Title :
Efficient Implementation of Security Applications in OpenFlow Controller with FleXam
Author :
Shirali-Shahreza, Sajad ; Ganjali, Yashar
Author_Institution :
Dept. of Comput. Sci., Univ. of Toronto, Toronto, ON, Canada
Abstract :
Current OpenFlow specifications provide limited access to packet-level information such as packet content, making it very inefficient, if not impossible, to deploy security and monitoring applications as controller applications. In this paper, we propose FleXam, a flexible sampling extension for OpenFlow designed to provide access to packet level information at the controller. Simplicity of FleXam makes it possible to implement it easily in OpenFlow switches and operate at line rate without requiring any additional memory. At the same time, its flexibility allows implementation of various monitoring and security applications in the controller, while maintaining balance between overhead and collected information details. FleXam realizes the advantages of both proactive and reactive routing schemes by providing a tunable trade-off between the visibility of individual flows, and the controller load. As an example, we demonstrate how FleXam can be used to implement a port scan detection application with an extremely low overhead.
Keywords :
computer network security; routing protocols; telecommunication switching; FleXam; OpenFlow controller; OpenFlow specifications; OpenFlow switches; controller applications; controller load; flexible sampling extension; monitoring applications; packet-level information access; port scan detection application; proactive routing schemes; reactive routing schemes; security applications; Accuracy; Control systems; Intrusion detection; Monitoring; Ports (Computers); Routing; OpenFlow; Port Scan; Sampling; Software-Defined Network;
Conference_Titel :
High-Performance Interconnects (HOTI), 2013 IEEE 21st Annual Symposium on
Conference_Location :
San Jose, CA
DOI :
10.1109/HOTI.2013.17
