• KSII Transactions on Internet and Information Systems
    Monthly Online Journal (eISSN: 1976-7277)

FRChain: A Blockchain-based Flow-Rules-oriented Data Forwarding Security Scheme in SDN

Vol. 15, No. 1, January 31, 2021
10.3837/tiis.2021.01.015, Download Paper (Free):

Abstract

As the next-generation network architecture, software-defined networking (SDN) has great potential. But how to forward data packets safely is a big challenge today. In SDN, packets are transferred according to flow rules which are made and delivered by the controller. Once flow rules are modified, the packets might be redirected or dropped. According to related research, we believe that the key to forward data flows safely is keeping the consistency of flow rules. However, existing solutions place little emphasis on the safety of flow rules. After summarizing the shortcomings of the existing solutions, we propose FRChain to ensure the security of SDN data forwarding. FRChain is a novel scheme that uses blockchain to secure flow rules in SDN and to detect compromised nodes in the network when the proportion of malicious nodes is less than one-third. The scheme places the flow strategies into blockchain in form of transactions. Once an unmatched flow rule is detected, the system will issue the problem by initiating a vote and possible attacks will be deduced based on the results. To simulate the scheme, we utilize BigchainDB, which has good performance in data processing, to handle transactions. The experimental results show that the scheme is feasible, and the additional overhead for network performance and system performance is less than similar solutions. Overall, FRChain can detect suspicious behaviors and deduce malicious nodes to keep the consistency of flow rules in SDN.


Statistics

Show / Hide Statistics

Statistics (Cumulative Counts from December 1st, 2015)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.


Cite this article

[IEEE Style]
W. Lian, Z. Li, C. Guo, Z. Wei and X. Peng, "FRChain: A Blockchain-based Flow-Rules-oriented Data Forwarding Security Scheme in SDN," KSII Transactions on Internet and Information Systems, vol. 15, no. 1, pp. 264-284, 2021. DOI: 10.3837/tiis.2021.01.015.

[ACM Style]
Weichen Lian, Zhaobin Li, Chao Guo, Zhanzhen Wei, and Xingyuan Peng. 2021. FRChain: A Blockchain-based Flow-Rules-oriented Data Forwarding Security Scheme in SDN. KSII Transactions on Internet and Information Systems, 15, 1, (2021), 264-284. DOI: 10.3837/tiis.2021.01.015.