Abstract : The Software-Defined Networking (SDN) architecture was introduced with the objective of providing centralized control. As a result, only one entity is in charge of control, which makes it essential to ensure safe and secure control. We can find in the literature multi-controller solutions to reinforce the control layer against these threats. However, such an architecture brings new specificities and to ensure consistency between the controllers, a communication interface between them is necessary. This interface is a security threat since an attacker can propagate malicious and erroneous information on the network to other controllers. With this objective, this work aims at introducing a control architecture. This architecture is composed of a nominal controller and an observer in charge of detecting anomalies in the decisions taken by the controller. For this, only the activity of the controller is studied. Specifications, temporal and structural properties and finally models for the analysis of the likelihood of solutions are proposed and compared. A likelihood score is associated to the observations and is determined according to a multi-criteria approach. Here, two criteria have been proposed : the performance of the plans and the likelihood of the routes. The obtained performances show that the proposed methods are applicable, but have some limitations. Moreover, this work lays the foundations of a detection method and more generally of a network observability concept.
Participate to the NEMIoT project
Participate to the FACTO project