Practice Scheme of a Traffic Monitor Architecture Based on OpenFlow

To address potential security issues in OpenFlow-based software defined network, which threat OpenFlow network infrastructures when they are under certain attacks and significantly affect network performance when abnormal traffic exists, this paper investigated security issues in the OpenFlow network and then proposed a traffic monitor architecture. Combining sFlow sampling technology with Floodlight controller, method which mitigated network attacks by changing the controller’s operational mode and performing rate-limiting in the upper layer application was proposed. Based on the test results, it is proven that the proposed solution reduces controller load dramatically under certain attacks, as it filters 99.88% Packet_In packets originated from attacks, thus effectively reduces effects of abnormal traffic on hosts and network itself. The proposed solution provides real-time attack detection and mitigates attack effects on overall network performance.