Ramtin Aryan scite author profile

Ramtin Aryan

4Publications

58Citation Statements Received

88Citation Statements Given

How they've been cited

How they cite others

Affiliations

University of Oslo, OsloMet – Oslo Metropolitan University, University of Shahrood

Publications

Order By: Most citations

A General Formalism for Defining and Detecting OpenFlow Rule Anomalies

Aryan

Yazidi²,

Engelstad³

et al. 2017

View full text Add to dashboard Cite

Abstract-SDN network's policies are updated dynamically at a high pace. As a result, conflicts between policies are prone to occur. Due to the large number of switches and heterogeneous policies within a typical SDN network, detecting those conflicts is a laborious and challenging task. This paper presents two-fold contributions. First, we devise an offline method for detecting unmatched OpenFlow rules, i.e., those rules that are never fired. At the heart of our scheme is a formal approach for predicting the packet's path inside a SDN network. In this perspective, we proffer the taxonomy: invalid and irrelevant anomalies for the unmatched rules. Second, we introduce a new set of definitions for the intra-anomalies, which might occur when using the OpenFlow rule's multi-action feature. We provide some comprehensive experimental results that show the feasibility of our approach and its ability to scale within large SDN network.

show abstract

Analyzing and resolving anomalies in firewall security policies based on propositional logic

Rezvani

Aryan

2009

View full text Add to dashboard Cite

An Incremental Approach for Swift OpenFlow Anomaly Detection

Aryan

Yazidi

Engelstad

2018

View full text Add to dashboard Cite

Software Defined Networking (SDN) is designed for dynamic policy update where frequent changes are pushed to the forwarding devices. Different offline approaches for detecting misconfiguration anomalies in SDN by taking a snapshot of the state of the network have been developed in the literature. However, the detection process is time-consuming and unfeasible in the case of frequent changes to the OpenFlow tables as well in big size networks containing a large number of rules. This paper presents an incremental method for detecting potential anomalies in an online manner, i.e., after one or multiple simultaneous updates in the SDN policy. Whenever the OpenFlow tables are dynamically changed, a static approach that rechecks the whole policy is unnecessarily redundant in a sense that most of the policy remains intact. Hence the need for incremental verification method to reduce this overhead, and only the subset of the policy that is affected by the update is checked. Two different solutions are proposed based on whether the policy modifications take place in the ingress switches or in the middle switches. We provide some comprehensive experiments to demonstrate the detection performance for the case of single or multiple simultaneous changes in forwarding devices. The experiment results show that the incremental method is drastically faster than the static parallel approach, with a factor up to about 450 times in some cases!

show abstract

A parallel approach for detecting OpenFlow rule anomalies based on a general formalism

Aryan

Yazidi

Kure

et al. 2020

Concurrency and Computation

View full text Add to dashboard Cite

Summary As the policies of a software‐defined networking (SDN) network can be updated dynamically and often at a high pace, conflicts between policies can easily occur. Due to the large number of switches and heterogeneous policies within a typical SDN network, detecting those conflicts is a laborious and challenging task. This article presents three main contributions. First, we devise an offline method for detecting unmatched OpenFlow rules, that is, rules that are never fired. In our taxonomy such anomalies can stem from either invalid or irrelevant unmatched rules. Second, we introduce a new set of definitions for the intraanomalies between rules in the same table, which might occur when using the multiaction feature of an OpenFlow rule. Third, our detection method has been enhanced to support parallel execution, which makes it a viable solution for troubleshooting large‐scale networks. We provide some comprehensive experimental results based on both synthetic and real‐life setup the synthetic set up is designed in such a way that the rule matching takes place in the last rules of the switch and thus putting more stress on the rule detection process. The parallel method is shown to outperform the single‐threaded checking method by order of magnitude up to 21.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Ramtin Aryan

A General Formalism for Defining and Detecting OpenFlow Rule Anomalies

Analyzing and resolving anomalies in firewall security policies based on propositional logic

An Incremental Approach for Swift OpenFlow Anomaly Detection

A parallel approach for detecting OpenFlow rule anomalies based on a general formalism

Contact Info

Product

Resources

About