Low-Rate Flow Table Overflow Detection For SDN

Abstract

Software-Defined Networking (SDN) in 5G has emerged to reconfigure traditional network architectures by offering programmability for dynamic service provisioning, which is mainly supported by the OpenFlow (OF) protocol. Within an OpenFlow-enabled SDN framework, the control plane orchestrates packet forwarding by establishing connections with switches and populating their flow tables with precise flow entries. However, these flow tables are built using ternary content-addressable memory (TCAM), that have limited storage capacity. This limitation makes SDN prone to Low-Rate Flow Table Overflow (LFTO) attacks, slowly degrading the performance and network efficiency by filling flow tables with malicious flow entries. To address this vulnerability, we propose various machine learning, deep Learning and quantum-based detection frameworks that classify LFTO attacks into malicious and regular traffic by utilizing advanced feature selection techniques, feature scaling, and addressing data imbalance through Synthetic Minority Over-sampling Technique (SMOTE). Moreover, the proposed framework was evaluated, including Decision Tree, Random Forest, Long Short-Term Memory (LSTM) and Quantum Neural Networks (QNN). The LSTM model achieved 99.14% accuracy and 99.96% recall, while the Random Forest and Decision Tree models reached 99.27% and 99.02% accuracy, respectively. Additionally, the quantum-based detection model achieved an accuracy of 98.49%. Hence, the results from our analysis illustrate that the proposed framework for detecting LFTO attacks maintains seamless data packet forwarding and safeguards the finite capacity of flow table resources within SDN environments.