Control Plane Defense against DDoS Attacks in Software Defined Networks

Software-defined networking (SDN) is an emerging network architecture that has gained much attention from academia and industry. The centralized control plane makes network management simple and efficient, while the decoupled architecture allows the two planes to evolve separately, enabling rapid innovations in network management. Despite these advantages, the SDN control plane fails to provide sufficient throughput. This vulnerability could be exploited by malicious agents to initiate distribute denial-of-service (DDoS) attacks.

Enabling Policy-Consistent Rule Caching in Dynamic Network Environments

The emerging Software-Defined Networking (SDN) enables network innovation and provides network operators more control to the network operations and functions. To simplify the management of SDN, a single big switch abstraction has been recently proposed to model the physical network so that network application programmers can simply compose rules over the big switch, which are then automatically mapped into flow entries of physical switches. However, existing research on the big switch abstraction seeks to proactively mapping all the rules in the physical switches all at once, which has a few limitations.

Mission-Aware Task Scheduling for Data Center Networks

Today’s modern data centers generate revenue mainly from interactive applications such as web search, social networking, advertisement, and recommendation systems. Despite the diversity of such applications, they have common many characteristics. For instance, studies from Google, Amazon and Microsoft show that when applications are delayed by a fraction of a second, the revenue will be decreased considerably. Delay is not the only factor affecting the revenue. Along with other factors it forces data center operators to use complex task scheduling mechanisms to manage the access of applications to network resources in order to increase the revenue.

The focus of the High-Speed Networking Laboratory (HSNL) at NYU Polytechnic School of Engineering is to conduct research and provide education to the challenging problems facing high-speed networks today. Our research is concentrated on developing complete solutions for data center networks, software-defined networks, high-speed switching and routing, network security and traffic measurement problems. Our research is sponsored by governmental agencies such as the National Science Foundation (NSF) and Defense Advanced Research Projects Agency (DARPA) and The Center for Advanced Technology Technology in Telecommunications and Distributed Information Systems (CATT).