An Efficient Network Monitor for SDN Networks

With growing services running in clouds, it is critical to defence the services from Distributed Denial of Service (DDoS) attacks. To this end, network traffic should be monitored to detect malicious traffic. Software-defined Networking (SDN) provides a flexible platform for the network monitoring and relies on a central controller to ask switches for traffic statistic to get a global traffic view for security. However, the control plane resources are limited in SDN in terms of controller capacity, network bandwidth, and switch performance. Thus, too much network monitoring will affect data plane traffic performance. To address this issue, we propose SDN-Monitor, which carefully selects switches to monitor to reduce the resource consumption. Moreover, SDN-Monitorre-routes network traffic to further reduce the number of monitored switches.With growing services running in clouds, it is critical to defence the services from Distributed Denial of Service (DDoS) attacks. To this end, network traffic should be monitored to detect malicious traffic. Software-defined Networking (SDN) provides a flexible platform for the network monitoring and relies on a central controller to ask switches for traffic statistic to get a global traffic view for security. However, the control plane resources are limited in SDN in terms of controller capacity, network bandwidth, and switch performance. Thus, too much network monitoring will affect data plane traffic performance. To address this issue, we propose SDN-Monitor, which carefully selects switches to monitor to reduce the resource consumption. Moreover, SDN-Monitorre-routes network traffic to further reduce the number of monitored switches.