Implementation of a SDN Architecture Observer: Detection of Failure, Distributed Denial-of-Service and Unauthorized Intrusion

Software-defined networking was recently introduced and proposed to separate the control from data plane. This architecture introduces new challenges, particularly with regard security safety. To address safety it is necessary set up a multi controller provide redundancy. In addition, second can have benefit because be used validate decisions taken by first controller. However, communication between controllers in these architectures, which may exploited an attacker spread across controllers, resulting issue. study aims develop without controllers. The executed nominal controller, performs plane computation, whereas charge of verifying consistency controller’s decisions, i.e., management traffic. We formulated activity command then provided conditions determine consistent control. These include time boundary, corresponds tolerance for delay response structural properties verify path setup. Moreover, we detection algorithm that divided into two parts: first, learning phase learn second, running sets paths are similar learned path. evaluated terms its reactivity, precision, recall. evaluate this, considered three use cases: distributed denial service (DDOS) attack, attack send malicious packets on network, failure