Anomalies detection method for non-determinist SDN control

Software Defined Networking (SDN) is a networking architecture within the control is centralized through a software-based controller. Thus, being a single point of attack makes it the preferred target in case of attack. Multi controller architecture has been considered to reinforce the control plane. However, the communication interface between the controller is a security threat. We already propose a dual controller architecture, one nominal controller which is in charge of the data plane computation plus a second one which is in charge of the detection of anomalies in the decisions taken by the first controller. Previous work considered a deterministic control and this paper extends to the case of a non-determinist algorithm. In this objective we introduce a multi-criteria detection approach and we developed two approaches: verifying the consistency of the performance of the decisions taken and verifying the consistency of the sequence of decisions of the controller. We tested the proposition on a study case.