Using NFV and Reinforcement Learning for Anomalies Detection and Mitigation in SDN

Computer networks are subject to several anomalies, which leads to the necessity of techniques to coordinate detection and mitigation to keep the network operational. In this paper we propose the use of reinforcement learning to promote resilience in Software Defined Networking (SDN). In particular, it is proposed collecting network metrics and grouping them into profiles, each one having a set of actions that handles problems using reinforcement learning, Network Functions Virtualization (NFV), and an SDN controller. Policies for dealing with anomalies are defined based on rewards for each action. Results show that the system obtains mostly positive rewards, but a small increment in the topology size leads to more than four times the number of entries in the state-action table.

[1]  Richard S. Sutton,et al.  Introduction to Reinforcement Learning , 1998 .

[2]  Guy Pujolle,et al.  NeuRoute: Predictive dynamic routing for software-defined networks , 2017, 2017 13th International Conference on Network and Service Management (CNSM).

[3]  Alberto Schaeffer-Filho,et al.  ANSwer: Combining NFV and SDN features for network resilience strategies , 2016, 2016 IEEE Symposium on Computers and Communication (ISCC).

[4]  Thierry Turletti,et al.  A Survey of Software-Defined Networking: Past, Present, and Future of Programmable Networks , 2014, IEEE Communications Surveys & Tutorials.

[5]  Juan Felipe Botero,et al.  Resource Allocation in NFV: A Comprehensive Survey , 2016, IEEE Transactions on Network and Service Management.

[6]  Lisandro Zambenedetti Granville,et al.  ATLANTIC: A framework for anomaly traffic detection, classification, and mitigation in SDN , 2016, NOMS.

[7]  Nick McKeown,et al.  OpenFlow: enabling innovation in campus networks , 2008, CCRV.

[8]  Kleanthis Malialis,et al.  Distributed reinforcement learning for network intrusion response , 2014 .

[9]  Nektarios Georgalas,et al.  The role of SDN and NFV for flexible optical networks: Current status, challenges and opportunities , 2015, 2015 17th International Conference on Transparent Optical Networks (ICTON).

[10]  David K. Y. Yau,et al.  Defending against distributed denial-of-service attacks with max-min fair server-centric router throttles , 2005, IEEE/ACM Transactions on Networking.

[11]  M. Belyaev,et al.  Towards load balancing in SDN-networks during DDoS-attacks , 2014, 2014 First International Science and Technology Conference (Modern Networking Technologies) (MoNeTeC).

[12]  Choong Seon Hong,et al.  Congestion prevention mechanism based on Q-leaning for efficient routing in SDN , 2016, 2016 International Conference on Information Networking (ICOIN).

[13]  Hao Chen,et al.  Network load balancing strategy based on supervised reinforcement learning with shaping rewards , 2013, 2013 Fourth International Conference on Intelligent Control and Information Processing (ICICIP).