Programming the Network: Application Software Faults in Software-Defined Networks

Abstract

Software-defined networking (SDN) is a key new paradigm emerging in the industry, in which networks can be dynamically reconfigured in real-time through software. SDN networks are also being used in conjunction with cloud computing to extend virtualization and elasticity to the network level and as a foundation for the Internet of Things (IoT). A key concept in SDN is the separation of the network control and data planes, together with an application plane that supports the programming of network applications in general-purpose languages such as Java and Python. These network applications can be developed by an enterprise, service provider or vendor, or purchased from third-parties through SDN application stores. While the programmability of SDN provides tremendous flexibility and adaptability to changing network conditions and demands, it also exposes networks to significant vulnerabilities through software faults in network applications, as well as in the control and data planes. In this paper, we demonstrate how faulty SDN applications can compromise other SDN applications or even crash an entire SDN network, and describe relationships between software faults in SDN applications and design faults in SDN controllers. We also show how machine-learning based anomaly detection and analytics can be used to identify SDN software faults and help guide real-time network response, through a proof-of-concept case study.