DeepContext: An OpenFlow-Compatible, Host-Based SDN for Enterprise Networks

The software-defined networking (SDN) paradigm promises greater control and understanding of enterprise network activities, particularly for management applications that need awareness of network-wide behavior. However, the current focus on switch-based SDNs raises concerns about data-plane scalability, especially when using fine-grained flows. Further, these switch-centric approaches lack visibility into end-host and application behaviors, which are valuable when making access control decisions.In recent work, we proposed a host-based SDN in which we installed software on the end-hosts and used a centralized network control to manage the flows. This improve scalability and provided application information for use in network policy. However, that approach was not compatible with OpenFlow and had provided only conservative estimates of possible network performance.In this work, we create a high performance host-based SDN that is compatible with the OpenFlow protocol. Our approach, DeepContext, provides details about the application context to the network controller, allowing enhanced decision-making. We evaluate the performance of DeepContext, comparing it to traditional networks and Open vSwitch deployments. We further characterize the completeness of the data provided by the system and the resulting benefits.

[1]  Yashar Ganjali,et al.  Kandoo: a framework for efficient and scalable offloading of control applications , 2012, HotSDN '12.

[2]  Nick McKeown,et al.  Delegating network security with more information , 2009, WREN '09.

[3]  Rob Sherwood,et al.  OFLOPS: An Open Framework for OpenFlow Switch Evaluation , 2012, PAM.

[4]  Adrian Perrig,et al.  Using trustworthy host-based information in the network , 2012, STC '12.

[5]  Curtis R. Taylor,et al.  Contextual, flow-based access control with scalable host-based SDN techniques , 2016, IEEE INFOCOM 2016 - The 35th Annual IEEE International Conference on Computer Communications.

[6]  Minlan Yu,et al.  HONE: Joint Host-Network Traffic Management in Software-Defined Networks , 2014, Journal of Network and Systems Management.

[7]  Chris North,et al.  Bridging the Host-Network Divide: Survey, Taxonomy, and Solution , 2006, LISA.

[8]  Randy H. Katz,et al.  Design and implementation of an extrusion-based break-in detector for personal computers , 2005, 21st Annual Computer Security Applications Conference (ACSAC'05).

[9]  Naren Ramakrishnan,et al.  User Intention-Based Traffic Dependence Analysis for Anomaly Detection , 2012, 2012 IEEE Symposium on Security and Privacy Workshops.

[10]  Fang Hao,et al.  Scotch: Elastically Scaling up SDN Control-Plane using vSwitch based Overlay , 2014, CoNEXT.

[11]  Vinod Yegneswaran,et al.  BLADE: an attack-agnostic approach for preventing drive-by malware infections , 2010, CCS '10.

[12]  Sakir Sezer,et al.  Sdn Security: A Survey , 2013, 2013 IEEE SDN for Future Networks and Services (SDN4FNS).

[13]  Mike St. Johns Identification Protocol , 1993, RFC.

[14]  Maciej Kuźniar,et al.  What You Need to Know About SDN Flow Tables , 2015, PAM.

[15]  Sujata Banerjee,et al.  DevoFlow: scaling flow management for high-performance networks , 2011, SIGCOMM 2011.

[16]  Scott Shenker,et al.  Ethane: taking control of the enterprise , 2007, SIGCOMM.

[17]  Yashar Ganjali,et al.  HyperFlow: A Distributed Control Plane for OpenFlow , 2010, INM/WREN.

[18]  Thomas E. Anderson,et al.  ETTM: A Scalable Fault Tolerant Network Manager , 2011, NSDI.

[19]  Rob Sherwood,et al.  On Controller Performance in Software-Defined Networks , 2012, Hot-ICE.