Game-Theoretic Framework for Malicious Controller Detection in Software Defined Networks

The separation of control and data plane in Software Defined Networking (SDN) introduces new security threats. A compromised controller can leverage its position to perform attacks by installing malicious rules in switches while avoiding detection. Current approaches propose broadcast of flow-setup requests to multiple controllers simultaneously and to check consistency of forwarding rules to install the correct rule and identify compromised controllers. However, such approaches result in heavy load on the control plane, resulting in longer response times to requests and higher network cost to accommodate the increased load. To alleviate this issue, we propose a game-theory based framework to detect a malicious controller without overloading the control plane. Instead of broadcasting every request to multiple controllers, switches randomly broadcast requests on the basis of a randomization strategy obtained by the Stackelberg game, whose solution results in a randomization strategy that maximizes the detection probability of a malicious controller. We formulate a two-level optimization problem in the context of our game-theoretic framework that aims to maximize the attack detection probability among the set of controllers by mapping switches to controllers and obtaining randomization strategies for each controller. We develop Midas (MalIcious controller Detection mApping Strategy), a heuristic algorithm to obtain an effective solution to the optimization problem in reasonable time. Midas achieves minimum detection probability within 12% of the optimal solution. Further, it achieves at least 80% of min-max ratio of load at the controllers, implying higher fairness in load distribution compared to optimal solution, a state-of-art algorithm and a baseline heuristic.