Distributed Audit System of SDN Controller Based on Blockchain

  • Zhenyu Guan
  • Hanzheng Lyu
  • Haibin Zheng
  • Dawei LiEmail author
  • Jianwei Liu
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11911)


In the existing Software-Defined Networking (SDN), the network infrastructure is divided into different network domains according to the operators assigned to it. In this paper, by adding monitor meta to the switch layer, the flow table rules and logs issued by the controller are distributed recorded. The consortium blockchain is constructed by distributed secret sharing scheme, and the consensus mechanism based on blockchain ensures the validity and traceability of flow table rules of the controller, providing non-tampering service and cost records for multiparty operators without using a trusted third party. The system is designed to solve the problem of auditing and accounting in the untrusted environment in SDN and it has good security and reliability that is suitable for deployment in the actual SDN network.


SDN Auditing of controller Blockchain Secret sharing Distributed key generation 


  1. 1.
    Berde, P., et al.: ONOS: towards an open, distributed SDN OS. In: Proceedings of the Third Workshop on Hot Topics in Software Defined Networking, pp. 1–6. ACM (2014)Google Scholar
  2. 2.
    Blakley, G.R., et al.: Safeguarding cryptographic keys. In: Proceedings of the National Computer Conference, vol. 48, pp. 313–317 (1979)Google Scholar
  3. 3.
    Chen, L., Qiu, M., Dai, W., Jiang, N.: Supporting high-quality video streaming with SDN-based CDNs. J. Supercomput. 73(8), 3547–3561 (2017)CrossRefGoogle Scholar
  4. 4.
    Chen, L., Qiu, M., Xiong, J.: An SDN-based fabric for flexible data-center networks. In: 2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing, pp. 121–126. IEEE (2015)Google Scholar
  5. 5.
    Hassas Yeganeh, S., Ganjali, Y.: Kandoo: a framework for efficient and scalable offloading of control applications. In: Proceedings of the First Workshop on Hot Topics in Software Defined Networks, pp. 19–24. ACM (2012)Google Scholar
  6. 6.
    Koponen, T., et al.: Onix: a distributed control platform for large-scale production networks. In: OSDI, vol. 10, pp. 1–6 (2010)Google Scholar
  7. 7.
    McKeown, N.: Software-defined networking. INFOCOM Keynote Talk 17(2), 30–32 (2009)Google Scholar
  8. 8.
    Nakamoto, S., et al.: Bitcoin: a peer-to-peer electronic cash system (2008)Google Scholar
  9. 9.
    Pedersen, T.P.: A threshold cryptosystem without a trusted party. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 522–526. Springer, Heidelberg (1991). Scholar
  10. 10.
    Phemius, K., Bouet, M., Leguay, J.: Disco: Distributed multi-domain SDN controllers. In: 2014 IEEE Network Operations and Management Symposium (NOMS), pp. 1–4. IEEE (2014)Google Scholar
  11. 11.
    Qiu, H., Kapusta, K., Lu, Z., Qiu, M., Memmi, G.: All-or-nothing data protection for ubiquitous communication: Challenges and perspectives. Inf. Sci. 502, 434–445 (2019)MathSciNetCrossRefGoogle Scholar
  12. 12.
    Qiu, H., Noura, H., Qiu, M., Ming, Z., Memmi, G.: A user-centric data protection method for cloud storage based on invertible dwt. IEEE Trans. Cloud Comput. (2019) Google Scholar
  13. 13.
    Qiu, H., Qiu, M., Memmi, G., Ming, Z., Liu, M.: A dynamic scalable blockchain based communication architecture for IoT. In: Qiu, M. (ed.) SmartBlock 2018. LNCS, vol. 11373, pp. 159–166. Springer, Cham (2018). Scholar
  14. 14.
    Shamir, A.: How to share a secret. Commun. ACM 22(11), 612–613 (1979)MathSciNetCrossRefGoogle Scholar
  15. 15.
    Tootoonchian, A., Ganjali, Y.: HyperFlow: a distributed control plane for OpenFlow. In: Proceedings of the 2010 Internet Network Management Conference on Research on Enterprise Networking, p. 3 (2010)Google Scholar
  16. 16.
    Y, Y.: The work of Bitcoin mechanism (2013)Google Scholar
  17. 17.
    Zhang, F.t., Wang, Y.m.: Distributed key generation based on generalized verifiable secret sharing. Acta electronica Sinica 31(4), 580–584 (2003)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  • Zhenyu Guan
    • 1
  • Hanzheng Lyu
    • 1
  • Haibin Zheng
    • 2
  • Dawei Li
    • 1
    Email author
  • Jianwei Liu
    • 1
  1. 1.School of Cyber Science and TechnologyBeihang UniversityBeijingChina
  2. 2.School of Electronic and Information EngineeringBeihang UniversityBeijingChina

Personalised recommendations