To see the other types of publications on this topic, follow the link: Software Defined Networking (SDN) / OpenFlow.
Journal articles on the topic 'Software Defined Networking (SDN) / OpenFlow'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 50 journal articles for your research on the topic 'Software Defined Networking (SDN) / OpenFlow.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.
1
Alotaibi, Modhawi, Ahmed Helmy, and Amiya Nayak. "Modeling Handover Signaling Messages in OpenFlow-Based Mobile Software-Defined Networks." Journal of Computer Networks and Communications 2018 (December 18, 2018): 1–14. http://dx.doi.org/10.1155/2018/1543531.
Full textAbstract:
The software-defined networking (SDN) paradigm has become essential in tackling several issues and challenges in conventional networking, especially in mobile/cellular networks. In order to realize the benefits brought by SDN to mobility management, we study the effects of SDN in conjunction with OpenFlow protocol on the handover procedure. However, in this new setting, the handover still suffers from delay due to the exchange of OpenFlow signaling messages. In this paper, we focus on SDN in mobile networks and quantify the delays of handover-related OpenFlow messages in order to identify the performance measures as well as the underlying challenges. For our analysis, we provide an analytical model, using which we modeled two handover-related OpenFlow messages in such networks. To the best of our knowledge, no previous work has modeled OpenFlow messages other than Packet-in messages. In this paper, in addition to the Packet-in message, we model Port-status messages. Following our analysis, we propose a novel solution to make handover more efficient and less interruptive. Furthermore, we study our solution in an LTE architecture and compare it to an existing solution. We show that, in normal traffic conditions, our solution can decrease the handover delay as much as 20%.
2
Allouzi, Maha Ali, and Javed I. Khan. "Advanced Authentication Protocol for Software-Defined Networks." International Journal of Semantic Computing 12, no. 03 (2018): 361–71. http://dx.doi.org/10.1142/s1793351x18400160.
Full textAbstract:
Software-Defined Networking (SDN) is being widely implemented by critical infrastructure networks, however providing security features still a challenge. In this work, we present SafeFlow an Automatic Trust Negotiation Protocol for SDN, a first line of defense and fine-grained authentication protocol, in order to deny the access of OpenFlow switches without valid digital credentials. Traditional security approaches based on identity or capabilities do not solve the problem of establishing trust between strangers. One alternative approach to mutual trust establishment is Trust Negotiation, the bilateral exchange of digital credentials to establish trust gradually. The proposed protocol describes Trust Negotiation in OpenFlow protocol, probable extension to the OpenFlow handshake protocol. In this paper, we describe the implementation of SafeFlow. The proposed protocol ensures the security of the infrastructure itself, as there are also other proposals for developing security application on OpenFlow network infrastructure.
3
Bayu, Teguh Indra, and Etvan Ewaldo Tahan. "SOFTWARE DEFINED NETWORK (SDN) SIMULATION CONCEPT USING RASPBERRY PI." Jurnal Terapan Teknologi Informasi 2, no. 2 (2018): 1–11. http://dx.doi.org/10.21460/jutei.2018.22.100.
Full textAbstract:
In school environment, office, company or society, needs a computer network which uses for supporting every users’ working and to communicate each other. However, it makes some users who are not responsible could able to disturb communication security system data in networking. Security system is needed to avoid the problems. Access Control List (ACL) can be an alternative to secure a computer network. By applying Software Defined Network (SDN) concept which is based on management concept of centralized network use software. It focus on how applying ACL in infrastructure network SDN use Raspberry Pi as an openflow switch. The decisive element of an infrastructure network SDN is a controller, an openflow switch, and network device would connect one network to the other network by using Openflow protocol. From the research which is conducted SDN concept, ACL able to applied using flow-control method. It gives some clear value on flow-control, so the restriction access can be done in every network device which is connected in infrastructure network SDN.
4
Kareem, Mohammed Ibrahim, and Mahdi Nsaif Jasim. "Entropy-based distributed denial of service attack detection in software-defined networking." Indonesian Journal of Electrical Engineering and Computer Science 27, no. 3 (2022): 1542. http://dx.doi.org/10.11591/ijeecs.v27.i3.pp1542-1549.
Full textAbstract:
Software defined networking (SDN) is a new network architecture that allows for centralized network control. The separation of the data plane from the control plane, which establishes a programmable network environment, is the key breakthrough underpinning SDN. The controller facilitates the deployment of services that specify control policies and delivers these rules to the data plane using a common protocol such as OpenFlow at the control plane. Despite the many advantages of this design, SDN security remains a worry because the aforementioned chapter expands the network's attack surface. In fact, denial of service (DoS) assaults pose a significant threat to SDN settings in a variety of ways, owing to flaws in the data and control layers. This work shows how distributed denial of service (DDoS) attack detection is based on the entropy variation of the destination IP address. The study takes advantage of the OpenFlow protocol's (OFP) flexibility and an OpenFlow controller (POX) to apply the proposed method. An entropy computation to determine the distributed features of DDoS traffic is developed and it is capable of detecting a user datagram protocol (UDP) flood attack after 0.445 seconds this type of attack occurred.
5
Savaliya, Abhishek, Rutvij H. Jhaveri, Qin Xin, Saad Alqithami, Sagar Ramani, and Tariq Ahamed Ahanger. "Securing industrial communication with software-defined networking." Mathematical Biosciences and Engineering 18, no. 6 (2021): 8298–313. http://dx.doi.org/10.3934/mbe.2021411.
Full textAbstract:
<abstract> <p>Industrial Cyber-Physical Systems (CPSs) require flexible and tolerant communication networks to overcome commonly occurring security problems and denial-of-service such as links failure and networks congestion that might be due to direct or indirect network attacks. In this work, we take advantage of Software-defined networking (SDN) as an important networking paradigm that provide real-time fault resilience since it is capable of global network visibility and programmability. We consider OpenFlow as an SDN protocol that enables interaction between the SDN controller and forwarding plane of network devices. We employ multiple machine learning algorithms to enhance the decision making in the SDN controller. Integrating machine learning with network resilience solutions can effectively address the challenge of predicting and classifying network traffic and thus, providing real-time network resilience and higher security level. The aim is to address network resilience by proposing an intelligent recommender system that recommends paths in real-time based on predicting link failures and network congestions. We use statistical data of the network such as link propagation delay, the number of packets/bytes received and transmitted by each OpenFlow switch on a specific port. Different state-of-art machine learning models has been implemented such as logistic regression, K-nearest neighbors, support vector machine, and decision tree to train these models in normal state, links failure and congestion conditions. The models are evaluated on the Mininet emulation testbed and provide accuracies ranging from around 91–99% on the test data. The machine learning model with the highest accuracy is utilized in the intelligent recommender system of the SDN controller which helps in selecting resilient paths to achieve a better security and quality-of-service in the network. This real-time recommender system helps the controller to take reactive measures to improve network resilience and security by avoiding faulty paths during path discovery and establishment.</p> </abstract>
6
Yujie Xie and Pankoo Kim. "Novel privacy vulnerabilities and challenges of OpenFlow-based SDN in network security." Research Briefs on Information and Communication Technology Evolution 3 (October 15, 2017): 84–90. http://dx.doi.org/10.56801/rebicte.v3i.47.
Full textAbstract:
In the last decade, software defined networking (SDN) with novel mobile network environment hasdrawn so many attentions from both IT industries and academic because of its huge convenient andeconomic cost. Advanced mobile networks provide abundant entertainments and rich lifestyle forcitizens, which requires larger storage and higher quality of internet environments such as innovativemobile cloud computing and especially potential SDN [1]. Then emerging SDN technology satisfyingmore users’ demands gains a lot of momentum, which is a new network structure with highersecurity than traditional networks. Meanwhile, novel vulnerabilities and challenges play the mostimportant roles in the deployment of software defined networking. In this paper, at first, we brieflyintroduce software defined networking including three main planes. Then OpenFlow-based SDN areillustrated. The procedure of OpenFlow-based SDN working is also provided in this part. And relatedsecurity vulnerabilities and challenges on each layer are presented in the last part.
7
Wang, Rui, Zhiyong Zhang, Lei Ju, and Zhiping Jia. "A Novel OpenFlow-Based DDoS Flooding Attack Detection and Response Mechanism in Software-Defined Networking." International Journal of Information Security and Privacy 9, no. 3 (2015): 21–40. http://dx.doi.org/10.4018/ijisp.2015070102.
Full textAbstract:
Software-Defined Networking (SDN) and OpenFlow have brought a promising architecture for the future networks. However, there are still a lot of security challenges to SDN. To protect SDN from the Distributed denial-of-service (DDoS) flooding attack, this paper extends the flow entry counters and adds a mark action of OpenFlow, then proposes an entropy-based distributed attack detection model, a novel IP traceback and source filtering response mechanism in SDN with OpenFlow-based Deterministic Packet Marking. It achieves detecting the attack at the destination and filtering the malicious traffic at the source and can be easily implemented in SDN controller program, software or programmable switch, such as Open vSwitch and NetFPGA. The experimental results show that this scheme can detect the attack quickly, achieve a high detection accuracy with a low false positive rate, shield the victim from attack traffic and also avoid the attacker consuming resource and bandwidth on the intermediate links.
8
Kartadie, Rikie. "MIKROTIK RB750 ROUTERBOARD SEBAGAI ALTERNATIF SWITCH OPENFLOW SOFTWARE-BASE." Simetris : Jurnal Teknik Mesin, Elektro dan Ilmu Komputer 7, no. 2 (2016): 467. http://dx.doi.org/10.24176/simet.v7i2.756.
Full textAbstract:
Software-Defined Networking (SDN) merupakan cara untuk mengurangi kompleksitas konfigurasi jaringan dan manajemen jaringan. Solusi yang ditawarkan oleh SDN memberikan nuansa baru pada jaringan komputer. Pengimplementasian arsitektur SDN/OpenFlow membutuhkan biaya yang tinggi, sedangkan penggunaan emulator mininet mampu memberikan simulasi yang baik pada skala penelitian, namun dalam kenyataannya implementasinya membutuhkan hardware. Pengimplementasian OpenFlow pada switch telah merambah kebeberapa vendor, diantaranya MikroTik yang telah menambahkan OpenFlow agent pada OS versi 6.17 pada RouterOS nya dan memungkinkannya untuk dapat diimplementasikan pada arsitektur SDN/OpenFlow dengan biaya yang lebih terjangkau. Implementasi OpenFlow agent pada RouterOS MikroTik layak untuk diuji performanya, sebagai alternatif switch OpenFlow software-base. Penelitian ini adalah penelitian awal dari rangkaian penelitian yang akan dilakukan. Langkah-langkah penelitian adalah: (1)Merancang topologi, (2)Simulasi menggunakan emulator mininet sebagai data pembanding (dianggap sebagai representatif dari hardware-base switch), (3)Memodifikasi MikroTik RB750 sebagai prototipe switch OpenFlow software-base, (4) Pengujian prototipe, (5) Analisis hasil dan menarik kesimpulan. Dari hasil uji latency, prototipe memberikan nilai lebih tinggi dibandingkan dengan nilai pembandingnya, nilai throughput TPC dan UDP 1937.5 kbps dan 8.64 kbps dan nilai jitter 0.0093 msec lebih rendah dibandingkan nilai pembandingnya. Prototipe dapat dijadikan alternatif pengganti switch OpenFlow Software-based, walaupun prototipe masih memberikan nilai performa yang rendah. Kata kunci: mininet, mikrotik, software-defined network, openflow.
9
Shrivastava, Gourav, Praveen Kaushik, and R. K.Pateriya. "Load balancing strategies in software defined networks." International Journal of Engineering & Technology 7, no. 3 (2018): 1854. http://dx.doi.org/10.14419/ijet.v7i3.14017.
Full textAbstract:
In the past few years, network requirements have been changing frequently as the amount of data traffic increasing exponentially so it is difficult to utilize the full capacity of network resources. Software Defined Networking (SDN) is emerging as a new networking technology which decouples the control plane from the data plane in the network devices. Separation of control and data plane allows a network administrator a better control over network management and also enables new development through network programmability. Presently Open-Flow is the most popular SDN protocol which provides communication between network devices and controller. In this paper, the Round Robin algorithm is compared with the Dynamic load balancing algorithm using the OpenFlow protocol in SDN under varying load conditions of TCP and UDP traffic. Experimental analysis shows that the dynamic load balancing strategy works better than the Round Robin load balancing.
10
Elloumi Zitouna, Imene. "Learning-based Orchestrator for Intelligent Software-defined Networking Controllers." International Journal of Software Engineering & Applications 11, no. 6 (2020): 17–30. http://dx.doi.org/10.5121/ijsea.2020.11602.
Full textAbstract:
This paper presents an overview of our learning-based orchestrator for intelligent Open vSwitch that we present this using Machine Learning in Software-Defined Networking technology. The first task consists of extracting relevant information from the Data flow generated from a SDN and using them to learn, to predict and to accurately identify the optimal destination OVS using Reinforcement Learning and QLearning Algorithm. The second task consists to select this using our hybrid orchestrator the optimal Intelligent SDN controllers with Supervised Learning. Therefore, we propose as a solution using Intelligent Software-Defined Networking controllers (SDN) frameworks, OpenFlow deployments and a new intelligent hybrid Orchestration for multi SDN controllers. After that, we feeded these feature to a Convolutional Neural Network model to separate the classes that we’re working on. The result was very promising the model achieved an accuracy of 72.7% on a database of 16 classes. In any case, this paper sheds light to researchers looking for the trade-offs between SDN performance and IA customization.
11
Khairi, Mutaz Hamed Hussien, Sharifah H. S. Ariffin, N. M. Abdul Latiff, Kamaludin Mohamad Yusof, M. K. Hassan, and Mohammad Rava. "The impact of firewall on TCP and UDP throughput in an openflow software defined network." Indonesian Journal of Electrical Engineering and Computer Science 20, no. 1 (2020): 256. http://dx.doi.org/10.11591/ijeecs.v20.i1.pp256-263.
Full textAbstract:
Software Defined Networking (SDN) is an emerging networking paradigm that provides more flexibility and adaptability in terms of network definition and control. However, SDN is a logically centralized technology. Therefor the control plane (i.e. controller) scalability in SDN in particular, is also one of the problems that needs further focus. OpenFlow is one of the protocol standards in SDN, which allow the separation of the controller from the forwarding plane. The control plane has an SDN embedded firewall and is able to enforce and monitor the network activity. This firewall can be used to control the throughput. However, it may affect SDN performance. In this paper, throughput will be used as a performance metric to evaluate and assess the firewall impact on two protocols; Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) that passes through the forwarding planes. The evaluations have been verified through simulating the SDN OpenFlow network using MININET. The results show that an implementation of firewall module in SDN creates a significant 36% average drop for TCP and 87% average drop for UDP in the bandwidth which eventually affect the quality of the network and applications.
12
Mahdi, Suadad S., and Alharith A. Abdullah. "Enhanced Security of Software-defined Network and Network Slice Through Hybrid Quantum Key Distribution Protocol." Infocommunications journal 14, no. 3 (2022): 9–15. http://dx.doi.org/10.36244/icj.2022.3.2.
Full textAbstract:
Software-defined networking (SDN) has revolutionized the world of technology as networks have become more flexible, dynamic and programmable. The ability to conduct network slicing in 5G networks is one of the most crucial features of SDN implementation. Although network programming provides new security solutions of traditional networks, SDN and network slicing also have security issues, an important one being the weaknesses related to openflow channel between the data plane and controller as the network can be attacked via the openflow channel and exploit communications with the control plane. Our work proposes a solution to provide adequate security for openflow messages through using a hybrid key consisting of classical and quantum key distribution protocols to provide double security depending on the computational complexity and physical properties of quantum. To achieve this goal, the hybrid key used with transport layer security protocol to provide confidentiality, integrity and quantum authentication to secure openflow channel. We experimentally based on the SDN-testbed and network slicing to show the workflow of exchanging quantum and classical keys between the control plane and data plane and our results showed the effectiveness of the hybrid key to enhance the security of the transport layer security protocol. Thereby achieving adequate security for openflow channel against classical and quantum computer attacks.
13
Napitu, Daniel Halomoan Saragi, M. Zarlis, and Tulus Tulus. "Karakteristik Openflow Controller dengan ONOS." JTIK (Jurnal Teknik Informatika Kaputama) 1, no. 1 (2017): 10–14. http://dx.doi.org/10.59697/jtik.v1i1.681.
Full textAbstract:
Openflow merupakan protokol yang digunakan dalam implementasi Software Defined Networking (SDN). Sebagai bagian proses komunikasi antara controller Openflow dan switch Openflow, protokol Openflow berfungsi sebagai bagian utama proses komunikasi antar kedua perangkat tersebut. Sebagai perangkat pusat, Openflow controller memiliki fungsi utama dalam komunikasi. Setiap vendor memiliki pendekatan yang berbeda mengenai bagaimana penerapan proses komunikasi yang dilakukan oleh controller . Jurnal ini menjelaskan mengenai bagaimana operasional Openflow controller dengan menggunakan Open Network Operating System (ONOS).
14
Nkenyereye, Lionel, Lewis Nkenyereye, Bayu Adhi Tama, Alavalapati Reddy, and JaeSeung Song. "Software-Defined Vehicular Cloud Networks: Architecture, Applications and Virtual Machine Migration." Sensors 20, no. 4 (2020): 1092. http://dx.doi.org/10.3390/s20041092.
Full textAbstract:
Cloud computing supports many unprecedented cloud-based vehicular applications. To improve connectivity and bandwidth through programmable networking architectures, Software- Defined (SD) Vehicular Network (SDVN) is introduced. SDVN architecture enables vehicles to be equipped with SDN OpenFlow switch on which the routing rules are updated from a SDN OpenFlow controller. From SDVN, new vehicular architectures are introduced, for instance SD Vehicular Cloud (SDVC). In SDVC, vehicles are SDN devices that host virtualization technology for enabling deployment of cloud-based vehicular applications. In addition, the migration of Virtual Machines (VM) over SDVC challenges the performance of cloud-based vehicular applications due the highly mobility of vehicles. However, the current literature that discusses VM migration in SDVC is very limited. In this paper, we first analyze the evolution of computation and networking technologies of SDVC with a focus on its architecture within the cloud-based vehicular environment. Then, we discuss the potential cloud-based vehicular applications assisted by the SDVC along with its ability to manage several VM migration scenarios. Lastly, we provide a detailed comparison of existing frameworks in SDVC that integrate the VM migration approach and different emulators or simulators network used to evaluate VM frameworks’ use cases.
15
Wang, Huiwen, Huibiao Zhu, Lili Xiao, and Yuan Fei. "Formalization and Verification of the OpenFlow Bundle Mechanism Using CSP." International Journal of Software Engineering and Knowledge Engineering 28, no. 11n12 (2018): 1657–77. http://dx.doi.org/10.1142/s0218194018400223.
Full textAbstract:
Software-Defined Networking (SDN) is an emerging architecture of computer networking. OpenFlow is considered as the first and currently most popular standard southbound interface of SDN. It is a communication protocol which enables the SDN controller to directly interact with the forwarding plane, which makes the network more flexible and programmable. The promising and widespread use makes the reliability of OpenFlow important. The OpenFlow bundle mechanism is a new mechanism proposed by OpenFlow protocol to guarantee the completeness and consistency of the messages transmitted between SDN devices like switches and controllers. In this paper, we use Communication Sequential Processes (CSP) to formally model the OpenFlow bundle mechanism. By adopting the models into the model checker Process Analysis Toolkit (PAT), we verify the relevant properties of the mechanism, including deadlock freeness, parallelism, atomicity, order property and schedulability. Our formalization and verification show that the mechanism can satisfy these properties, from which we can conclude that the mechanism offers a better way to guarantee the completeness and consistency.
16
Dey, Samrat Kumar, and Md Mahbubur Rahman. "Effects of Machine Learning Approach in Flow-Based Anomaly Detection on Software-Defined Networking." Symmetry 12, no. 1 (2019): 7. http://dx.doi.org/10.3390/sym12010007.
Full textAbstract:
Recent advancements in software-defined networking (SDN) make it possible to overcome the management challenges of traditional networks by logically centralizing the control plane and decoupling it from the forwarding plane. Through a symmetric and centralized controller, SDN can prevent security breaches, but it can also bring in new threats and vulnerabilities. The central controller can be a single point of failure. Hence, flow-based anomaly detection system in OpenFlow Controller can secure SDN to a great extent. In this research, we investigated two different approaches of flow-based intrusion detection system in OpenFlow Controller. The first of which is based on machine-learning algorithm where NSL-KDD dataset with feature selection ensures the accuracy of 82% with random forest classifier using the gain ratio feature selection evaluator. In the later phase, the second approach is combined with a deep neural network (DNN)-based intrusion detection system based on gated recurrent unit-long short-term memory (GRU-LSTM) where we used a suitable ANOVA F-Test and recursive feature elimination selection method to boost classifier output and achieve an accuracy of 88%. Substantial experiments with comparative analysis clearly show that, deep learning would be a better choice for intrusion detection in OpenFlow Controller.
17
Muluye, Worku. "A Review on Software-Defined Networking Distributed Controllers." International Journal of Engineering and Computer Science 9, no. 2 (2020): 24953–61. http://dx.doi.org/10.18535/ijecs/v9i2.4439.
Full textAbstract:
A computer network is a critical issue in our day to day activity; however, today it works under various problems. Since in the current network architecture the control plane and data plane are vertically bundled on the same device. To solve this problem programmable Software-Defined Network is released. OpenFlow is a protocol that vertically separates control plane and data plane of the network devices. In SDN the controllers are the brains of the network that controls the network devices. Today’s network required successful integration of distributed controllers to make the network more consistent. SDN distributed controller is a controller that we can add or remove the controllers according to the number of devices change. Distributed controller architecture has investigated and compared the 6 recent distributed controllers by using 26 criteria. Orion is the first best controller and ONOS is the second best controller.
18
Hagos, Desta Haileselassie. "Software-Defined Networking for Scalable Cloud-based Services to Improve System Performance of Hadoop-based Big Data Applications." International Journal of Grid and High Performance Computing 8, no. 2 (2016): 1–22. http://dx.doi.org/10.4018/ijghpc.2016040101.
Full textAbstract:
The rapid growth of Cloud Computing has brought with it major new challenges in the automated manageability, dynamic network reconfiguration, provisioning, scalability and flexibility of virtual networks. OpenFlow-enabled Software-Defined Networking (SDN) alleviates these key challenges through the abstraction of lower level functionality that removes the complexities of the underlying hardware by separating the data and control planes. SDN has an efficient, dynamic, automated network management, higher availability and application provisioning through programmable interfaces which are very critical for flexible and scalable cloud-based services. In this study, the author explores broadly useful open technologies and methodologies for applying an OpenFlow-enabled SDN to scalable cloud-based services and a variety of diverse applications. The approach in this paper introduces new research challenges in the design and implementation of advanced techniques for bringing an SDN-enabled components and big data applications into a cloud environment in a dynamic setting. Some of these challenges become pressing concerns to cloud providers when managing virtual networks and data centers, while others complicate the development and deployment of cloud-hosted applications from the perspective of developers and end users. However, the growing demand for manageable, scalable and flexible clouds necessitates that effective solutions to these challenges be found. Hence, through real-world research validation use cases, this paper aims at exploring useful mechanisms for the role and potential of an OpenFlow-enabled SDN and its direct benefit for scalable cloud-based services. Finally, it demonstrates the impact of an OpenFlow-enabled SDN that fully embraces the opportunities and challenges of cloud infrastructures to improve the system performance of Hadoop-based big data applications by utilizing the network control capabilities of an OpenFlow to solve network congestion.
19
Meena, Ramesh Chand, Surbhi Bhatia, Rutvij H. Jhaveri, et al. "Enhancing Software-Defined Networks with Intelligent Controllers to Improve First Packet Processing Period." Electronics 12, no. 3 (2023): 600. http://dx.doi.org/10.3390/electronics12030600.
Full textAbstract:
Software-Defined Networking (SDN) has a detailed central model that separates the data plane from the control plane. The SDN controller is in charge of monitoring network security and controlling data flow. OpenFlow-enabled routers and switches work as packet-forwarding devices in the network system. At first, OpenFlow forwarding devices like routers and switches do not know how to handle the data packets transmitted by the host. This is because they do not have any security controls, policies, or information. These packets are sent to their destination. In this situation, the OpenFlow forwarding device sends the first data packet of a host to the SDN controller, which checks the control packets for the data packet and creates flow entries in the switch flow table to act on the following categories of data packets coming from the host. These activities at the SDN controller and switch levels are time-intensive, and the first data packet from the host always takes a longer time to reach its destination. In this article, we suggest an SDN controller with instant flow entries (SDN-CIFE) to reduce the amount of time it takes for the host to transmit its first data packet. Before traffic comes from the host, our method adds the necessary flow entries to the flow table of the OpenFlow switch. The technique was made in Python and tested on a Mininet network emulator using the RYU controller. The results of the experiment show that the time it takes to process the first data packet is reduced by more than 83%.
20
Wang, Dongbin, Yu Zhao, Hui Zhi, et al. "DoSDefender: A Kernel-Mode TCP DoS Prevention in Software-Defined Networking." Sensors 23, no. 12 (2023): 5426. http://dx.doi.org/10.3390/s23125426.
Full textAbstract:
The limited computation resource of the centralized controller and communication bandwidth between the control and data planes become the bottleneck in forwarding the packets in Software-Defined Networking (SDN). Denial of Service (DoS) attacks based on Transmission Control Protocol (TCP) can exhaust the resources of the control plane and overload the infrastructure of SDN networks. To mitigate TCP DoS attacks, DoSDefender is proposed as an efficient kernel-mode TCP DoS prevention framework in the data plane for SDN. It can prevent TCP DoS attacks from entering SDN by verifying the validity of the attempts to establish a TCP connection from the source, migrating the connection, and relaying the packets between the source and the destination in kernel space. DoSDefender conforms to the de facto standard SDN protocol, the OpenFlow policy, which requires no additional devices and no modifications in the control plane. Experimental results show that DoSDefender can effectively prevent TCP DoS attacks in low computing consumption while maintaining low connection delay and high packet forwarding throughput.
21
Aouad, Siham, Issam El Meghrouni, Yassine Sabri, Adil Hilmani, and Abderrahim Maizate. "Security of software defined networks: evolution and challenges." International Journal of Reconfigurable and Embedded Systems (IJRES) 12, no. 3 (2023): 384. http://dx.doi.org/10.11591/ijres.v12.i3.pp384-391.
Full textAbstract:
<span>In software-defined networking (SDN), network traffic is managed by software controllers or application programming interfaces (APIs) rather than hardware components. It differs from traditional networks, which use switches and routers to control traffic. Using SDN, you can create and control virtual networks or traditional hardware networks. Furthermore, OpenFlow allows network administrators to control exact network behavior through centralized control of packet forwarding. For these reasons, SDN has advantages over certain security issues, unlike traditional networks. However, most of the existing vulnerabilities and security threats in the traditional network also impact the SDN network. This document presents the attacks targeting the SDN network and the solutions that protect against these attacks. In addition, we introduce a variety of SDN security controls, such as intrusion detection systems (IDS)/intrusion prevention system (IPS), and firewalls. Towards the end, we outline a conclusion and perspectives.</span>
22
Huddiniah, Estu Rizky, Eristya Maya Safitri, Satrio Adi Priyambada, Muhammad Nasrullah, and Nisa Dwi Angresti. "Optimasi Rute Untuk Software Defined Networking-Wide Area Network (SDN-WAN) Dengan Openflow Protocol." Informatika Mulawarman : Jurnal Ilmiah Ilmu Komputer 13, no. 1 (2018): 7. http://dx.doi.org/10.30872/jim.v13i1.1006.
Full textAbstract:
Semakin berkembangnya teknologi saat ini berbanding lurus dengan kebutuhan akan proses mengelola dan monitoring jaringan yang lebih efektif dan efisien. TE (Traffic Engineering) dikembangkan untuk mengoptimalkan arus data dalam jaringan untuk memenuhi tingkat QoS (Quality of Services) dalam penggunaan jaringan. Namun, TE memiliki tantangan dalam hal kompleksitas komunikasi dan algoritma yang dapat meningkatkan kebutuhan akan sumber daya jaringan. SDN (Software Defined Networking) merupakan suatu teknologi jaringan terbaru untuk mengatasi tantangan yang ada pada TE. Dengan pengaturan secara terpusat (centralized control) dan lebih fleksible, SDN secara signifikan dapat memangkas penggunaan sumber daya jaringan komunikasi yang dibutuhkan untuk kebermanfaatan sumber daya jaringan secara keseluruhan. Makalah ini akan mengulas beberapa literatur terkait metode optimasi routing pada jaringan dengan menggunakan teknologi SDN yang berfokus pada SDN-WAN (Software Defined Networking – Wide Area Network).
23
Muthanna, Ammar, Abdelhamied A. Ateya, Abdukodir Khakimov, et al. "Secure and Reliable IoT Networks Using Fog Computing with Software-Defined Networking and Blockchain." Journal of Sensor and Actuator Networks 8, no. 1 (2019): 15. http://dx.doi.org/10.3390/jsan8010015.
Full textAbstract:
Designing Internet of Things (IoT) applications faces many challenges including security, massive traffic, high availability, high reliability and energy constraints. Recent distributed computing paradigms, such as Fog and multi-access edge computing (MEC), software-defined networking (SDN), network virtualization and blockchain can be exploited in IoT networks, either combined or individually, to overcome the aforementioned challenges while maintaining system performance. In this paper, we present a framework for IoT that employs an edge computing layer of Fog nodes controlled and managed by an SDN network to achieve high reliability and availability for latency-sensitive IoT applications. The SDN network is equipped with distributed controllers and distributed resource constrained OpenFlow switches. Blockchain is used to ensure decentralization in a trustful manner. Additionally, a data offloading algorithm is developed to allocate various processing and computing tasks to the OpenFlow switches based on their current workload. Moreover, a traffic model is proposed to model and analyze the traffic indifferent parts of the network. The proposed algorithm is evaluated in simulation and in a testbed. Experimental results show that the proposed framework achieves higher efficiency in terms of latency and resource utilization.
24
Alssaheli, Omran M. A., Z. Zainal Abidin, N. A. Zakaria, and Z. Abal Abas. "Implementation of Network Traffic Monitoring using Software Defined Networking Ryu Controller." WSEAS TRANSACTIONS ON SYSTEMS AND CONTROL 16 (May 25, 2021): 270–77. http://dx.doi.org/10.37394/23203.2021.16.23.
Full textAbstract:
Network traffic monitoring is vital for enhancing the overall network performance and for optimizing the traffic flows. However, an emerging growth of use in cloud services, internet-of-things, block-chain and data analytics, demand the hardware-based-network-controller to provide more features for expanding network architecture. Therefore, Software Defined Networking (SDN) offers a new solution in terms of scalability, usability and programmable software-based-network-controller for the legacy network infrastructure. In fact, SDN provides a dynamic platform for the network traffic monitoring using international standard. In this study, SDN setup and installation method uses a Mininet emulator containing a controller Ryu with switching hub component, OpenFlow switches, and nodes. The number of nodes is adding until reaches to 16 nodes and evaluated through different network scenarios (single, linear and tree topology). Findings show that the single topology gives a winning criterion compared to other topologies. SDN implementation is measured with performance parameters such as Throughput, Jitter, Bandwidth and Round-Trip Time between scenarios using the Ryu controller. Future research explores on the performance of SDN in larger network and investigates the efficiency and effectiveness of SDN implementation in mesh topology.
25
Xue, Hai, Kyung Tae Kim, and Hee Yong Youn. "Packet Scheduling for Multiple-Switch Software-Defined Networking in Edge Computing Environment." Wireless Communications and Mobile Computing 2018 (November 18, 2018): 1–11. http://dx.doi.org/10.1155/2018/7659085.
Full textAbstract:
Software-defined networking (SDN) decouples the control plane and data forwarding plane to overcome the limitations of traditional networking infrastructure. Among several communication protocols employed for SDN, OpenFlow is most widely used for the communication between the controller and switch. In this paper two packet scheduling schemes, FCFS-Pushout (FCFS-PO) and FCFS-Pushout-Priority (FCFS-PO-P), are proposed to effectively handle the overload issue of multiple-switch SDN targeting the edge computing environment. Analytical models on their operations are developed, and extensive experiment based on a testbed is carried out to evaluate the schemes. They reveal that both of them are better than the typical FCFS-Block (FCFS-BL) scheduling algorithm in terms of packet wait time. Furthermore, FCFS-PO-P is found to be more effective than FCFS-PO in the edge computing environment.
26
Latah, Majd, and Levent Toker. "A novel intelligent approach for detecting DoS flooding attacks in software-defined networks." International Journal of Advances in Intelligent Informatics 4, no. 1 (2018): 11. http://dx.doi.org/10.26555/ijain.v4i1.138.
Full textAbstract:
Software-Defined Networking (SDN) is an emerging networking paradigm that provides an advanced programming capability and moves the control functionality to a centralized controller. This paper proposes a two-stage novel intelligent approach that takes advantage of the SDN approach to detect Denial of Service (DoS) flooding attacks based on calculation of packet rate as the first step and followed by Support Vector Machine (SVM) classification as the second step. Flow concept is an essential idea in OpenFlow protocol, which represents a common interface between an SDN switch and an SDN controller. Therefore, our system calculates the packet rate of each flow based on flow statistics obtained by SDN controller. Once the packet rate exceeds a predefined threshold, the system will activate the packet inspection unit, which, in turn, will use the (SVM) algorithm to classify the previously collected packets. The experimental results showed that our system was able to detect DoS flooding attacks with 96.25% accuracy and 0.26% false alarm rate.
27
Khairi, Mutaz Hamed Hussien, Sharifah H. S. Ariffin, N. M. Abdul Latiff, and Kamaludin Mohamad Yusof. "Generation and collection of data for normal and conflicting flows in software defined network flow table." Indonesian Journal of Electrical Engineering and Computer Science 22, no. 1 (2021): 307. http://dx.doi.org/10.11591/ijeecs.v22.i1.pp307-314.
Full textAbstract:
<a name="_Hlk31039004"></a><span lang="EN-US">In terms of network simplification and regulation, Software Defined Networking (SDN) is a new form of infrastructure that offers greater adaptability and flexibility. SDN, however, is an invention that is logically centralized. </span><span>In addition, the optimization of the control plane and data plane in SDN has become an area deserving of more attention. The flow in OpenFlow has been one of the essential parameters in the SDN standards, in which every individual flow includes packet matching fields, flow priority, separate counters, instructions for packet forwarding, flow timeouts and a cookie. This research work is conducted in order to produce and collect flows from the OpenFlow switch in two scenarios; in normal flows and when conflict policy rules are enforced in the network. In this article, the throughput is required to review and evaluate the conflict impact on two protocols as a performance metric; the Transmission Control Protocol (TCP) and the User Datagram Protocol (UDP) that flows via a forwarded plane. During the simulation of the SDN OpenFlow network, the metrics are tested using MININET. The results demonstrate that the existence of SDN conflict rules allows TCP and UDP to have a significant average change in bandwidth that eventually affects the network and operations performance.</span>
28
Tang, Tuan Anh, Lotfi Mhamdi, Des McLernon, Syed Ali Raza Zaidi, Mounir Ghogho, and Fadi El Moussa. "DeepIDS: Deep Learning Approach for Intrusion Detection in Software Defined Networking." Electronics 9, no. 9 (2020): 1533. http://dx.doi.org/10.3390/electronics9091533.
Full textAbstract:
Software Defined Networking (SDN) is developing as a new solution for the development and innovation of the Internet. SDN is expected to be the ideal future for the Internet, since it can provide a controllable, dynamic, and cost-effective network. The emergence of SDN provides a unique opportunity to achieve network security in a more efficient and flexible manner. However, SDN also has original structural vulnerabilities, which are the centralized controller, the control-data interface and the control-application interface. These vulnerabilities can be exploited by intruders to conduct several types of attacks. In this paper, we propose a deep learning (DL) approach for a network intrusion detection system (DeepIDS) in the SDN architecture. Our models are trained and tested with the NSL-KDD dataset and achieved an accuracy of 80.7% and 90% for a Fully Connected Deep Neural Network (DNN) and a Gated Recurrent Neural Network (GRU-RNN), respectively. Through experiments, we confirm that the DL approach has the potential for flow-based anomaly detection in the SDN environment. We also evaluate the performance of our system in terms of throughput, latency, and resource utilization. Our test results show that DeepIDS does not affect the performance of the OpenFlow controller and so is a feasible approach.
29
Taniguchi, Yoshiaki, Hiroaki Tsutsumi, Nobukazu Iguchi, and Kenzi Watanabe. "Design and Evaluation of a Proxy-Based Monitoring System for OpenFlow Networks." Scientific World Journal 2016 (2016): 1–10. http://dx.doi.org/10.1155/2016/6513649.
Full textAbstract:
Software-Defined Networking (SDN) has attracted attention along with the popularization of cloud environment and server virtualization. In SDN, the control plane and the data plane are decoupled so that the logical topology and routing control can be configured dynamically depending on network conditions. To obtain network conditions precisely, a network monitoring mechanism is necessary. In this paper, we focus on OpenFlow which is a core technology to realize SDN. We propose, design, implement, and evaluate a network monitoring system for OpenFlow networks. Our proposed system acts as a proxy between an OpenFlow controller and OpenFlow switches. Through experimental evaluations, we confirm that our proposed system can capture packets and monitor traffic information depending on administrator’s configuration. In addition, we show that our proposed system does not influence significant performance degradation to overall network performance.
30
Hessam, Ghandi, Ghassan Saba, and M. Iyad Alkhayat. "A new approach for detecting violation of data plane integrity in Software Defined Networks." Journal of Computer Security 29, no. 3 (2021): 341–58. http://dx.doi.org/10.3233/jcs-200094.
Full textAbstract:
The scale of Software Defined Networks (SDN) is expanding rapidly and the demands for security reinforcement are increasing. SDN creates new targets for potential security threats such as the SDN controller and networking devices in the data plane. Violation of data plane integrity might lead to abnormal behaviors of the overall network. In this paper, we propose a new security approach for OpenFlow-based SDN in order to detect violation of switches flow tables integrity and successfully locate the compromised switches online. We cover all aspects of integrity violation including flow rule adding, modifying and removing by an unauthorized entity. We achieve this by using the cookie field in the OpenFlow protocol to put in a suitable digest (hash) value for each flow entry. Moreover, we optimize our method performance by calculating a global digest value for the entire switch’s flow table that decides whether a switch is suspected of being compromised. Our method is also able to determine and handle false alarms that affect the coherence of a corresponding table digest. The implementation is a reactive java module integrated with the Floodlight controller. In addition, we introduce a performance evaluation for three different SDN topologies.
31
Aly, Wael Hosny Fouad, Hassan Kanj, Nour Mostafa, and Samer Alabed. "Feedback ARMA Models versus Bayesian Models towards Securing OpenFlow Controllers for SDNs." Electronics 11, no. 9 (2022): 1513. http://dx.doi.org/10.3390/electronics11091513.
Full textAbstract:
In software-defined networking (SDN), the control layers are moved away from the forwarding switching layers. SDN gives more programmability and flexibility to the controllers. OpenFlow is a protocol that gives access to the forwarding plane of a network switch or router over the SDN network. OpenFlow uses a centralized control of network switches and routers in and SDN environment. Security is of major importance for SDN deployment. Transport layer security (TLS) is used to implement security for OpenFlow. This paper proposed a new technique to improve the security of the OpenFlow controller through modifying the TLS implementation. The proposed model is referred to as the secured feedback model using autoregressive moving average (ARMA) for SDN networks (SFBARMASDN). SFBARMASDN depended on computing the feedback for incoming packets based on ARMA models. Filtering techniques based on ARMA techniques were used to filter the packets and detect malicious packets that needed to be dropped. SFBARMASDN was compared to two reference models. One reference model was Bayesian-based and the other reference model was the standard OpenFlow.
32
N G, Sreejesh. "DDoSMitigator: An On-The-Fly Method of Mitigating Denial of Service Attack in Software Defined Networking." International Journal for Research in Applied Science and Engineering Technology, no. 12 (December 31, 2022): 404–20. http://dx.doi.org/10.22214/ijraset.2022.47885.
Full textAbstract:
Abstract: Started in the early 2000s, the Software Defined Networking (SDN) paradigm has become the backbone for various network based technologies. It has the advantage of being simple to manage and easy to add new features to the network. In comparison to legacy hardware-based networks, scalability, performance, and maintainability become more advanced. However, hackers are more likely to target the SDN, putting the entire network at risk. Denial of Service is a common example of such a threat. It is feasible to reduce such attacks by carefully planning and building the SDN controller as well as the network applications that administer the SDN. This paper presents a novel and efficient method applicable to various types of protocol based Distributed Denial of Service (DDoS) attacks in SDN/OpenFlow networks. It can be used to detect and mitigate Transmission Control Protocol (TCP) SYN attacks, Internet Control Message Protocol (ICMP) ping flood attacks and User Datagram Protocol (UDP) flood attacks that happen against the SDN devices and/or any host. This feature stands above the controller and conforms to the OpenFlow policy without leveraging additional devices. All the detection and mitigation are done based on a True Host list which is created by tracking the Address Resolution Protocol (ARP) requests and replies from hosts. As ARP protocol is necessarily used by all hosts, this method can be effectively utilised for true host list creation and further attack detection and mitigation
33
Li, Jishuai, Tengfei Tu, Yongsheng Li, Sujuan Qin, Yijie Shi, and Qiaoyan Wen. "DoSGuard: Mitigating Denial-of-Service Attacks in Software-Defined Networks." Sensors 22, no. 3 (2022): 1061. http://dx.doi.org/10.3390/s22031061.
Full textAbstract:
Software-defined networking (SDN) is a new networking paradigm that realizes the fast management and optimal configuration of network resources by decoupling control logic and forwarding functions. However, centralized network architecture brings new security problems, and denial-of-service (DoS) attacks are among the most critical threats. Due to the lack of an effective message-verification mechanism in SDN, attackers can easily launch a DoS attack by faking the source address information. This paper presents DoSGuard, an efficient and protocol-independent defense framework for SDN networks to detect and mitigate such attacks. DoSGuard is a lightweight extension module on SDN controllers that mainly consists of three key components: a monitor, a detector, and a mitigator. The monitor maintains the information between the switches and the hosts for anomaly detection. The detector utilizes OpenFlow message and flow features to detect the attack. The mitigator protects networks by filtering malicious packets. We implement a prototype of DoSGuard in the floodlight controller and evaluate its effectiveness in a simulation environment. Experimental results show the DoSGuard achieves 98.72% detecion precision, and the average CPU utilization of the controller is only around 8%. The results demonstrate that DoSGuard can effectively mitigate DoS attacks against SDN with limited overhead.
34
Phatak, Ashutosh, K. Vijayan, Ruturaj Kadikar, and B. Amutha. "Advanced firewall mechanism with OpenFlow in SDN." International Journal of Engineering & Technology 7, no. 2.24 (2018): 74. http://dx.doi.org/10.14419/ijet.v7i2.24.12002.
Full textAbstract:
In recent years, penetration of Internet in the world is significantly increased due to technologies that enabled high speed broadband services, social networking and cloud based services. There is considerable increase in the number of users getting connected and hence large amount of user’s vital data are flowing over Internet attracting serious threats and possible attacks from malicious users. To secure this free-flowing data, many security solutions have been presented, validated and implemented. But the majority of them are implemented with traditional networking techniques which itself is complex and hard to manage. This techniques primarily relies on manual configuration of devices which often results in policy conflicts that compromises network’s security. This problem is addressed by Software Defined Networking, which breaks vertical integration by separating the control logic and data forwarding functionality, allowing flexible network architecture, network-wide visibility, simpler network management, etc. OpenFlow is the open standard that enables secure communication between controlling devices and data forwarding devices. In this paper, we propose and validate an approach to implement network-wide firewall in SDN by exploiting capabilities of OpenFlow standard to restrict flow of malicious and suspicious traffic flow in the network.
35
Mensah, Joseph Kofi, Joseph Ahor Abandoh-Sam, Henry Amankwah, and Emmanuel Tchouchu. "The Relevance of Development and Deployment of Software Defined Networking Solutions for a University Network." Indian Journal of Data Communication and Networking 4, no. 2 (2024): 5–12. http://dx.doi.org/10.54105/ijdcn.c5034.04020224.
Full textAbstract:
The rapid advancement of technology in today's world necessitates the development and deployment of robust and efficient networking architectures. This paper focuses on the relevant of creation and implementation of software defined networking (SDN) solutions for a university network, which offer improved network reachability and ease of navigation for network technicians. Utilizing the Ubuntu server command line interface within a virtual platform, all software defined networking components were seamlessly installed using a secure file transfer protocol client. To evaluate the effectiveness of the implemented SDN, Mininet was employed to supply OpenFlow switches within the software defined networking environment. This allowed for the integration of commands into a controller for thorough testing and assessment. The main parameters used in this paper are hosts, switches and a controller as the focus is on a single controller network. Because software defined networking centralizes and optimizes computer networks and removes irrelevant packets and frequent assaults for quick network performance, it makes networking intelligent and has several advantages over traditional networks. The successful implementation of software defined networking, as demonstrated in this paper, ensures that network technicians can swiftly identify and address challenges within computer networks of universities. This not only simplifies their tasks but also contributes to the overall efficiency and reliability of the network infrastructure.
36
Hamidi, Eki Ahmad Zaki, Nanang Ismail, and Rizka Jalaludin. "Prototipe Layanan Video on Demand (VoD) Pada Jaringan OpenFlow." Teknika 7, no. 1 (2018): 21–27. http://dx.doi.org/10.34148/teknika.v7i1.70.
Full textAbstract:
Sistem distribusi Video on Demand (VoD) saat ini umumnya masih menggunakan sistem transmisi konvensional. Perkembangan jaringan yang makin kompleks menuntut manajemen yang semakin handal. Software-Defined Networking (SDN) hadir untuk mengatasi kompleksitas sistem dengan memisahkan control plane dan data plane. Salah satu protokol SDN adalah OpenFlow. Makalah ini membahas tentang simulasi layanan VoD melalui jaringan OpenFlow. Realisasi OpenFlow menggunakan OpenvSwitch. Sistem disimulasikan dengan 1 PC server, 1 PC untuk switch dengan OpenvSwitch, dan 3 PC client. Hasil simulasi menunjukan QoS VoD melalui jaringan OpenFlow sudah memenuhi standar ITU-T G.1010 dengan delay sebesar 3,31 ms, jitter sebesar 0 ms, packet loss sebesar 0%, dan throughput sebesar 2,71 Mbit/s. Penilaian Mean Opinion Score (MOS) juga sudah memenuhi standar ITU-T P.800 dengan nilai 3417,06 dan termasuk kategori baik.
37
Hussien, Mutaz Hamed, and Mohamed Khalafalla Hassan. "Effect of Conflicting Flows on TCP and UDP Data Transfer Rates in OpenFlow Switch for Software-Defined Networks (SDN)." WSEAS TRANSACTIONS ON COMPUTERS 22 (December 31, 2023): 311–15. http://dx.doi.org/10.37394/23205.2023.22.35.
Full textAbstract:
Software-defined networking (SDN) is a framework that enhances scalability and agility in network simplicity and control. It is characterized by logical centralization, improving control, and data planes. Nevertheless, additional investigation is needed to fully understand the influence of flow conflict on the transfer rate variable. The present research aims to analyze the impact of flow conflict on the efficacy of the two protocols, the transmission control protocol (TCP) and the user datagram protocol (UDP), respectively, by utilizing throughput as a measure of efficiency. The measurements are verified through SDN OpenFlow networking modeling using MININET. The findings reveal a significant average alteration in transfer rate for TCP and UDP when SDN conflict rules are present, ultimately impacting network and operational efficiency.
38
Zhu, Xianwei, ChaoWen Chang, Qin Xi, and ZhiBin Zuo. "Attribute-Guard: Attribute-Based Flow Access Control Framework in Software-Defined Networking." Security and Communication Networks 2020 (January 10, 2020): 1–18. http://dx.doi.org/10.1155/2020/6302739.
Full textAbstract:
Software-defined networking (SDN) decouples the control plane from the data plane, offering flexible network configuration and management. Because of this architecture, some security features are missing. On the one hand, because the data plane only has the packet forwarding function, it is impossible to effectively authenticate the data validity. On the other hand, OpenFlow can only match based on network characteristics, and it is impossible to achieve fine-grained access control. In this paper, we aim to develop solutions to guarantee the validity of flow in SDN and present Attribute-Guard, a fine-grained access control and authentication scheme for flow in SDN. We design an attribute-based flow authentication protocol to verify the legitimacy of the validity flow. The attribute identifier is used as a matching field to define a forwarding control. The flow matching based on the attribute identifier and the flow authentication protocol jointly implement fine-grained access control. We conduct theoretical analysis and simulation-based evaluation of Attribute-Guard. The results show that Attribute-Guard can efficiently identify and reject fake flow.
39
Al Hayajneh, Abdullah, Md Zakirul Alam Bhuiyan, and Ian McAndrew. "Improving Internet of Things (IoT) Security with Software-Defined Networking (SDN)." Computers 9, no. 1 (2020): 8. http://dx.doi.org/10.3390/computers9010008.
Full textAbstract:
There has been an increase in the usage of Internet of Things (IoT), which has recently become a rising area of interest as it is being extensively used for numerous applications and devices such as wireless sensors, medical devices, sensitive home sensors, and other related IoT devices. Due to the demand to rapidly release new IoT products in the market, security aspects are often overlooked as it takes time to investigate all the possible vulnerabilities. Since IoT devices are internet-based and include sensitive and confidential information, security concerns have been raised and several researchers are exploring methods to improve the security among these types of devices. Software defined networking (SDN) is a promising computer network technology which introduces a central program named ‘SDN Controller’ that allows overall control of the network. Hence, using SDN is an obvious solution to improve IoT networking performance and overcome shortcomings that currently exist. In this paper, we (i) present a system model to effectively use SDN with IoT networks; (ii) present a solution for mitigating man-in-the-middle attacks against IoT that can only use HTTP, which is a critical attack that is hard to defend; and (iii) implement the proposed system model using Raspberry Pi, Kodi Media Center, and Openflow Protocol. Our system implementation and evaluations show that the proposed technique is more resilient to cyber-attacks.
40
Blial, Othmane, Mouad Ben Mamoun, and Redouane Benaini. "An Overview on SDN Architectures with Multiple Controllers." Journal of Computer Networks and Communications 2016 (2016): 1–8. http://dx.doi.org/10.1155/2016/9396525.
Full textAbstract:
Software-defined networking offers several benefits for networking by separating the control plane from the data plane. However, networks’ scalability, reliability, and availability remain as a big issue. Accordingly, multicontroller architectures are important for SDN-enabled networks. This paper gives a comprehensive overview of SDN multicontroller architectures. It presents SDN and its main instantiation OpenFlow. Then, it explains in detail the differences between multiple types of multicontroller architectures, like the distribution method and the communication system. Furthermore, it provides already implemented and under research examples of multicontroller architectures by describing their design, their communication process, and their performance results.
41
Geske, John, and Peter Stanchev. "The Future of the Next-Generation Internet and Possible Applications into Education and Culture Heritage." Digital Presentation and Preservation of Cultural and Scientific Heritage 3 (September 30, 2013): 17–24. http://dx.doi.org/10.55630/dipp.2013.3.1.
Full textAbstract:
There are several initiatives such as: US Ignite, Software Defined Networking (SDN), OpenFlow, Global Environment for Network Innovation (GENI), WiMAX and Internet 2 dealing with the future of the internet. The goal of the paper is to understand the goals, intricacies, and nuances of some of these techniques and show some of the possibilities of next-generation high-speed networking and their applications into education and culture heritage.
42
Vega Guallpa, Alex Javier, Danny Patricio Andrade Cárdenas, and Luis Fernando Pinos Castillo. "Análisis comparativo de infraestructuras de redes SDN (Software Defined Networking) y redes tradicionales IP." Pro Sciences: Revista de Producción, Ciencias e Investigación 6, no. 43 (2022): 71–82. http://dx.doi.org/10.29018/issn.2588-1000vol6iss43.2022pp71-82.
Full textAbstract:
El presente articulo presenta un análisis comparativo de infraestructura de redes SDN y redes tradicionales IP, con el fin de simular estas redes y determinar las ventajas y costos de rendimiento de lasredes. Los objetivos planteados en el presente estudio fueron a). Realizar un estudio teórico sobre la arquitectura de las redes SDN, herramientas de manejo, protocolos y controladores, b). Diseñar un ambiente de pruebas de las redes de un ISP básico y red SDN, c). Evaluar el funcionamiento de las redes propuestas a t ravés de las configuraciones que permitan la conexión entre los equipos. Para lo cual se utilizó un enfoque cualitativo, en donde se describen las características de los equipos de las redes entre las cuales consiste de un Routerboard de MiKrotiK, computadoras, OpenFlow, Wimbox, máquinas virtuales, mismas que están interconectadas y se configuran para proveer el servicio de internet. Como resultados se muestra los parámetros de ejecución, infraestructura, reutilización, virtualización, reglas aplicadas a las redes ISP básica y red SDN. Finalmente se discutirá sobre los resultados obtenidos y las conclusiones en base a los objetivos planteados.
43
Dasari, Venkat R., and Travis S. Humble. "OpenFlow arbitrated programmable network channels for managing quantum metadata." Journal of Defense Modeling and Simulation: Applications, Methodology, Technology 16, no. 1 (2016): 67–77. http://dx.doi.org/10.1177/1548512916661781.
Full textAbstract:
Quantum networks must classically exchange complex metadata between devices in order to carry out information for protocols such as teleportation, super-dense coding, and quantum key distribution. Demonstrating the integration of these new communication methods with existing network protocols, channels, and data forwarding mechanisms remains an open challenge. Software-defined networking (SDN) offers robust and flexible strategies for managing diverse network devices and uses. We adapt the principles of SDN to the deployment of quantum networks, which are composed from unique devices that operate according to the laws of quantum mechanics. We show how quantum metadata can be managed within a software-defined network using the OpenFlow protocol, and we describe how OpenFlow management of classical optical channels is compatible with emerging quantum communication protocols. We next give an example specification of the metadata needed to manage and control quantum physical layer (QPHY) behavior and we extend the OpenFlow interface to accommodate this quantum metadata. We conclude by discussing near-term experimental efforts that can realize SDN’s principles for quantum communication.
44
Adnan, Muhammad, Jehad Ali, Manel Ayadi, Hela Elmannai, Latifa Almuqren, and Rashid Amin. "Leveraging Software-Defined Networking for a QoS-Aware Mobility Architecture for Named Data Networking." Electronics 12, no. 8 (2023): 1914. http://dx.doi.org/10.3390/electronics12081914.
Full textAbstract:
The internet’s future architecture, known as Named Data Networking (NDN), is a creative way to offer content-based services. NDN is more appropriate for content distribution because of its special characteristics, such as naming conventions for packets and methods for in-network caching. Mobility is one of the main study areas for this innovative internet architecture. The software-defined networking (SDN) method, which is employed to provide mobility management in NDN, is one of the feasible strategies. Decoupling the network control plane from the data plane creates an improved programmable platform and makes it possible for outside applications to specify how a network behaves. The SDN is a straightforward and scalable network due to its key characteristics, including programmability, flexibility, and decentralized control. To address the problem of consumer mobility, we proposed an efficient SDPCACM (software-defined proactive caching architecture for consumer mobility) in NDN that extends the SDN model to allow mobility control for the NDN architecture (NDNA), through which the MC (mobile consumer) receives the data proactively after handover while the MC is moving. When an MC is watching a real-time video in a state of mobility and changing their position from one attachment point to another, the controllers in the SDN preserve the network layout and topology as well as link metrics to transfer updated routes with the occurrence of the handoff or handover scenario, and through the proactive caching mechanism, the previous access router proactively sends the desired packets to the new connected routers. Furthermore, the intra-domain and inter-domain handover processing situations in the SDPCACM for NDNA are described here in detail. Moreover, we conduct a simulation of the proposed SDPCACM for NDN that offers an illustrative methodology and parameter configuration for virtual machines (VMs), OpenFlow switches, and an ODL controller. The simulation result demonstrates that the proposed scheme has significant improvements in terms of CPU usage, reduced delay time, jitter, throughput, and packet loss ratio.
45
Abdulkadhim, Mustafa, Noor Qusay Abdulmuhsen, and Aymen M. Al-Kadhimi. "Design and simulation of a software defined networking-enabled smart switch for internet of things-based smart grid." Indonesian Journal of Electrical Engineering and Computer Science 25, no. 2 (2022): 780. http://dx.doi.org/10.11591/ijeecs.v25.i2.pp780-787.
Full textAbstract:
Using sustainable energy is the future of our planet earth, this became not only economically efficient but also a necessity for the preservation of life on earth. Because of such necessity, smart grids became a very important issue to be researched. Many literatures discussed this topic and with the development of internet of things (IoT) and smart sensors, smart grids are developed even further. On the other hand, software defined networking is a technology that separates the cntrol plane from the data plan of the network. It centralizes the management and the orchestration of the network tasks by using a network controller. The network controller is the heart of the SDN-enabled network, and it can control other networking devices using software defined networking (SDN) protocols such as OpenFlow. A smart switching mechanism called (SDN-smgrid-sw) for the smart grid will be modeled and controlled using SDN. We modeled the environment that interact with the sensors, for the sun and the wind elements. The Algorithm is modeled and programmed for smart efficient power sharing that is managed centrally and monitored using SDN controller. Also, all if the smart grid elements (power sources) are connected to the IP network using IoT protocols.
46
Isyaku, Babangida, Mohd Soperi Mohd Zahid, Maznah Bte Kamat, Kamalrulnizam Abu Bakar, and Fuad A. Ghaleb. "Software Defined Networking Flow Table Management of OpenFlow Switches Performance and Security Challenges: A Survey." Future Internet 12, no. 9 (2020): 147. http://dx.doi.org/10.3390/fi12090147.
Full textAbstract:
Software defined networking (SDN) is an emerging network paradigm that decouples the control plane from the data plane. The data plane is composed of forwarding elements called switches and the control plane is composed of controllers. SDN is gaining popularity from industry and academics due to its advantages such as centralized, flexible, and programmable network management. The increasing number of traffics due to the proliferation of the Internet of Thing (IoT) devices may result in two problems: (1) increased processing load of the controller, and (2) insufficient space in the switches’ flow table to accommodate the flow entries. These problems may cause undesired network behavior and unstable network performance, especially in large-scale networks. Many solutions have been proposed to improve the management of the flow table, reducing controller processing load, and mitigating security threats and vulnerabilities on the controllers and switches. This paper provides comprehensive surveys of existing schemes to ensure SDN meets the quality of service (QoS) demands of various applications and cloud services. Finally, potential future research directions are identified and discussed such as management of flow table using machine learning.
47
Li, Jishuai, Sujuan Qin, Tengfei Tu, Hua Zhang, and Yongsheng Li. "Packet Injection Exploiting Attack and Mitigation in Software-Defined Networks." Applied Sciences 12, no. 3 (2022): 1103. http://dx.doi.org/10.3390/app12031103.
Full textAbstract:
Software-defined networking (SDN) decouples the control plane and data plane through OpenFlow technology and allows flexible network control. It has been widely applied in different areas and has become a focus of attention in the future network. With SDN’s development, its security problem has become a necessary point of research to be solved urgently. In this paper, we propose a novel attack, namely, the packet injection exploiting attack. By maliciously injecting false hosts into SDN network topology, attackers can further use them to launch a denial of service (DoS) attack. The consequences affect the throughput and processing capabilities of the controller, severely consume data plane resources, and ultimately affect the entire network. To prevent the packet-injection exploiting attack, we designed PIEDefender, an efficient, protocol-independent component built on SDN controllers to detect and mitigate attacks effectively. We implement the PIEDefender prototype on the Floodlight controller and assess the effectiveness in the software environment. Experimental results show that PIEDefender achieves a 97.8% injection detection precision and a 97.96% DoS detection precision, incurring an average CPU consumption of 10%. The evaluation demonstrates that the PIEDefender can effectively mitigate the attack against SDN with limited overhead.
48
Abubakar Ibrahim, Adamu, and Mohamud Abdulkadir Ahmed. "Examining the Performance of Software Defined Virtual Local Area Network." International Journal of Innovative Computing 12, no. 2 (2022): 25–30. http://dx.doi.org/10.11113/ijic.v12n2.373.
Full textAbstract:
For more than three decades, the Virtual Local Area Network (VLAN) has been one of the most popular systems virtualization groups of users on both local and corporate networks. Because of the advantages that VLAN provides, network managers and operators have continued to use it in the creation of their networks and have even extended its use to include cloud computing networking. Previous research studies have established a lot of issues associated with VLAN architecture. Typically, it was revealed that it is difficult to set up a complex VLAN, and even it is successful, it leads to computational time-consuming, and prone to error to process majority of complex VLAN. Considering this, the current research examines the performance of “Software Defined- VLAN”. This is because Software-Defined Network (SDN) is a viable alternative network architecture that allows the separation of information and control functions on devices. It appears to be a promising optimized option VLAN administration. The SDN-enabled VLAN testbed was set out and implemented using OpenFlow. SDN-Enabled VLAN and a conventional VLAN. The finding revealed that SDN-enabled VLAN offers higher network performance, lower packet transfer delay, and a more efficient configuration.
49
Djohar, Fahrizal, Eueung Mulyana, Suciana Suciana, Andi Muhammad Ilyas, Muhammad Natsir Rahman, and Achmad Prajudin Sardju. "Performance Visualization of Southbound Interface in Software Defined Networking." International Journal Of Electrical Engineering And Intelligent Computing 1, no. 1 (2023): 40–47. http://dx.doi.org/10.33387/ijeeic.v1i1.6926.
Full textAbstract:
Software Defined Networking (SDN) makes Internet network configuration easier by separating the control plane and data plane. The control plane on the controller has information on network devices in the data plane and centrally control these devices. One of the controllers in SDN being developed is the Open Network Operating System (ONOS). ONOS provides interfaces such as Representational State Transfer (REST) Application Programming Interface (API). The ONOS core REST API provides some information from the network connected to it, such as devices, statistics, and the information in JSON file. The primary objective of this study is to develop an interface that simplifies performance monitoring through graphical representation. This involves testing the visualization with various topologies and conducting a comparative analysis of the visualization results across these topologies. The creation of the interface entails presenting statistical data, available in the form of a JSON file from the ONOS controller via the REST API, on the web interface in graphical format. The resulting visualization generates a graph that aligns with the performance characteristics of each topology, reflecting device details, ports, and additional parameters such as the count of sent and received packets, as well as sent and received bytes. The performance visualization outcomes specific to each topology are consistent with the number of connections and are prominently displayed on the web interface. Additionally, this research evaluates network throughput and bandwidth by sending ICMP packet and iperf tests across each topology. Among all the openflow tests performed on various network topologies, it was observed that the tree topology exhibited the lowest network capacity utilization, followed by the leaf-spine topology, and finally the ring topology.
50
Miano, Sebastiano, and Fulvio Risso. "Transforming a Traditional Home Gateway into a Hardware-accelerated SDN Switch." International Journal of Electrical and Computer Engineering (IJECE) 10, no. 3 (2020): 2668. http://dx.doi.org/10.11591/ijece.v10i3.pp2668-2681.
Full textAbstract:
<p>Nowadays, traditional home gateways must support increasingly complex applications while keeping their cost reasonably low.<br />Software Defined Networking (SDN) would simplify the management of those devices, but such an approach is typically reserved for new hardware devices, specifically engineered for this paradigm.<br />As a consequence, typical SDN-based home gateway performs the switching in software, resulting in non-negligible performance degradation.<br />In this paper, we provide our experience and findings of adding the OpenFlow support into a non-OpenFlow compatible home gateway, exploiting the possible hardware speedup available in the existing platform.<br />We present our solution that transparently offloads a portion of the OpenFlow rule into the hardware, while keeping the remaining ones in software, being able to support the presence of multiple hardware tables with a different set of features.<br />Moreover, we illustrate the design choices used to implement the functionalities required by the OpenFlow protocol (e.g., packet-in, packet-out messages) and finally, we evaluate the resulting architecture, showing the significant advantage in terms of performance that can be achieved by exploiting the underlying hardware, while maintaining an SDN-type ability to program and to instantiate desired network operations from a central controller.</p>