AALLA: Attack-Aware Logical Link Assignment Cost-Minimization Model for Protecting Software-Defined Networks against DDoS Attacks

Abstract

Software-Defined Networking (SDN), which is used in Industrial Internet of Things, uses a controller as its “network brain” located at the control plane. This uniquely distinguishes it from the traditional networking paradigms because it provides a global view of the entire network. In SDN, the controller can become a single point of failure, which may cause the whole network service to be compromised. Also, data packet transmission between controllers and switches could be impaired by natural disasters, causing hardware malfunctioning or Distributed Denial of Service (DDoS) attacks. Thus, SDN controllers are vulnerable to both hardware and software failures. To overcome this single point of failure in SDN, this paper proposes an attack-aware logical link assignment (AALLA) mathematical model with the ultimate aim of restoring the SDN network by using logical link assignment from switches to the cluster (backup) controllers. We formulate the AALLA model in integer linear programming (ILP), which restores the disrupted SDN network availability by assigning the logical links to the cluster (backup) controllers. More precisely, given a set of switches that are managed by the controller(s), this model simultaneously determines the optimal cost for controllers, links, and switches.