Proceedings ArticleDOI
RFlow + : An SDN-based WLAN monitoring and management framework
Rhongho Jang,Dong-Gyu Cho,Youngtae Noh,DaeHun Nyang +3 more
- pp 1-9
TLDR
An SDN-based WLAN monitoring and management framework called RFlow+ is proposed to address WiFi service dissatisfaction caused by the limited view (lack of scalability) of network traffic monitoring and absence of intelligent and timely network treatments and is proved practical by showing the effectiveness of a MAC flooding attacker quarantine in a real-world testbed.Abstract:
In this work, we propose an SDN-based WLAN monitoring and management framework called RFlow+ to address WiFi service dissatisfaction caused by the limited view (lack of scalability) of network traffic monitoring and absence of intelligent and timely network treatments. Existing solutions (e.g., OpenFlow and sFlow) have limited view, no generic flow description, and poor trade-off between measurement accuracy and network overhead depending on the selection of the sampling rate. To resolve these issues, we devise a two-level counting mechanism, namely a distributed local counter (on-site and real-time) and central collector (a summation of local counters). With this, we proposed a highly scalable monitoring and management framework to handle immediate actions based on short-term (e.g., 50 ms) monitoring and eventual actions based on long-term (e.g., 1 month) monitoring. The former uses the local view of each access point (AP), and the latter uses the global view of the collector. Experimental results verify that RFlow+ can achieve high accuracy (less than 5% standard error for short-term and less than 1% for long-term) and fast detection of flows of interest (within 23 ms) with manageable network overhead. We prove the practicality of RFlow+ by showing the effectiveness of a MAC flooding attacker quarantine in a real-world testbed.read more
Citations
More filters
OpenSDWN: Programmatic Control overHome and Enterprise WiFi
TL;DR: This paper presents and evaluates OpenSDWN, a novel WiFi architecture based on an SDN/NFV approach that exploits datapath programmability to enable service differentiation and fine-grained transmission control, facilitating the prioritization of critical applications.
An improved data stream summary: The Count-Min Sketch and its applications
Graham Cormode,S. Muthukrishnan +1 more
TL;DR: In this paper, the authors introduce a sublinear space data structure called the countmin sketch for summarizing data streams, which allows fundamental queries in data stream summarization such as point, range, and inner product queries to be approximately answered very quickly; in addition it can be applied to solve several important problems in data streams such as finding quantiles, frequent items, etc.
Proceedings Article
The CrossPath Attack: Disrupting the SDN Control Channel via Shared Links.
TL;DR: This work proposes the CrossPath attack that disrupts the SDN control channel by exploiting the shared links in paths of control traffic and data traffic, and develops a novel technique called adversarial path reconnaissance for identifying the target paths.
Book ChapterDOI
Disrupting SDN via the Data Plane: A Low-Rate Flow Table Overflow Attack
TL;DR: A stealthy data plane based attack that uses a minimum rate of attack packet to disrupt SDN and the LOFT attack that computes the lower bound of attack rate to overflow flow tables based on the inferred network configurations is proposed.
Journal ArticleDOI
LEDGE: Leveraging Edge Computing for Resilient Access Management of Mobile IoT
TL;DR: LEDGE is a synergy of an efficient location authentication method to secure communication between each IoT mobile device and access point (AP) pair, an optimal AP assignment scheme to satisfy IoT flow requests, a Personal AP protocol for scalable access, and a deep learning model for anomaly detection.
References
More filters
Journal ArticleDOI
OpenFlow: enabling innovation in campus networks
Nick McKeown,Thomas Anderson,Hari Balakrishnan,Guru Parulkar,Larry L. Peterson,Jennifer Rexford,Scott Shenker,Jonathan S. Turner +7 more
TL;DR: This whitepaper proposes OpenFlow: a way for researchers to run experimental protocols in the networks they use every day, based on an Ethernet switch, with an internal flow-table, and a standardized interface to add and remove flow entries.
Proceedings ArticleDOI
B4: experience with a globally-deployed software defined wan
Sushant Jain,Alok Kumar,Subhasree Mandal,Joon Ong,Leon Poutievski,Arjun Singh,Subbaiah Venkata,Jim Wanderer,Junlan Zhou,Min Zhu,Jonathan Zolla,Urs Hölzle,Stephen Stuart,Amin Vahdat +13 more
TL;DR: This work presents the design, implementation, and evaluation of B4, a private WAN connecting Google's data centers across the planet, using OpenFlow to control relatively simple switches built from merchant silicon.
Journal ArticleDOI
An improved data stream summary: the count-min sketch and its applications
Graham Cormode,S. Muthukrishnan +1 more
TL;DR: In this paper, the authors introduce a sublinear space data structure called the countmin sketch for summarizing data streams, which allows fundamental queries in data stream summarization such as point, range, and inner product queries to be approximately answered very quickly; in addition it can be applied to solve several important problems in data streams such as finding quantiles, frequent items, etc.
Proceedings Article
The design and implementation of open vSwitch
Ben Pfaff,Justin Pettit,Teemu Koponen,Ethan J. Jackson,Andy Zhou,Jarno Rajahalme,Jesse E. Gross,Alex Wang,Jonathan Stringer,Pravin Shelar,Keith E. Amidon,Martin Casado +11 more
TL;DR: The design and implementation of Open vSwitch is described, a multi-layer, open source virtual switch for all major hypervisor platforms, and the advanced flow classification and caching techniques that Open v switch uses to optimize its operations and conserve hypervisor resources are detailed.
Proceedings Article
Software defined traffic measurement with OpenSketch
Minlan Yu,Lavanya Jose,Rui Miao +2 more
TL;DR: This work proposes a software defined traffic measurement architecture OpenSketch, which separates the measurement data plane from the control plane and provides a measurement library that automatically configures the pipeline and allocates resources for different measurement tasks.