PrePass-Flow: A Machine Learning based technique to minimize ACL policy violation due to links failure in hybrid SDN

The centralized architecture of Software-Defined Networking (SDN) reduces networking complexity and improves network manageability by omitting the need for box-by-box troubleshooting and management. However, due to both budget constraints and maturity level of the SDN-capable devices, organizations often are reluctant to adopt SDN in practice. Therefore, instead of migrating to a pure SDN architecture, an incremental SDN deployment strategy is preferred in practice. In this paper, we consider an incremental SDN deployment strategy known as hybrid SDN - involving simultaneous use of both SDN switches and legacy switches. The links connected to an SDN switch are called SDN links, and the rest are called legacy links. An SDN controller can directly poll the status of the SDN links via the connected SDN switches. At the same time, the status of the legacy links passes through SDN switches and reaches the controller, causing delay. As a result, the controller does not have the current status of legacy links in real-time. This delay may lead to undesired outcomes. For example, it causes network reachability problems due to Access Control List (ACL) policies. Therefore, to minimize the impact of network-layer failure in hybrid SDN, we propose a Machine Learning (ML) based technique called PrePass-Flow. PrePass-Flow predicts link failures before their occurrence, recomputes the locations of ACL policies, and installs the ACL policies in the recomputed locations in a proactive manner. The main objective of PrePass-Flow is to minimize the ACL policy violations and network reachability problems due to ACL policies in case of link failures. For the link status prediction, PrePass-Flow uses two supervised ML-based models: 1) a Logistic Regression (LR) model, and 2) a Support Vector Machine (SVM) model. Testing results show that the LR model performs better than both the SVM model and an existing approach in terms of Packet Delivery Ratio (PDR) and ACL policy violations. For instance, the LR model's accuracy is 4% better, precision is 5% higher, sensitivity is 10% better, and Area Under the Curve (AUC) is 6% greater than the SVM model's corresponding results.