Next Article in Journal
Self-Tuning High-Voltage and High-Frequency Sinusoidal Power Supply for Dielectric Barrier Discharge Plasma Generation
Previous Article in Journal
Novel Aiming Method for Spin-Stabilized Projectiles with a Course Correction Fuze Actuated by Fixed Canards
Open AccessArticle

Graph-Based Policy Change Detection and Implementation in SDN

Department of Computer Science, Comsats University Islamabad, Wah Campus, Wah Cantt 47040, Pakistan
Department of Computer Science, University of Wah, Wah Cantt 47040, Pakistan
College of Computer Science and Information Technology, Jazan University, Jazan 45142, Saudi Arabia
Author to whom correspondence should be addressed.
Electronics 2019, 8(10), 1136;
Received: 25 August 2019 / Revised: 30 September 2019 / Accepted: 1 October 2019 / Published: 8 October 2019
(This article belongs to the Section Networks)
Software Defined Networking (SDN), as a cutting-edge network, splits control and management planes from the data plane for simplifying network manageability as well as programmability. In SDN, network policies change with the passage of time due to changes in the application environment, topology or user/admin requirements. As a result, modifications at the control plane take place. In existing research works, packet violations occur due to already installed flow rules at the data plane (switches) that are not modified in case of a change of the Access Control List (ACL) policies at the SDN controller. There has been no research carried out that identifies packet violations and network inefficiencies in case of policy change. Our novel approach stores generated flow rules at the SDN controller and detects policy change, along with conflicting flow rules, to resolve the identified problem of policy change. Afterwards, the conflicting flow rules are removed from switches and new flow rules are installed along the new path according to new ACL policies. It helps to minimize packet violations, which increases network efficiency. In this research work, we deal with the inefficiencies of policy change detection with respect to access time, cost and space. In this regard, we used abstractions to formalize and detect network policies with the help of multi-attributed graphs. We utilized intent-based policies for the representation and implementation of our proposed approach. In addition, we used extended performance metrics for the analysis of our proposed approach. The simulation results show that our proposed approach performs better as compared to the existing approach, by varying the number of policy change and packet transmission rate. The results clearly indicate that our proposed approach helps to increase network performance and efficiency.
Keywords: Policy Change Detection; Graph Matching; SDN; Shortest Path; Flow Rule Caching; Hash Table; Flow Rule Installation Policy Change Detection; Graph Matching; SDN; Shortest Path; Flow Rule Caching; Hash Table; Flow Rule Installation
MDPI and ACS Style

Hussain, M.; Shah, N.; Tahir , A. Graph-Based Policy Change Detection and Implementation in SDN. Electronics 2019, 8, 1136.

Show more citation formats Show less citations formats
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Access Map by Country/Region

Back to TopTop