• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.18 no.9
• /
• pp.34-41
• /
• 2017

Wireless mesh networks contain multi-hop routing protocols between wireless nodes and are connected to the Internet through a gateway. These networks perform a role as a backbone and are scalable for main applications. We propose the design of QoS supporting mechanisms for wireless mesh networks using software defined networking. Our proposed scheme is cost-effective and features adaptive QoS mechanisms for wireless router's resource constraints. The QoS mechanisms use software defined networking technology with Openflow protocol based on diffserv and intserv models with MPLS mechanism and RSVP respectively. A performance evaluation model is suggested to verify the validity of the proposed scheme using several QoSmetrics of the wireless mesh networks.

• Information and Communications Magazine
• /
• v.32 no.4
• /
• pp.3-9
• /
• 2015

무선 메쉬 네트워크는 자가 구성(Self-organizing), 자가 회복(Self-healing)등의 특징으로 인해 u-Office 환경을 구축함에 있어 핵심 기술로 여겨지고 있다. 본 논문에서는 무선 메쉬 네트워크의 기술 동향을 파악하고 또한 무선랜 라우터를 위한 비실시간 리눅스 기반의 오픈 소스 운영체제인 OpenWrt와 소프트웨어적으로 네트워크를 컨트롤하는 기술인 Openflow 를 기반으로 한 무선 메쉬 네트워크 테스트베드의 구축 사례와 실측 사례를 서술한다.

• Journal of the Korea Society of Computer and Information
• /
• v.22 no.9
• /
• pp.49-55
• /
• 2017

Despite the Openflow's switch migration occurs after the channel was established in secure manner (optional), the current cryptography protocol cannot prevent the insider attack as the attacker possesses a valid public/private key pair. There are methods such as the certificate revocation list (CRL) or the online certificate status protocol (OCSP) that tries to revoke the compromised certificate. However, these methods require a management system or server that introduce additional overhead for the communication. Furthermore, these methods are not able to mitigate power abuse of an insider. In this paper, we propose a role-based identity-based cryptography (RB-IBC) that integrate the identity of the node along with its role so the nodes within the network can easily mitigate any role abuse of the nodes. Besides that, by combining with IBC, it will eliminate the need of exchanging certificates and hence improve the performance in a secure channel.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2016.04a
• /
• pp.120-123
• /
• 2016

최근 국내 기관이나 금융권을 넘어선 사기업에 대한 정통망 법의 망분리에 대한 적용이 이슈화되고 있다. 그러나 현실적인 망분리 적용과 운영에는 비용적인 문제부터 기술적인 문제까지 다양한 어려움이 산재해있다. 이에 본 논문에서는 SDN기반의 'Openflow를 적용한 경로 기반 망분리 구축 방안'을 제안한다. OpenFlow Switch의 Flow Table의 Processing 과정인 Pipeline을 이중화시켜 Packet 통신을 경로기반의 In/External Network로 운영하는 방안이다. 이를 통해 기존 망분리 환경 대비 비용과 자원 운영의 효율성, 보안성 향상의 다각적인 효과를 기대한다.

• International Journal of Computer Science & Network Security
• /
• v.23 no.12
• /
• pp.91-100
• /
• 2023

As SDN devices and systems hit the market, security in SDN must be raised on the agenda. SDN has become an interesting area in both academics and industry. SDN promises many benefits which attract many IT managers and Leading IT companies which motivates them to switch to SDN. Over the last three decades, network attacks becoming more sophisticated and complex to detect. The goal is to study how traffic information can be extracted from an SDN controller and open virtual switches (OVS) using SDN mechanisms. The testbed environment is created using the RYU controller and Mininet. The extracted information is further used to detect these attacks efficiently using a machine learning approach. To use the Machine learning approach, a dataset is required. Currently, a public SDN based dataset is not available. In this paper, SDN based dataset is created which include legitimate and non-legitimate traffic. Classification is divided into two categories: binary and multiclass classification. Traffic has been classified with or without dimension reduction techniques like PCA and LDA. Our approach provides 98.58% of accuracy using a random forest algorithm.

• The Journal of the Convergence on Culture Technology
• /
• v.5 no.1
• /
• pp.401-407
• /
• 2019

SDN(Softeware Defined Networking) has emerged to address the rapidly growing demand for cloud computing and to support network virtualization services. Therefor many companies and organizations have taken SDN as a next-generation network technology. However, unlike the wired network where the SDN is originally designed, the SDN in the wireless network has a restriction that it can not provide the mobility of the node. In this paper, we extended existing openflow protocol of SDN and developed SDN-based network platform, which enables the SDN controller to manage the radio resources of its network and support the mobility of the nodes. The mobility support function of this paper has the advantage that a node in the network can move using its two or more wireless interfaces by using the radio resource management function of the SDN controller. In order to test the functions implemented in this paper, we measured parameters related to various transmission performance according to various mobile experiments, and compared parameters related to performance using one wireless interface and two interfaces. The SDN-based network platform proposed in this paper is expected to be able to monitor the resources of wireless networks and support the mobility of nodes in the SDN environment.

• International Journal of Internet, Broadcasting and Communication
• /
• v.12 no.3
• /
• pp.9-17
• /
• 2020

In this paper, as part of the research for the infrastructure of very high flexible and reconfigurable data center using very high speed crossbar switches, we developed a simulator that can model two and three dimensional connection structure of switches with an efficient control algorithm using software defined network and verified the functions and analyzed the performance accordingly. The simulator consists of a control module and a switch module that was coded using Python language based on the Mininet and Ryu Openflow frameworks. The control module dynamically controls the operation of switching cells using a shortest multipath algorithm to calculate efficient paths adaptively between configurable computing resources. Performance analysis by using the simulator shows that the three-dimensional switch architecture can accommodate more hosts per port and has about 1.5 times more successful 1:n connections per port with the same number of switches than the two-dimensional architecture. Also simulation results show that connection length in a 3-dimensional way is shorter than that of 2-dimensional way and the unused switch ratio in a 3-dimensional case is lower than that of 2-dimensional cases.

• Journal of the Korea Convergence Society
• /
• v.8 no.8
• /
• pp.51-57
• /
• 2017

A wireless sensor network is composed of many resource constrained sensor nodes. These networks are attacked by malicious attacks like DDoS and routing attacks. In this paper, we propose the intrusion detection and prevention system using convergence of software-defined networking and security technology in wireless sensor networks. Our proposed scheme detects various intrusions in a central server by accumulating log messages of OpenFlow switch through SDN controller and prevents the intrusions by configuring OpenFlow switch. In order to validate our proposed scheme, we show it can detect and prevent some malicious attacks in wireless sensor networks.

• KIISE Transactions on Computing Practices
• /
• v.23 no.5
• /
• pp.310-315
• /
• 2017

In a centralized control structure, the software defined network controller manages all openflow enabled switched in a data plane and controls the telecommunication between all hosts. In addition, the network manager can easily deploy the network function to the application layer with a software defined network controller. For this reason, many methods for network management using a software defined network concept have been proposed. The main policies for network management are related to traffic Quality of Service and resource management. In order to provide Quality of Service and load distribution for network users, we propose an efficient routing method using a naive bayesian algorithm and transmission delay estimation module. In this method, the forwarding path is decided by flow class and estimated transmission delay result in the software defined network controller. With this method, the load on the network node can be distributed to improve overall network performance. The network user also gets better dynamic Quality of Service.

• Journal of KIISE:Information Networking
• /
• v.41 no.4
• /
• pp.167-176
• /
• 2014

In this paper, we discuss the implementation and experimentations of a new future Internet architecture for mobile-oriented environments, named Mobile Oriented Future Internet (MOFI). The MOFI architecture is featured by the host identifier and local locator for identifier-locator separation, Query-First Data Delivery (QFDD), and Distributed Mapping System (DMS) for identifier-locator mapping control. In the existing study on MOFI, we examined the intra-domain mobility control, the implementation of MOFI over Linux platform, and the performance analysis over the small-scale testbed. In this paper, we describe how to implement the MOFI architecture for inter-domain mobility control by using the OpenFlow and Click Modular Router platform. From the experimentations over the KOREN testbed, we can see that the MOFI scheme can give better performance than the existing Proxy Mobile IP scheme.