Software defined network monitoring scheme using spectral graph theory and phantom nodes

Abstract

In this thesis, we propose a new software defined network monitoring scheme that provides the controller with a method to determine network states for the purpose of updating flow rules for network control and management. Network centrality and nodal influence metrics derived from the dual basis concept of the graph theory are used to monitor changes in a network. The proposed scheme uses a phantom node and the concept of a reference node to determine changes in these metrics in order to identify disconnected, congested, underutilized, and attacked nodes. The phantom node establishes a congestion threshold in the dual basis that is used to determine changes in node health and capacity due to network traffic. Multiple phantom nodes are used to produce multiple congestion thresholds for network monitoring. A congestion estimation method is proposed to estimate a node’s capacity used when it crosses the congestion threshold. Simulations are used to validate the concept of reference node, identification of node disconnections, congestion, and attacks, and the congestion estimation method.