Improving Resiliency of Software-Defined Networks with Network Coding-Based Multipath Routing

Traditional network routing protocol exhibits high statics and singleness, which provide significant advantages for the attacker. There are two kinds of attacks on the network: active attacks and passive attacks. Existing solutions for those attacks are based on replication or detection, which can deal with active attacks; but are helpless to passive attacks. In this paper, we adopt the theory of network coding to fragment the data in the Software-Defined Networks and propose a network coding-based resilient multipath routing scheme. First, we present a new metric named expected eavesdropping ratio to measure the resilience in the presence of passive attacks. Then, we formulate the network coding-based resilient multipath routing problem as an integer-programming optimization problem by using expected eavesdropping ratio. Since the problem is NP-hard, we design a Simulated Annealing-based algorithm to efficiently solve the problem. The simulation results demonstrate that the proposed algorithms improve the defense performance against passive attacks by about 20% when compared with baseline algorithms.