{"title":"Fragmentation-Based Multipath Routing for Attack Resilience in Software Defined Networks","authors":"Purnima Murali Mohan, Teng Joon Lim, G. Mohan","doi":"10.1109/LCN.2016.98","DOIUrl":null,"url":null,"abstract":"In this paper, we propose a Fragmentation-based Multipath Routing (FMR) model for Software Defined Networks (SDNs) to enable attack-resilient data transfer. With the use of erasure encoding to fragment a message, the fragments are routed along multiple paths such that no intermediate node receives enough fragments required for message decoding. This ensures that, any intruder on a compromised node does not infer the original data from the received fragments. We develop an optimization programming formulation of the problem to choose reliable paths that provide resilience to attacks. Using FMR, the SDN controller dynamically routes the data fragments along a set of most reliable paths to achieve multipath diversity and hence improve data availability at the destination even in the presence of an attack. We carry out performance studies and demonstrate the effectiveness of our approach in terms of weighted path reliability and blocking performance.","PeriodicalId":6864,"journal":{"name":"2016 IEEE 41st Conference on Local Computer Networks (LCN)","volume":"55 1","pages":"583-586"},"PeriodicalIF":0.0000,"publicationDate":"2016-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2016 IEEE 41st Conference on Local Computer Networks (LCN)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/LCN.2016.98","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 5
Abstract
In this paper, we propose a Fragmentation-based Multipath Routing (FMR) model for Software Defined Networks (SDNs) to enable attack-resilient data transfer. With the use of erasure encoding to fragment a message, the fragments are routed along multiple paths such that no intermediate node receives enough fragments required for message decoding. This ensures that, any intruder on a compromised node does not infer the original data from the received fragments. We develop an optimization programming formulation of the problem to choose reliable paths that provide resilience to attacks. Using FMR, the SDN controller dynamically routes the data fragments along a set of most reliable paths to achieve multipath diversity and hence improve data availability at the destination even in the presence of an attack. We carry out performance studies and demonstrate the effectiveness of our approach in terms of weighted path reliability and blocking performance.