隨著網路技術水平上升，網路服務的不斷發展與擴展，網路攻擊監控和QoS是網路管理中的重要問題。不斷增長的網路使用帶來越來越多的網路攻擊，使網路監控變得更加重要。而隨著網路攻擊的監控需求，我們需要更高效與更低成本的解決方案。軟件定義網路（Software Defined Networks, SDN）將網路分割為控制平面和數據平面，並依靠SDN控制器來控制整個網路。SDN控制器與交換機動態的管理整個網路，SDN中的流量監控管理比傳統網路更加的靈活方便。

在SDN中，SDN控制器蒐集控制頻道上的所有交換機資訊和統計資訊。為了讓網路上實現可擴展性和可靠性，SDN控制器具有整個網路的整體的流量情況。可以從作為流動路徑的一部分的每個交換機收集流量統計資訊。許多論文使用per-flow和per-switch機制來組合並獲取交換機的流量統計資訊。它可能在控制平面頻寬中產生巨大的網路頻寬成本，並從交換機收集大量冗餘流量資訊。在本文中，我們提出了兩種演算法來降低SDN中的監控成本。我們透過選取關鍵的監控節點，並將網路流量重新路由(Reroute)，用以最小化監控節點和網路頻寬成本。這兩種演算法顯著改善了目前的網路監控機制。與其他演算法相比，我們的演算法降低了監控的交換機數量可達62%。此外，我們比其他演算法改善監控的網路頻寬消耗可達41%。

With the growing of network services on the internet, quality of service and perfor-mance evaluation are critical issues for service provider. With regard to service runningnormally that need to monitor the network status. Network monitoring is an importantpart of network management, which collects flow statistics on the network for traffic en-gineering, flow re-routing, and attack detection. However, network monitoring may causelarge bandwidth overhead and long processing delay on switches. With monitoring de-mand, we need to have more efficiency and lower cost solution.

Software-defined networking(SDN) splits network to control plane and data planeand relies on the central controller to control the whole network. Flow monitoring inSDN is more flexible than traditional networking. Network monitoring in SDN onlyneeds to install a monitoring module into the controller. Without configuring the specifichardware devices and software for high costs on operation and maintenance. In SDN,the controller collects all switches information and statistic on the control channel. SDNcontroller communicates with switches to dynamically manage the entire network. Tomake scalability and reliability on network, central controller has the global traffic viewof the whole network. The flow statistics can be collected from each switch which ispart of the flow passing path. However, many papers are using per-flow and per-switchmechanisms to get the flow statistics from switch. It may make huge bandwidth cost inthe control plane channel and collect much redundant flow information from switch. Inthis paper, we propose two algorithms to reduce the monitoring cost in SDN. We re-routenetwork traffic to minimize the monitoring node and bandwidth cost. With compare toother algorithms, we have reduced the monitoring node than other algorithms over 62%.Also, we improve monitoring bandwidth overhead than other algorithms over 41% .iv

[1] C. V. Forecast, “Cisco visual networking index: Forecast and trends, 20172022 white paper,” 2019.
[2] NETSCOUT, “Netscout arbor confirms 1.7 tbps ddos attack; the terabit attack
era is upon us.” https://www.netscout.com/blog/asert/
netscout-arbor-confirms-17-tbps-ddos-attack-terabit-attack-era,
2018. [Online].
[3] S. Rowshanrad, S. Namvarasl, and M. Keshtgari, “A queue monitoring system in openflow software
defined networks,” vol. 2017, pp. 39–43, 01 2017.
[4] N. L. M. van Adrichem, C. Doerr, and F. A. Kuipers, “Opennetmon: Network monitoring in openflow
software-defined networks,” in 2014 IEEE Network Operations and Management Symposium
(NOMS), pp. 1–8, May 2014.
[5] K. Phemius and M. Bouet, “Monitoring latency with openflow,” in Proceedings of the 9th International
Conference on Network and Service Management (CNSM 2013), pp. 122–125, Oct 2013.
[6] S. Shin, L. Xu, S. Hong, and G. Gu, “Enhancing network security through software defined networking
(sdn),” in 2016 25th International Conference on Computer Communication and Networks
(ICCCN), pp. 1–9, Aug 2016.
[7] S. R. Chowdhury, M. F. Bari, R. Ahmed, and R. Boutaba, “Payless: A low cost network monitoring
framework for software defined networks,” in 2014 IEEE Network Operations and Management
Symposium (NOMS), pp. 1–9, May 2014.
[8] sFlow.org, “sFlow.” https://sflow.org/, 2019. [Online].
[9] Cisco, “NetFlow.” https://www.cisco.com/c/en/us/products/
ios-nx-os-software/ios-netflow/index.html, 2019. [Online].
[10] A. C. Myers and A. C. Myers, “Jflow: Practical mostly-static information flow control,” in Proceedings
of the 26th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages,
POPL ’99, (New York, NY, USA), pp. 228–241, ACM, 1999.
[11] A. Tootoonchian, M. Ghobadi, and Y. Ganjali, “Opentm: Traffic matrix estimator for openflow networks,”
in Proceedings of the 11th International Conference on Passive and Active Measurement,
PAM’10, (Berlin, Heidelberg), pp. 201–210, Springer-Verlag, 2010.
[12] Z. Su, T. Wang, Y. Xia, and M. Hamdi, “Flowcover: Low-cost flow monitoring scheme in software
defined networks,” in 2014 IEEE Global Communications Conference, pp. 1956–1961, Dec 2014.
[13] Z. Su, T. Wang, Y. Xia, and M. Hamdi, “Cemon,” Comput. Netw., vol. 92, pp. 101–115, Dec. 2015.
[14] The Open Networking Foundation, “OpenFlow Switch Specification v1.5.1,” 2015.