The paper, “Flow Table Security in SDN: Adversarial Reconnaissance and Intelligent Attacks“, talks about how a host-based adversary can use the difference in packet delays to infer flow table state and policy, and then use the inferred information to design efficient DoS attacks. Its conference version was presented at INFOCOM’20.