An OpenvSwitch Extension for SDN Traceback

  • Danni Ren
  • Wenti Jiang
  • Huakang Li
  • Guozi Sun
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11058)


While software-defined networking (SDN) opens a new chapter for network administrators to manage and to maintain network, the vital characteristic of logically centralized control draws attackers to exploit different network technologies to hijack the controller. How to develop a security mechanism to determine the root of an anomaly and to identify the responsible entities is an urgent but challenging task now. Therefore, in this paper we conduct a research on SDN traceback with an OpenvSwitch extension, which is based on the technology of packet marking and logging. The traceback mainly consists of three functional mechanisms: mapping-table creation, packet marking and traceback, which is used to reconstruct the forwarding path of the packet with given features without changing network behaviors. We describe the dependent theoretical model and design concept of traceback, and demonstrate the validity, feasibility and practicability of traceback with an experiment. Similarly, the traceback we propose can play an important role in the fields of debugger and network behavior analysis.


Software-defined networking OpenvSwitch Traceback Packet marking Logging 



The authors would like to thank the anonymous reviewers for their elaborate reviews and feedback. This paper is supported by the National Natural Science Foundation of China (No. 61502247), Open Project Program of the State Key Laboratory of Mathematical Engineering and Advanced Computing (No. 2017A10), and Key Lab of Information Network Security, Ministry of Public Security (No. C17611), Opening Project of Collaborative Innovation Center for Economics crime investigation and prevention technology (No. JXJZXTCX-015).


  1. 1.
    Feamster, N., Rexford, J., Zegura, E.: The road to SDN. Queue 11(12), 20 (2013)CrossRefGoogle Scholar
  2. 2.
    Mckeown, N., et al.: OpenFlow: enabling innovation in campus networks. ACM SIGCOMM Comput. Commun. Rev. 38(2), 69–74 (2008)CrossRefGoogle Scholar
  3. 3.
    Zinner, T., Jarschel, M., Hossfeld, T., Tran-Gia, P., Kellerer, W.: A compass through SDN networks. Informatik., Uni (2013)Google Scholar
  4. 4.
    Scott-Hayward, S., O’Callaghan, G., Sezer, S.: SDN security: a survey. In: Future Networks and Services, pp. 1–7 (2013)Google Scholar
  5. 5.
    Khan, S., et al.: Software-defined network forensics: motivation, potential locations, requirements, and challenges. IEEE Netw. 30(6), 6–13 (2016)CrossRefGoogle Scholar
  6. 6.
    Bates, A., Butler, K., Haeberlen, A., Sherr, M., Zhou, W.: Let SDN be your eyes: secure forensics in data center networks. In: The Workshop on Security of Emerging Networking Technologies (2014)Google Scholar
  7. 7.
    Pfaff, B., et al.: The design and implementation of Open vSwitch. In: NSDI, pp. 117–130 (2015)Google Scholar
  8. 8.
    Oliveira, R.L.S.D., Shinoda, A.A., Schweitzer, C.M., Prete, L.R.: Using mininet for emulation and prototyping software-defined networks. In: Communications and Computing, pp. 1–6 (2014)Google Scholar
  9. 9.
    Medved, J., Varga, R., Tkacik, A., Gray, K.: Opendaylight: towards a model-driven SDN controller architecture. In: World of Wireless, Mobile and Multimedia Networks, pp. 1–6 (2014)Google Scholar
  10. 10.
    Handigol, N., Heller, B., Jeyakumar, V., Mckeown, N.: Where is the debugger for my software-defined network? In: The Workshop on Hot Topics in Software Defined Networks, pp. 55–60 (2012)Google Scholar
  11. 11.
    Francois, J.: Anomaly traceback using software defined networking. In: International Workshop on Information Forensics & Security (2014)Google Scholar
  12. 12.
    Zhang, H., Reich, J., Rexford, J.: Packet traceback for software-defined networks, Department of Computer Science, Princeton University, Princeton. Technical report TR-978-15, vol. 201 (2015)Google Scholar
  13. 13.
    Agarwal, K., Dixon, C., Dixon, C., Carter, J.: SDN traceroute: tracing SDN forwarding without changing network behavior. In: The Workshop on Hot Topics in Software Defined Networking, pp. 145–150 (2014)Google Scholar
  14. 14.
    Abaid, Z., Rezvani, M., Jha, S.: Malware monitor: an SDN-based framework for securing large networks, pp. 40–42 (2014)Google Scholar
  15. 15.
    Lvai, T., Pelle, I., Nmeth, F., Gulys, A.: EPOXIDE: a modular prototype for SDN troubleshooting. ACM SIGCOMM Comput. Commun. Rev. 45(5), 359–360 (2015)CrossRefGoogle Scholar
  16. 16.
    Zhao, Y., Zhang, P., Jin, Y.: Netography: troubleshoot your network with packet behavior in SDN. In: IEEE/IFIP Network Operations and Management Symposium, NOMS 2016, pp. 878–882 (2016)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2018

Authors and Affiliations

  • Danni Ren
    • 1
    • 3
  • Wenti Jiang
    • 1
  • Huakang Li
    • 1
    • 2
  • Guozi Sun
    • 1
    • 2
  1. 1.School of Computer ScienceNanjing University of Posts and TelecommunicationsNanjingChina
  2. 2.Institude of Computer TechnologyNanjing University of Posts and TelecommunicationsNanjingChina
  3. 3.Zhongxing Telecommunication Equipment CorporationNanjingChina

Personalised recommendations