NeuTM: A Neural Network-based Framework for Traffic Matrix Prediction in SDN

This paper presents NeuTM, a framework for network Traffic Matrix (TM) prediction based on Long Short-Term Memory Recurrent Neural Networks (LSTM RNNs). TM prediction is defined as the problem of estimating future network traffic matrix from the previous and achieved network traffic data. It is widely used in network planning, resource management and network security. Long Short-Term Memory (LSTM) is a specific recurrent neural network (RNN) architecture that is well-suited to learn from data and classify or predict time series with time lags of unknown size. LSTMs have been shown to model long-range dependencies more accurately than conventional RNNs. NeuTM is a LSTM RNN-based framework for predicting TM in large networks. By validating our framework on real-world data from GEEANT network, we show that our model converges quickly and gives state of the art TM prediction performance.Comment: Submitted to NOMS18. arXiv admin note: substantial text overlap with arXiv:1705.0569

A Long Short-Term Memory Recurrent Neural Network Framework for Network Traffic Matrix Prediction

Network Traffic Matrix (TM) prediction is defined as the problem of estimating future network traffic from the previous and achieved network traffic data. It is widely used in network planning, resource management and network security. Long Short-Term Memory (LSTM) is a specific recurrent neural network (RNN) architecture that is well-suited to learn from experience to classify, process and predict time series with time lags of unknown size. LSTMs have been shown to model temporal sequences and their long-range dependencies more accurately than conventional RNNs. In this paper, we propose a LSTM RNN framework for predicting short and long term Traffic Matrix (TM) in large networks. By validating our framework on real-world data from GEANT network, we show that our LSTM models converge quickly and give state of the art TM prediction performance for relatively small sized models.Comment: Submitted for peer review. arXiv admin note: text overlap with arXiv:1402.1128 by other author

NeuRoute: Predictive Dynamic Routing for Software-Defined Networks

This paper introduces NeuRoute, a dynamic routing framework for Software Defined Networks (SDN) entirely based on machine learning, specifically, Neural Networks. Current SDN/OpenFlow controllers use a default routing based on Dijkstra algorithm for shortest paths, and provide APIs to develop custom routing applications. NeuRoute is a controller-agnostic dynamic routing framework that (i) predicts traffic matrix in real time, (ii) uses a neural network to learn traffic characteristics and (iii) generates forwarding rules accordingly to optimize the network throughput. NeuRoute achieves the same results as the most efficient dynamic routing heuristic but in much less execution time.Comment: Accepted for CNSM 201

Limitations of OpenFlow Topology Discovery Protocol

OpenFlow Discovery Protocol (OFDP) is the de-facto protocol used by OpenFlow controllers to discover the underlying topology. In this paper, we show that OFDP has some serious security, efficiency and functionality limitations that make it non suitable for production deployments. Instead, we briefly introduce sOFTD, a new discovery protocol with a built-in security characteristics and which is more efficient than traditional OFDP.Comment: The peer reviewed version can be found here (to be published soon

Softwarisation intelligente et sécurisée des réseaux

The recent trend toward Network Softwarization is driving an unprecedented technoeconomic shift in the Telecom and ICT (Information and Communication Technologies) industries. By separating the hardware on which network functions/services run and the software that realizes and controls the network functions/services, Software-Defined Networking (SDN) and Network Function Virtualization (NFV) are creating an open ecosystem that drastically reduces the cost of building networks and changes the way operators operate their networks. SDN and NFV paradigms add more flexibility and enable more control over networks, thus, related technologies are expected to dominate a large part of the networking market in the next few years (estimated at USD 3.68B in 2017 and forecasted by some to reach 54B USD by 2022 at a Compound Annual Growth Rate (CAGR) of 71.4%). However, one of the major operators’ concerns about Network Softwarization is security. In this thesis, we have first designed and implemented a pentesting (penetration testing) framework for SDN controllers. We have proposed a set of algorithms to fingerprint a remote SDN controller without having direct connection to it. Using our framework, network operators can evaluate the security of their SDN deployments (including Opendaylight, Floodlight and Cisco Open SDN Controller) before putting them into production. Second, we have studied the Topology Discovery problem in SDN controllers and discovered major security (as well as performance) issues around the current de-facto OpenFlow Topology Discovery Protocol (OFDP). In order to fix these major issues, we have designed and implemented a new secure and efficient OpenFlow Topology Discovery Protocol (called sOFTDP). sOFTDP requires minimal changes to the OpenFlow switch design and is shown to be more secure than previous workarounds on traditional OFDP. Also, sOFTDP outperforms OFDP by several orders of magnitude which we confirmed by extensive experiments. The second axis of our research in this thesis is smart management in softwarized networks. Inspired by the recent breakthroughs in machine learning techniques, notably, Deep Neural Networks (DNNs), we have built a traffic engineering engine for SDN called NeuRoute, entirely based on DNNs. Current SDN/OpenFlow controllers use a default routing based on Dijkstra’s algorithm for shortest paths, and provide APIs to develop custom routing applications. NeuRoute is a controller-agnostic dynamic routing framework that (i) predicts traffic matrix in real time, (ii) uses a neural network to learn traffic characteristics and (iii) generates forwarding rules accordingly to optimize the network throughput. NeuRoute is composed of two main components: NeuTM and NeuRoute-TRU. NeuTM is a traffic matrix (TM) prediction framework that uses Long Short Term Memory (LSTM) Neural Network architecture to learn long-range traffic dependencies and characteristics then accurately predicts future TMs. NeuRoute-TRU is a path selection engine that computes optimal paths for traffic matrices predicted by NeuTM. NeuRoute-TRU achieves the same results as the most efficient dynamic routing heuristic but in much less execution time.La tendance récente vers la “Softwarization” des réseaux entraîne un changement techno-économique sans précédent dans les secteurs des TIC (technologies de l'information et de la communication). En séparant le matériel sur lequel fonctionnent les fonctions/services réseau et le logiciel qui réalise et contrôle de ces fonctions/services, les réseaux logiciels (ou SDN, Software-Defined Networking) et la virtualisation des fonctions réseau (NFV, Network Function Virtualization) créent un écosystème ouvert qui réduit considérablement le coût de provisionnement des réseaux et change la façon dont les opérateurs gèrent et exploitent leurs réseaux. Les paradigmes SDN et NFV introduisent plus de flexibilité et permettent un meilleur contrôle, ainsi les technologies associées devraient dominer une grande partie du marché du réseautage dans les prochaines années (estimé à 3,68 milliards USD en 2017 et prévu par certains pour atteindre 54 milliards USD d'ici 2022 à un taux de croissance annuel composé (TCAC) de 71,4%). Cependant, l'un des soucis majeurs des opérateurs à propos de Network Softwarization est la sécurité. Dans cette thèse, nous avons d'abord conçu et implémenté un framework de test de pénétration (pentesting) pour les contrôleurs SDN. Nous avons proposé un ensemble d'algorithmes pour l'empreinte digitale d'un contrôleur SDN distant, i.e. sans avoir besoin d’une connexion directe au contrôleur. En utilisant notre framework, les opérateurs réseau peuvent évaluer la sécurité de leurs déploiements SDN (y compris Opendaylight, Floodlight et Cisco Open SDN Controller) avant de les mettre en production. Deuxièmement, nous avons étudié le problème de découverte de topologie dans les réseaux SDN. Nous avons constaté des problèmes de sécurité, ainsi que de performance, majeurs autour du protocole OFDP (OpenFlow Topology Discovery Protocol). Afin de résoudre ces problèmes majeurs, nous avons conçu et implémenté un nouveau protocole, sécurisé et efficace, pour la découverte de topologie dans les réseaux OpenFlow. Notre protocole est appelé sOFTDP; secure and efficient OpenFlow Topology Discovery Protocol. sOFTDP nécessite des modifications minimales à la conception de base du commutateur OpenFlow et s'avère plus sûr que le OFDP traditionnel et les améliorations plus récente sur OFDP. En outre, sOFTDP surpasse OFDP de plusieurs ordres de grandeur en terme de performance, ce que nous avons confirmé par des tests approfondis. Le deuxième axe de notre recherche dans cette thèse est la gestion intelligente et automatique des réseaux logiciels. Inspirés par les avancées récentes dans les techniques d'apprentissage automatique, notamment les réseaux de neurones profonds (DNN, Deep Neural Networks), nous avons créé un moteur d'ingénierie de trafic pour le SDN appelé NeuRoute, entièrement basé sur les DNN. Les contrôleurs SDN/OpenFlow actuels utilisent par défaut un routage basé sur l'algorithme de Dijkstra pour les chemins les plus courts mais fournissent des API pour développer des applications de routage personnalisées. NeuRoute est un framework de routage dynamique indépendant du contrôleur qui (i) prédit la matrice de trafic en temps réel, (ii) utilise un réseau neuronal pour apprendre les caractéristiques du trafic et (iii) génère automatiquement des règles de routage pour optimiser le débit du trafic. [...

sOFTDP: Secure and Efficient Topology Discovery Protocol for SDN

Topology discovery is one of the most critical tasks of Software-Defined Network (SDN) controllers. Current SDN controllers use the OpenFlow Discovery Protocol (OFDP) as the de-facto protocol for discovering the underlying network topology. In a previous work, we have shown the functional, performance and security limitations of OFDP. In this paper, we introduce and detail a novel protocol called secure and efficient OpenFlow Discovery Protocol sOTDP. sOFTDP requires minimal changes to OpenFlow switch design, eliminates major vulnerabilities in the topology discovery process and improves its performance. We have implemented sOFTDP as a topology discovery module in Floodlight for evaluation. The results show that our implementation is more secure than OFDP and previous security workarounds. Also, sOFTDP reduces the topology discovery time several orders of magnitude compared to the original OFDP and existing OFDP improvements

Limitations of OpenFlow Topology Discovery Protocol

International audienceOpenFlow Discovery Protocol (OFDP) is the de- facto protocol used by OpenFlow controllers to discover the underlying topology. In this paper, we show that OFDP has some serious security, efficiency and functionality limitations that make it non suitable for production deployments. Instead, we briefly introduce sOFTD, a new discovery protocol with a built-in security characteristics and which is more efficient than traditional OFDP

Topology Discovery Performance Evaluation of OpenDaylight and ONOS controllers

International audienc

Fingerprinting OpenFlow Controllers: The First Step to Attack an SDN Control Plane

International audienceSoftware-Defined Networking (SDN) controllers are considered as Network Operating Systems (NOSs) and often viewed as a single point of failure. Detecting which SDN controller is managing a target network is a big step for an attacker to launch specific/effective attacks against it. In this paper, we demonstrate the feasibility of fingerpirinting SDN controllers. We propose techniques allowing an attacker placed in the data plane, which is supposed to be physically separate from the control plane, to detect which controller is managing the network. To the best of our knowledge, this is the first work on fingerprinting SDN controllers, with as primary goal to emphasize the necessity to highly secure the controller. We focus on OpenFlow-based SDN networks since OpenFlow is currently the most deployed SDN technology by hardware and software vendors