Assessing the impact of resource attack in Software Defined Network

Software Defined Network (SDN) empowers network operators with more flexibility to program their networks. In SDN, dummy switches on the data plane dynamically forward packets based on the rules which are managed by a centralized controller. To apply the rules, switches need to write the rules in its flow table. However, because the size of the flow table is limited, a scalability problem can be an issue. Also, this scalability problem becomes a security issue related to Distributed Denial of Service (DDoS) attacks, especially the resource attack which consumes all flow tables of switches.

In this paper, we explore the impact of the resource attack to a SDN network. The resource attack is emulated on the SDN with mininet and OpenDaylight, and the effect of resource attack to the SDN is deeply analyzed in the aspects of delay and bandwidth. Through the evaluation, we highlight the importance of managing the flow tables with the awareness of their size limitation. Also, we discuss solutions which can address the resource attack and their challenges.