• Title/Summary/Keyword: Software Defined Network

Search Result 388, Processing Time 0.026 seconds

Novel VNFI Security Management Function Block For Improved Security Framework For SDN/NFV Networks

  • Alruwaili, Rahaf Hamoud;Alanazi, Haifa Khaled;Hendaoui, Saloua
    • International Journal of Computer Science & Network Security
    • /
    • v.22 no.10
    • /
    • pp.303-309
    • /
    • 2022
  • Software Defined Networking (SDN) is a novel approach that have accelerated the development of numerous technologies such as policy-based access control, network virtualization, and others. It allows to boost network architectural flexibility and expedite the return on investment. However, this increases the system's complexity, necessitating the expenditure of dollars to assure the system's security. Network Function Virtualization (NFV) opens up new possibilities for network engineers, but it also raises security concerns. A number of Internet service providers and network equipment manufacturers are grappling with the difficulty of developing and characterizing NFVs and related technologies. Through Moodle's efforts to maintain security, this paper presents a detailed review of security-related challenges in software-defined networks and network virtualization services.

Trend of Software Defined Network (Software Defined Network 동향)

  • Oh, Changhyun;Kang, Jungho;Jun, Moon-Seog
    • Proceedings of the Korea Information Processing Society Conference
    • /
    • 2016.10a
    • /
    • pp.131-133
    • /
    • 2016
  • 네트워크 분야는 20년 동안 동일한 형태의 구조를 유지하고 있어 현재 필요한 트래픽 제어와 환경변화에 대한 실시간처리가 불가능 하다. 이러한 문제점을 개선하기 위해 SDN의 도입이 요구된다. 본 논문은 SDN을 정의하고 어떤 방식으로 동작하는지 설명하며 SDN기술에 대한 벤더들의 동향을 알아보았다.

Policy-based In-Network Security Management using P4 Network DataPlane Programmability (P4 프로그래머블 네트워크를 통한 정책 기반 인-네트워크 보안 관리 방법)

  • Cho, Buseung
    • Convergence Security Journal
    • /
    • v.20 no.5
    • /
    • pp.3-10
    • /
    • 2020
  • Recently, the Internet and networks are regarded as essential infrastructures that constitute society, and security threats have been constantly increased. However, the network switch that actually transmits packets in the network can cope with security threats only through firewall or network access control based on fixed rules, so the effective defense for the security threats is extremely limited in the network itself and not actively responding as well. In this paper, we propose an in-network security framework using the high-level data plane programming language, P4 (Programming Protocol-independent Packet Processor), to deal with DDoS attacks and IP spoofing attacks at the network level by monitoring all flows in the network in real time and processing specific security attack packets at the P4 switch. In addition, by allowing the P4 switch to apply the network user's or administrator's policy through the SDN (Software-Defined Network) controller, various security requirements in the network application environment can be reflected.

Fast Recovery Routing Algorithm for Software Defined Network based Operationally Responsive Space Satellite Networks

  • Jiang, Lei;Feng, Jing;Shen, Ye;Xiong, Xinli
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.10 no.7
    • /
    • pp.2936-2951
    • /
    • 2016
  • An emerging satellite technology, Operationally Responsive Space (ORS) is expected to provide a fast and flexible solution for emergency response, such as target tracking, dense earth observation, communicate relaying and so on. To realize large distance transmission, we propose the use of available relay satellites as relay nodes. Accordingly, we apply software defined network (SDN) technology to ORS networks. We additionally propose a satellite network architecture refered to as the SDN-based ORS-Satellite (Sat) networking scheme (SDOS). To overcome the issures of node failures and dynamic topology changes of satellite networks, we combine centralized and distributed routing mechanisms and propose a fast recovery routing algorithm (FRA) for SDOS. In this routing method, we use centralized routing as the base mode.The distributed opportunistic routing starts when node failures or congestion occur. The performance of the proposed routing method was validated through extensive computer simulations.The results demonstrate that the method is effective in terms of resoving low end-to-end delay, jitter and packet drops.

A Novel Parallel Viterbi Decoding Scheme for NoC-Based Software-Defined Radio System

  • Wang, Jian;Li, Yubai;Li, Huan
    • ETRI Journal
    • /
    • v.35 no.5
    • /
    • pp.767-774
    • /
    • 2013
  • In this paper, a novel parallel Viterbi decoding scheme is proposed to decrease the decoding latency and power consumption for the software-defined radio (SDR) system. It implements a divide-and-conquer approach by first dividing a block into a series of subblocks, then performing independent Viterbi decoding for each subsequence, and finally merging the surviving subpaths into the final path. Moreover, a network-on-chip-based SDR platform is used to evaluate the performance of the proposed parallel Viterbi decoding scheme. The experiment results show that our scheme can speed up the Viterbi decoding process without increasing the BER, and it performs better than the current state-of-the-art methods.

New approach to dynamic load balancing in software-defined network-based data centers

  • Tugrul Cavdar;Seyma Aymaz
    • ETRI Journal
    • /
    • v.45 no.3
    • /
    • pp.433-447
    • /
    • 2023
  • Critical issues such as connection congestion, long transmission delay, and packet loss become even worse during epidemic, disaster, and so on. In this study, a link load balancing method is proposed to address these issues on the data plane, a plane of the software-defined network (SDN) architecture. These problems are NP-complete, so a meta-heuristic approach, discrete particle swarm optimization, is used with a novel hybrid cost function. The superiority of the proposed method over existing methods in the literature is that it provides link and switch load balancing simultaneously. The goal is to choose a path that minimizes the connection load between the source and destination in multipath SDNs. Furthermore, the proposed work is dynamic, so selected paths are regularly updated. Simulation results prove that with the proposed method, streams reach the target with minimum time, no loss, low power consumption, and low memory usage.

AP-SDN: Action Program enabled Software-Defined Networking Architecture

  • Zheng Zhao;Xiaoya Fan;Xin Xie;Qian Mao;Qi Zhao
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.17 no.7
    • /
    • pp.1894-1915
    • /
    • 2023
  • Software-Defined Networking (SDN) offers several advantages in dynamic routing, flexible programmable control and custom application-driven network management. However, the programmability of the data plane in traditional SDN is limited. A network operator cannot change the ability of the data plane and perform complex packet processing on the data plane, which limits the flexibility and extendibility of SDN. In the paper, AP-SDN (Action Program enabled Software-Defined Networking) architecture is proposed, which extends the action set of SDN data plane. In the proposed architecture, a modified Open vSwitch is utilized in the data plane allowing the execution of action programs at runtime, thus enabling complex packet processing. An example action program is also implemented which transparently encrypts traffic for terminals. At last, a prototype system of AP-SDN is developed and experiments show its effectiveness and performance.

Intelligent Massive Traffic Handling Scheme in 5G Bottleneck Backhaul Networks

  • Tam, Prohim;Math, Sa;Kim, Seokhoon
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.15 no.3
    • /
    • pp.874-890
    • /
    • 2021
  • With the widespread deployment of the fifth-generation (5G) communication networks, various real-time applications are rapidly increasing and generating massive traffic on backhaul network environments. In this scenario, network congestion will occur when the communication and computation resources exceed the maximum available capacity, which severely degrades the network performance. To alleviate this problem, this paper proposed an intelligent resource allocation (IRA) to integrate with the extant resource adjustment (ERA) approach mainly based on the convergence of support vector machine (SVM) algorithm, software-defined networking (SDN), and mobile edge computing (MEC) paradigms. The proposed scheme acquires predictable schedules to adapt the downlink (DL) transmission towards off-peak hour intervals as a predominant priority. Accordingly, the peak hour bandwidth resources for serving real-time uplink (UL) transmission enlarge its capacity for a variety of mission-critical applications. Furthermore, to advance and boost gateway computation resources, MEC servers are implemented and integrated with the proposed scheme in this study. In the conclusive simulation results, the performance evaluation analyzes and compares the proposed scheme with the conventional approach over a variety of QoS metrics including network delay, jitter, packet drop ratio, packet delivery ratio, and throughput.

Network Slice Selection Function on M-CORD (M-CORD 기반의 네트워크 슬라이스 선택 기능)

  • Rivera, Javier Diaz;Khan, Talha Ahmed;Asif, Mehmood;Song, Wang-Cheol
    • KNOM Review
    • /
    • v.21 no.2
    • /
    • pp.35-45
    • /
    • 2018
  • As Network Slicing functionality gets applied to mobile networking, a mechanism that enables the selection of network slices becomes indispensable. Following the 3GPP Technical Specification for the 5G Architecture, the inclusion of the Network Slice Selection Function (NSSF) in order to leverage the process of slice selection is apparent. However, actual implementation of this network function needs to deal with the dynamic changes of network instances, due to this, a platform that supports the orchestration of Virtual Network Functions (VNF) is required. Our proposed solution include the use of the Central Office Rearchitected as a Data Center (CORD) platform, with the specified profile for mobile networks (M-CORD) that integrates a service orchestrator (XOS) alongside solutions oriented to Software Defined Networking (SDN), Network Function Virtualization (VNF) and virtual machine management through OpenStack, in order to provide the right ecosystem where our implementation of NSSF can obtain slice information dynamically by relying on synchronization between back-end services and network function instances.

A Sensing Data Collection Strategy in Software-Defined Mobile-Edge Vehicular Networks (SDMEVN) (소프트웨어 정의 모바일 에지 차량 네트워크(SDMEVN)의 센싱 데이터 수집 전략)

  • Nkenyereye, Lionel;Jang, Jong-Wook
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2018.10a
    • /
    • pp.62-65
    • /
    • 2018
  • This paper comes out with the study on sensing data collection strategy in a Software-Defined Mobile Edge vehicular networking. The two cooperative data dissemination are Direct Vehicular cloud mode and edge cell trajectory prediction decision mode. In direct vehicular cloud, the vehicle observe its neighboring vehicles and sets up vehicular cloud for cooperative sensing data collection, the data collection output can be transmitted from vehicles participating in the cooperative sensing data collection computation to the vehicle on which the sensing data collection request originate through V2V communication. The vehicle on which computation originate will reassemble the computation out-put and send to the closest RSU. The SDMEVN (Software Defined Mobile Edge Vehicular Network) Controller determines how much effort the sensing data collection request requires and calculates the number of RSUs required to support coverage of one RSU to the other. We set up a simulation scenario based on realistic traffic and communication features and demonstrate the scalability of the proposed solution.

  • PDF