sOFTDP: Secure and Efficient Topology Discovery Protocol for SDN

TL;DR

sOFTDP is a new topology discovery protocol for SDN that enhances security, reduces discovery time significantly, and requires minimal switch modifications, outperforming existing protocols like OFDP.

Contribution

The paper introduces sOFTDP, a novel, secure, and efficient topology discovery protocol for SDN that addresses security vulnerabilities and performance issues of existing methods.

Findings

sOFTDP is more secure than OFDP and previous workarounds.

It reduces topology discovery time by several orders of magnitude.

Implementation in Floodlight demonstrates significant performance improvements.

Abstract

Topology discovery is one of the most critical tasks of Software-Defined Network (SDN) controllers. Current SDN controllers use the OpenFlow Discovery Protocol (OFDP) as the de-facto protocol for discovering the underlying network topology. In a previous work, we have shown the functional, performance and security limitations of OFDP. In this paper, we introduce and detail a novel protocol called secure and efficient OpenFlow Discovery Protocol sOTDP. sOFTDP requires minimal changes to OpenFlow switch design, eliminates major vulnerabilities in the topology discovery process and improves its performance. We have implemented sOFTDP as a topology discovery module in Floodlight for evaluation. The results show that our implementation is more secure than OFDP and previous security workarounds. Also, sOFTDP reduces the topology discovery time several orders of magnitude compared to the original OFDP and existing OFDP improvements.