Atomic Predicates-Based Data Plane Properties Verification in Software Defined Networking Using Spark

IF 13.8 1区计算机科学 Q1 ENGINEERING, ELECTRICAL & ELECTRONIC IEEE Journal on Selected Areas in Communications Pub Date : 2020-07-01 DOI:10.1109/JSAC.2020.2986956

Yicong Zhang, Jie Li, S. Kimura, Wei Zhao, Sajal K. Das

{"title":"Atomic Predicates-Based Data Plane Properties Verification in Software Defined Networking Using Spark","authors":"Yicong Zhang, Jie Li, S. Kimura, Wei Zhao, Sajal K. Das","doi":"10.1109/JSAC.2020.2986956","DOIUrl":null,"url":null,"abstract":"Software-Defined Networking (SDN) is an innovational network architecture which gives network administrators the ability to directly control the whole network by programming on a centralized controller. Due to network complexity, networks are unlikely to be bug-free. The ability to verify data plane properties will make network management easier for network administrators in SDN. In this paper, we present a novel atomic predicates based data plane properties verification method for SDN using Spark which is a big data processing framework. First, we verify packet reachability which is a fundamental data plane property. Then, we verify other data plane properties such as loop-freedom and nonexistence of black holes. In addition, the proposed method can detect a security threat existing in SDN called firewall bypass threat with packet reachability verification. By adopting atomic predicates, we achieve less computational and storage overhead. We implement the methods and study the performance. The results of experiments show that we can efficiently and accurately detect loops, black holes and firewall bypass threats.","PeriodicalId":13243,"journal":{"name":"IEEE Journal on Selected Areas in Communications","volume":"38 1","pages":"1308-1321"},"PeriodicalIF":13.8000,"publicationDate":"2020-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1109/JSAC.2020.2986956","citationCount":"3","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Journal on Selected Areas in Communications","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1109/JSAC.2020.2986956","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"ENGINEERING, ELECTRICAL & ELECTRONIC","Score":null,"Total":0}

引用次数: 3

Abstract

Software-Defined Networking (SDN) is an innovational network architecture which gives network administrators the ability to directly control the whole network by programming on a centralized controller. Due to network complexity, networks are unlikely to be bug-free. The ability to verify data plane properties will make network management easier for network administrators in SDN. In this paper, we present a novel atomic predicates based data plane properties verification method for SDN using Spark which is a big data processing framework. First, we verify packet reachability which is a fundamental data plane property. Then, we verify other data plane properties such as loop-freedom and nonexistence of black holes. In addition, the proposed method can detect a security threat existing in SDN called firewall bypass threat with packet reachability verification. By adopting atomic predicates, we achieve less computational and storage overhead. We implement the methods and study the performance. The results of experiments show that we can efficiently and accurately detect loops, black holes and firewall bypass threats.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

Spark在软件定义网络中基于原子谓词的数据平面属性验证

软件定义网络（SDN）是一种创新的网络架构，它使网络管理员能够通过在集中控制器上编程来直接控制整个网络。由于网络的复杂性，网络不太可能是无漏洞的。验证数据平面属性的能力将使SDN中的网络管理员更容易进行网络管理。本文利用Spark这一大数据处理框架，提出了一种新的基于原子谓词的SDN数据平面属性验证方法。首先，我们验证了分组可达性，这是数据平面的一个基本性质。然后，我们验证了其他数据平面性质，如环路自由度和不存在黑洞。此外，该方法可以通过数据包可达性验证来检测SDN中存在的安全威胁，称为防火墙旁路威胁。通过采用原子谓词，我们可以减少计算和存储开销。我们实施这些方法并研究其性能。实验结果表明，我们可以有效、准确地检测环路、黑洞和防火墙旁路威胁。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

IEEE Journal on Selected Areas in Communications 工程技术-电信学

CiteScore

30.00

自引率

4.30%

发文量

234

审稿时长

6 months

期刊介绍： The IEEE Journal on Selected Areas in Communications (JSAC) is a prestigious journal that covers various topics related to Computer Networks and Communications (Q1) as well as Electrical and Electronic Engineering (Q1). Each issue of JSAC is dedicated to a specific technical topic, providing readers with an up-to-date collection of papers in that area. The journal is highly regarded within the research community and serves as a valuable reference. The topics covered by JSAC issues span the entire field of communications and networking, with recent issue themes including Network Coding for Wireless Communication Networks, Wireless and Pervasive Communications for Healthcare, Network Infrastructure Configuration, Broadband Access Networks: Architectures and Protocols, Body Area Networking: Technology and Applications, Underwater Wireless Communication Networks, Game Theory in Communication Systems, and Exploiting Limited Feedback in Tomorrow’s Communication Networks.