Flow monitoring in software-defined networks: finding the accuracy/performance tradeoffs
Visualitza/Obre
10.1016/j.comnet.2018.02.020
Inclou dades d'ús des de 2022
Cita com:
hdl:2117/116576
Tipus de documentArticle
Data publicació2018-04-22
Condicions d'accésAccés obert
Llevat que s'hi indiqui el contrari, els
continguts d'aquesta obra estan subjectes a la llicència de Creative Commons
:
Reconeixement-NoComercial-SenseObraDerivada 3.0 Espanya
ProjecteSDN-Polygraph - Cloud-based Monitoring Service for Software Defined Networks (EC-H2020-726763)
Abstract
In OpenFlow-based Software-Defined Networks, obtaining flow-level measurements, similar to those provided by NetFlow/IPFIX, is challenging as it requires to install an entry per flow in the flow tables. This approach does not scale well as the number of entries in the flow tables is limited and small. Moreover, labeling the flows with the application that generates the traffic would greatly enrich these reports, as it would provide very valuable information for network performance and security among others. In this paper, we present a scalable flow monitoring solution fully compatible with current off-the-shelf OpenFlow switches. Measurements are maintained in the switches and are asynchronously sent to a SDN controller. Additionally, flows are classified using a combination of DPI and Machine Learning (ML) techniques with special focus on the identification of web and encrypted traffic. For the sake of scalability, we designed two different traffic sampling methods depending on the OpenFlow features available in the switches. We implemented our monitoring solution within OpenDaylight and evaluated it in a testbed with Open vSwitch, using also a number of DPI and ML tools to find the best tradeoff between accuracy and performance. Our experimental results using real-world traffic show that the measurement and classification systems are accurate and the cost to deploy them is significantly reduced.
CitacióSuárez, J., Barlet, P. Flow monitoring in software-defined networks: finding the accuracy/performance tradeoffs. "Computer networks", 22 Abril 2018, vol. 135, p. 289-301.
ISSN1389-1286
Versió de l'editorhttps://www.sciencedirect.com/science/article/pii/S1389128618300872
Fitxers | Descripció | Mida | Format | Visualitza |
---|---|---|---|---|
comnet-postprint-version.pdf | 920,9Kb | Visualitza/Obre |