Flow Table Security in SDN: Adversarial Reconnaissance and Intelligent Attacks

Mingli Yu, Tian Xie, Ting He, Patrick McDaniel, Quinn K. Burke

Research output: Contribution to journalArticlepeer-review

9 Scopus citations


The performance-driven design of SDN architectures leaves many security vulnerabilities, a notable one being the communication bottleneck between the controller and the switches. Functioning as a cache between the controller and the switches, the flow table mitigates this bottleneck by caching flow rules received from the controller at each switch, but is very limited in size due to the high cost and power consumption of the underlying storage medium. It thus presents an easy target for attacks. Observing that many existing defenses are based on simplistic attack models, we develop a model of intelligent attacks that exploit specific cache-like behaviors of the flow table to infer its internal configuration and state, and then design attack parameters accordingly. Our evaluations show that such attacks can accurately expose the internal parameters of the target flow table and cause measurable damage with the minimum effort.

Original languageEnglish (US)
Pages (from-to)2793-2806
Number of pages14
JournalIEEE/ACM Transactions on Networking
Issue number6
StatePublished - Dec 1 2021

All Science Journal Classification (ASJC) codes

  • Software
  • Computer Science Applications
  • Computer Networks and Communications
  • Electrical and Electronic Engineering


Dive into the research topics of 'Flow Table Security in SDN: Adversarial Reconnaissance and Intelligent Attacks'. Together they form a unique fingerprint.

Cite this