University of Surrey

Test tubes in the lab Research in the ATI Dance Research

Mitigating the Table-Overflow Attack in Software-Defined Networking

Xu, Tong, Gao, Deyun, Dong, Ping, Foh, Chuan and Zhang, Hongke (2017) Mitigating the Table-Overflow Attack in Software-Defined Networking IEEE Transactions on Network and Service Management, 14 (4). pp. 1086-1097.

Mitigating the Table-Overflow Attack in Software-Defined Networking.pdf - Accepted version Manuscript

Download (3MB) | Preview


Software-defined networking (SDN) is a promising network paradigm for future Internet. The centralized controller and simplified switches replace the traditional complex forwarding devices, and make network management convenient. However, the switches in SDN currently have limited ternary content addressable memory (TCAM) to store specific routing rules from the controller. This bottleneck provokes cyber attacks to overload the switches. Despite existing some countermeasures for such attacks, they are proposed based on simplified attack patterns. In this paper, we review the table-overflow attack using a sophisticated attack pattern. In the attack pattern, attack flows are targeted at their middle hops instead of endpoints. We first define potential targets in the network topology, and then we propose three specific traffic features and a monitoring mechanism to detect and locate the attackers. Further, we propose a mitigation mechanism to limit the attack rate using the token bucket model. With the control of token add rate and bucket capacity, it avoids the table overflow on the victim switch. Extensive simulations in different types of topologies and experiments in our testbed are provided to show the performance of our proposal.

Item Type: Article
Divisions : Faculty of Engineering and Physical Sciences > Electronic Engineering
Authors :
Xu, Tong
Gao, Deyun
Dong, Ping
Zhang, Hongke
Date : 3 October 2017
DOI : 10.1109/TNSM.2017.2758796
Copyright Disclaimer : © 2017 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other users, including reprinting/ republishing this material for advertising or promotional purposes, creating new collective works for resale or redistribution to servers or lists, or reuse of any copyrighted components of this work in other works. See for more information.
Uncontrolled Keywords : Software-defined networking; OpenFlow; Communication system security; Table-overflow attack; Routing; Control systems; Monitoring; Proposals; Network topology; Security; Topology
Depositing User : Clive Harris
Date Deposited : 05 Dec 2017 14:49
Last Modified : 16 Jan 2019 19:05

Actions (login required)

View Item View Item


Downloads per month over past year

Information about this web site

© The University of Surrey, Guildford, Surrey, GU2 7XH, United Kingdom.
+44 (0)1483 300800