• Title/Summary/Keyword: SDN(Software-defined Networking)

Search Result 145, Processing Time 0.023 seconds

Understanding the Drivers for Migration to Innovation Ecosystem : The Influence of Standard on the Evolutionary Change of Capability Distribution and Transaction Costs (혁신 생태계 변화의 동인에 대한 이론과 사례 연구 : 표준이 역량분포와 거래비용의 진화적 변화에 미치는 영향 분석을 중심으로)

  • Kim, Min-Sik;Kim, Eonsoo
    • Journal of Information Technology Services
    • /
    • v.12 no.3
    • /
    • pp.1-21
    • /
    • 2013
  • This study attempts to explain the mechanism behind the migration from vertically integrated value chain architecture to an innovation ecosystem consisting of horizontally separated layers in value chain. We first present a comprehensive framework based on the theoretical analysis of the drivers for migration to an innovation ecosystem, which are standard (institution), capability distribution, and transaction costs. The theoretical framework suggests that the migration to an innovation ecosystem is explained by the influence of standard on the evolutionary change of capability distribution and transaction costs. In particular, when the new de-jure standard competes with the de-facto standard, the new de-jure standard has the greatest impact on the distribution capabilities and the transaction costs. Based on this theoretical framework, we analyze the latest SDN (Software Defined Networking) case of the network industry. SDN standard has transformed the industry from a vertically integrated value chain architecture to a horizontally separated one with its influence on the distribution capabilities and the transaction costs in the industry.

Novel VNFI Security Management Function Block For Improved Security Framework For SDN/NFV Networks

  • Alruwaili, Rahaf Hamoud;Alanazi, Haifa Khaled;Hendaoui, Saloua
    • International Journal of Computer Science & Network Security
    • /
    • v.22 no.10
    • /
    • pp.303-309
    • /
    • 2022
  • Software Defined Networking (SDN) is a novel approach that have accelerated the development of numerous technologies such as policy-based access control, network virtualization, and others. It allows to boost network architectural flexibility and expedite the return on investment. However, this increases the system's complexity, necessitating the expenditure of dollars to assure the system's security. Network Function Virtualization (NFV) opens up new possibilities for network engineers, but it also raises security concerns. A number of Internet service providers and network equipment manufacturers are grappling with the difficulty of developing and characterizing NFVs and related technologies. Through Moodle's efforts to maintain security, this paper presents a detailed review of security-related challenges in software-defined networks and network virtualization services.

An SDN-based Bandwidth Control Scheme considering Traffic Variation in the Virtualized WLAN Environment (가상화된 WLAN 환경에서 트래픽 변화를 고려한 SDN 기반 대역폭 제어 기법)

  • Moon, Jaewon;Chung, Sanghwa
    • Journal of KIISE
    • /
    • v.43 no.11
    • /
    • pp.1223-1232
    • /
    • 2016
  • A virtual network technology can provide a network reflecting the requirements of various services. The virtual network can distribute resources of the physical network to each virtual slice. An efficient resource distribution technique is needed to reflect the requirements of various services. Existing bandwidth distribution techniques can only control downlink traffic without taking traffic conditions on the network into account. Downlink and uplink share the same resources in a wireless network. The existing bandwidth distribution techniques assumed that all stations generate saturated traffic. Therefore, the existing bandwidth distribution technique cannot make traffic isolation in a virtual wireless network. In this paper, we proposed a traffic-based bandwidth control techniques to solve these problems. We applied Software-Defined Networking(SDN) to the virtual wireless network, monitored the traffic at each station, and searched for stations that generated unsaturated traffic. We also controlled both uplink and downlink traffics dynamically based on monitoring information. Our system can be implemented with legasy 802.11 clients and SDN-enabled APs. After the actual test bed configuration, it was compared to existing techniques. As a result, the distribution performance of the proposed technique was improved by 14% in maximum.

Load Aware Automatic Channel Switching for Software-Defined Enterprise WLANs

  • Han, Yunong;Yang, Kun
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.11 no.11
    • /
    • pp.5223-5242
    • /
    • 2017
  • In the last decade, the 2.4 GHz band of IEEE 802.11 WLANs has become heavily congested due to the explosive increase in demand of Wi-Fi connectivity. With the current deployment of enterprise WLANs, channel switching mechanism continues to exhibit inefficiencies because it cannot adapt to real-time channel condition and the inability to support seamless channel switching. Software Defined Networking (SDN) as an emerging architecture is promising to introduce flexibility and programmability for wireless network management. Leveraging SDN to existing enterprise WLANs, channel switching method can be improved significantly. This paper presents a software-defined enterprise WLAN framework with a load aware automatic channel switching solution, which utilizes AP load and channel interference factor (CIF) to provide seamless channel switching. Two automatic channel switching algorithms named Single Switch (SS) and Double Switch (DS) are proposed to improve the overall user experience and the experience of users with highest traffic load respectively. Experiment results demonstrate that our solution can efficiently improve user experience in terms of jitter, transmission delay and network throughout when compared to the conventional channel switching mechanism.

A D2D communication architecture under full control using SDN

  • Ngo, Thanh-Hai;Kim, Younghan
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.10 no.8
    • /
    • pp.3435-3454
    • /
    • 2016
  • Device-to-device (D2D) communication is a potential solution to the incessant increase in data traffic on cellular networks. The greatest problem is how to control the interference between D2D users and cellular mobile users, and between D2D users themselves. This paper proposes a solution for this issue by putting the full control privilege in cellular network using the software-defined networking (SDN) concept. A software virtual switch called Open vSwitch and several components are integrated into mobile devices for data forwarding and radio resource mapping, whereas the control functions are executed in the cellular network via a SDN controller. This allows the network to assign radio resources for D2D communication directly, thus reducing interference. This solution also brings out many benefits, including resource efficiency, energy saving, topology flexibility, etc. The advantages and disadvantages of this architecture are analyzed by both a mathematical method and a simple implementation. The result shows that implementation of this solution in the next generation of cellular networks is feasible.

Controller Backup and Replication for Reliable Multi-domain SDN

  • Mao, Junli;Chen, Lishui;Li, Jiacong;Ge, Yi
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.14 no.12
    • /
    • pp.4725-4747
    • /
    • 2020
  • Software defined networking (SDN) is considered to be one of the most promising paradigms in the future. To solve the scalability and performance problem that a single and centralized controller suffers from, the distributed multi-controller architecture is adopted, thus forms multi-domain SDN. In a multi-domain SDN network, it is of great importance to ensure a reliable control plane. In this paper, we focus on the reliability problem of multi-domain SDN against controller failure from perspectives of backup controller deployment and controller replication. We firstly propose a placement algorithm for backup controllers, which considers both the reliability and the cost factors. Then a controller replication mechanism based on shared data storage is proposed to solve the inconsistency between the active and standby controllers. We also propose a shared data storage layout method that considers both reliability and performance. Besides, a fault recovery and repair process is designed based on the controller backup and shared data storage mechanism. Simulations show that our approach can recover and repair controller failure. Evaluation results also show that the proposed backup controller placement approach is more effective than other methods.

Blocking Intelligent Dos Attack with SDN (SDN과 허니팟 기반 동적 파라미터 조절을 통한 지능적 서비스 거부 공격 차단)

  • Yun, Junhyeok;Mun, Sungsik;Kim, Mihui
    • KIPS Transactions on Computer and Communication Systems
    • /
    • v.11 no.1
    • /
    • pp.23-34
    • /
    • 2022
  • With the development of network technology, the application area has also been diversified, and protocols for various purposes have been developed and the amount of traffic has exploded. Therefore, it is difficult for the network administrator to meet the stability and security standards of the network with the existing traditional switching and routing methods. Software Defined Networking (SDN) is a new networking paradigm proposed to solve this problem. SDN enables efficient network management by programming network operations. This has the advantage that network administrators can flexibly respond to various types of attacks. In this paper, we design a threat level management module, an attack detection module, a packet statistics module, and a flow rule generator that collects attack information through the controller and switch, which are components of SDN, and detects attacks based on these attributes of SDN. It proposes a method to block denial of service attacks (DoS) of advanced attackers by programming and applying honeypot. In the proposed system, the attack packet can be quickly delivered to the honeypot according to the modifiable flow rule, and the honeypot that received the attack packets analyzed the intelligent attack pattern based on this. According to the analysis results, the attack detection module and the threat level management module are adjusted to respond to intelligent attacks. The performance and feasibility of the proposed system was shown by actually implementing the proposed system, performing intelligent attacks with various attack patterns and attack levels, and checking the attack detection rate compared to the existing system.

Match Field based Algorithm Selection Approach in Hybrid SDN and PCE Based Optical Networks

  • Selvaraj, P.;Nagarajan, V.
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.12 no.12
    • /
    • pp.5723-5743
    • /
    • 2018
  • The evolving internet-based services demand high-speed data transmission in conjunction with scalability. The next generation optical network has to exploit artificial intelligence and cognitive techniques to cope with the emerging requirements. This work proposes a novel way to solve the dynamic provisioning problem in optical network. The provisioning in optical network involves the computation of routes and the reservation of wavelenghs (Routing and Wavelength assignment-RWA). This is an extensively studied multi-objective optimization problem and its complexity is known to be NP-Complete. As the exact algorithms incurs more running time, the heuristic based approaches have been widely preferred to solve this problem. Recently the software-defined networking has impacted the way the optical pipes are configured and monitored. This work proposes the dynamic selection of path computation algorithms in response to the changing service requirements and network scenarios. A software-defined controller mechanism with a novel packet matching feature was proposed to dynamically match the traffic demands with the appropriate algorithm. A software-defined controller with Path Computation Element-PCE was created in the ONOS tool. A simulation study was performed with the case study of dynamic path establishment in ONOS-Open Network Operating System based software defined controller environment. A java based NOX controller was configured with a parent path computation element. The child path computation elements were configured with different path computation algorithms under the control of the parent path computation element. The use case of dynamic bulk path creation was considered. The algorithm selection method is compared with the existing single algorithm based method and the results are analyzed.

A Study of Intrusion Detection Scheme based on Software-Defined Networking in Wireless Sensor Networks (무선 센서 네트워크에서 소프트웨어 정의 네트워킹 기법을 사용한 침입 탐지 기법에 대한 연구)

  • Kang, Yong-Hyeog;Kim, Moon Jeong;Han, Moonseog
    • Journal of the Korea Convergence Society
    • /
    • v.8 no.8
    • /
    • pp.51-57
    • /
    • 2017
  • A wireless sensor network is composed of many resource constrained sensor nodes. These networks are attacked by malicious attacks like DDoS and routing attacks. In this paper, we propose the intrusion detection and prevention system using convergence of software-defined networking and security technology in wireless sensor networks. Our proposed scheme detects various intrusions in a central server by accumulating log messages of OpenFlow switch through SDN controller and prevents the intrusions by configuring OpenFlow switch. In order to validate our proposed scheme, we show it can detect and prevent some malicious attacks in wireless sensor networks.

UDP Flow Entry Management for Software-Defined Networking (사용자 정의 네트워크를 위한 사용자 데이터그램 프로토콜 플로우 엔트리 관리 기법)

  • Choi, Hanhimnara;Raza, Syed Muhammad;Kim, Moonseong;Choo, Hyunseung
    • Journal of Internet Computing and Services
    • /
    • v.22 no.2
    • /
    • pp.11-17
    • /
    • 2021
  • Software-defined networking provides a programmable and flexible way to manage the network by separating the control plane from data plane. However, the limited switch memory restricts the number of flow entries in the flow table used to forward packets. This leads to flow table overflow and flow entry reinstallation, which severely degrade the network performance. Therefore, this paper proposes a comprehensive policy for timely eviction of inactive flow entries to optimally maintain flow tables usage. In particular, statistics of user datagram protocol flow entries are periodically sampled to enable the inactive entries to be evicted early. Through traffic-based experiments, we found that the proposed system reduces the number of overflow occurrences and flow entries reinstallation compared to the random and FIFO policies.