Blockchain-Based Control Plane Attack Detection Mechanisms for Multi-Controller Software-Defined Networks

Abstract

A Multi-Controller Software-Defined Network (MC-SDN) is a revolutionary concept comprising multiple controllers and switches separated using programmable features, enhancing network availability, management, scalability, and performance. The MC-SDN is a potential choice for managing large, heterogeneous, complex industrial networks. Despite the rich operational flexibility of MC-SDN, it is imperative to protect the network deployment with proper protection against potential vulnerabilities that lead to misuse and malicious activities on the MC-SDN structure. The security holes in the MC-SDN structure significantly impact network survivability and performance efficiency. Hence, detecting MC-SDN security attacks is crucial to improving network performance. Accordingly, this work intended to design blockchain-based controller security (BCS) that exploits the advantages of immutable and distributed ledger technology among multiple controllers and securely manages the controller communications against various attacks. Thereby, it enables the controllers to maintain consistent network view and accurate flow tables among themselves and also neglects the controller failure issues. Finally, the experimental results of the proposed BCS approach demonstrated superior performance under various scenarios, such as attack detection, number of attackers, number of controllers, and number of compromised controllers, by applying different performance metrics.