Fragmentation-Based Multipath Routing for Attack Resilience in Software Defined Networks

In this paper, we propose a Fragmentation-based Multipath Routing (FMR) model for Software Defined Networks (SDNs) to enable attack-resilient data transfer. With the use of erasure encoding to fragment a message, the fragments are routed along multiple paths such that no intermediate node receives enough fragments required for message decoding. This ensures that, any intruder on a compromised node does not infer the original data from the received fragments. We develop an optimization programming formulation of the problem to choose reliable paths that provide resilience to attacks. Using FMR, the SDN controller dynamically routes the data fragments along a set of most reliable paths to achieve multipath diversity and hence improve data availability at the destination even in the presence of an attack. We carry out performance studies and demonstrate the effectiveness of our approach in terms of weighted path reliability and blocking performance.

[1]  Deep Medhi,et al.  Multipath Routing from a Traffic Engineering Perspective: How Beneficial Is It? , 2014, 2014 IEEE 22nd International Conference on Network Protocols.

[2]  Nick McKeown,et al.  OpenFlow: enabling innovation in campus networks , 2008, CCRV.

[3]  Sakir Sezer,et al.  Sdn Security: A Survey , 2013, 2013 IEEE SDN for Future Networks and Services (SDN4FNS).

[4]  Yunnan Wu,et al.  A Survey on Network Codes for Distributed Storage , 2010, Proceedings of the IEEE.

[5]  Admela Jukan,et al.  A Survey on Internet Multipath Routing and Provisioning , 2015, IEEE Communications Surveys & Tutorials.

[6]  Dimitris S. Papailiopoulos,et al.  XORing Elephants: Novel Erasure Codes for Big Data , 2013, Proc. VLDB Endow..

[7]  Alexandros G. Dimakis,et al.  Network Coding for Distributed Storage Systems , 2007, IEEE INFOCOM 2007 - 26th IEEE International Conference on Computer Communications.

[8]  Sanjay Kumar Jena,et al.  Cluster Based Multipath Routing Protocol for Wireless Sensor Networks , 2015, CCRV.