Feedback ARMA Models versus Bayesian Models towards Securing OpenFlow Controllers for SDNs

Abstract

In software-defined networking (SDN), the control layers are moved away from the forwarding switching layers. SDN gives more programmability and flexibility to the controllers. OpenFlow is a protocol that gives access to the forwarding plane of a network switch or router over the SDN network. OpenFlow uses a centralized control of network switches and routers in and SDN environment. Security is of major importance for SDN deployment. Transport layer security (TLS) is used to implement security for OpenFlow. This paper proposed a new technique to improve the security of the OpenFlow controller through modifying the TLS implementation. The proposed model is referred to as the secured feedback model using autoregressive moving average (ARMA) for SDN networks (SFBARMASDN). SFBARMASDN depended on computing the feedback for incoming packets based on ARMA models. Filtering techniques based on ARMA techniques were used to filter the packets and detect malicious packets that needed to be dropped. SFBARMASDN was compared to two reference models. One reference model was Bayesian-based and the other reference model was the standard OpenFlow.