marking and logging. The traceback mainly consists of three functional mechanisms: mapping-table creation, packet marking and traceback, which is used to reconstruct the forwarding path of the packet with given features without changing network behaviors. We describe the dependent theoretical model and design concept of traceback, and demonstrate the validity, feasibility and practicability of traceback with an experiment. Similarly, the traceback we propose can play an important role in the fields of debugger and network behavior analysis.
KeywordsSoftware-defined networking OpenvSwitch Traceback Packet marking Logging
The authors would like to thank the anonymous reviewers for their elaborate reviews and feedback. This paper is supported by the National Natural Science Foundation of China (No. 61502247), Open Project Program of the State Key Laboratory of Mathematical Engineering and Advanced Computing (No. 2017A10), and Key Lab of Information Network Security, Ministry of Public Security (No. C17611), Opening Project of Collaborative Innovation Center for Economics crime investigation and prevention technology (No. JXJZXTCX-015).
- 3.Zinner, T., Jarschel, M., Hossfeld, T., Tran-Gia, P., Kellerer, W.: A compass through SDN networks. Informatik., Uni (2013)Google Scholar
- 4.Scott-Hayward, S., O’Callaghan, G., Sezer, S.: SDN security: a survey. In: Future Networks and Services, pp. 1–7 (2013)Google Scholar
- 6.Bates, A., Butler, K., Haeberlen, A., Sherr, M., Zhou, W.: Let SDN be your eyes: secure forensics in data center networks. In: The Workshop on Security of Emerging Networking Technologies (2014)Google Scholar
- 7.Pfaff, B., et al.: The design and implementation of Open vSwitch. In: NSDI, pp. 117–130 (2015)Google Scholar
- 8.Oliveira, R.L.S.D., Shinoda, A.A., Schweitzer, C.M., Prete, L.R.: Using mininet for emulation and prototyping software-defined networks. In: Communications and Computing, pp. 1–6 (2014)Google Scholar
- 9.Medved, J., Varga, R., Tkacik, A., Gray, K.: Opendaylight: towards a model-driven SDN controller architecture. In: World of Wireless, Mobile and Multimedia Networks, pp. 1–6 (2014)Google Scholar
- 10.Handigol, N., Heller, B., Jeyakumar, V., Mckeown, N.: Where is the debugger for my software-defined network? In: The Workshop on Hot Topics in Software Defined Networks, pp. 55–60 (2012)Google Scholar
- 11.Francois, J.: Anomaly traceback using software defined networking. In: International Workshop on Information Forensics & Security (2014)Google Scholar
- 12.Zhang, H., Reich, J., Rexford, J.: Packet traceback for software-defined networks, Department of Computer Science, Princeton University, Princeton. Technical report TR-978-15, vol. 201 (2015)Google Scholar
- 13.Agarwal, K., Dixon, C., Dixon, C., Carter, J.: SDN traceroute: tracing SDN forwarding without changing network behavior. In: The Workshop on Hot Topics in Software Defined Networking, pp. 145–150 (2014)Google Scholar
- 14.Abaid, Z., Rezvani, M., Jha, S.: Malware monitor: an SDN-based framework for securing large networks, pp. 40–42 (2014)Google Scholar
- 16.Zhao, Y., Zhang, P., Jin, Y.: Netography: troubleshoot your network with packet behavior in SDN. In: IEEE/IFIP Network Operations and Management Symposium, NOMS 2016, pp. 878–882 (2016)Google Scholar