• Convergence Security Journal
• /
• v.20 no.5
• /
• pp.3-10
• /
• 2020

Recently, the Internet and networks are regarded as essential infrastructures that constitute society, and security threats have been constantly increased. However, the network switch that actually transmits packets in the network can cope with security threats only through firewall or network access control based on fixed rules, so the effective defense for the security threats is extremely limited in the network itself and not actively responding as well. In this paper, we propose an in-network security framework using the high-level data plane programming language, P4 (Programming Protocol-independent Packet Processor), to deal with DDoS attacks and IP spoofing attacks at the network level by monitoring all flows in the network in real time and processing specific security attack packets at the P4 switch. In addition, by allowing the P4 switch to apply the network user's or administrator's policy through the SDN (Software-Defined Network) controller, various security requirements in the network application environment can be reflected.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.7
• /
• pp.2936-2951
• /
• 2016

An emerging satellite technology, Operationally Responsive Space (ORS) is expected to provide a fast and flexible solution for emergency response, such as target tracking, dense earth observation, communicate relaying and so on. To realize large distance transmission, we propose the use of available relay satellites as relay nodes. Accordingly, we apply software defined network (SDN) technology to ORS networks. We additionally propose a satellite network architecture refered to as the SDN-based ORS-Satellite (Sat) networking scheme (SDOS). To overcome the issures of node failures and dynamic topology changes of satellite networks, we combine centralized and distributed routing mechanisms and propose a fast recovery routing algorithm (FRA) for SDOS. In this routing method, we use centralized routing as the base mode.The distributed opportunistic routing starts when node failures or congestion occur. The performance of the proposed routing method was validated through extensive computer simulations.The results demonstrate that the method is effective in terms of resoving low end-to-end delay, jitter and packet drops.

• ETRI Journal
• /
• v.35 no.5
• /
• pp.767-774
• /
• 2013

In this paper, a novel parallel Viterbi decoding scheme is proposed to decrease the decoding latency and power consumption for the software-defined radio (SDR) system. It implements a divide-and-conquer approach by first dividing a block into a series of subblocks, then performing independent Viterbi decoding for each subsequence, and finally merging the surviving subpaths into the final path. Moreover, a network-on-chip-based SDR platform is used to evaluate the performance of the proposed parallel Viterbi decoding scheme. The experiment results show that our scheme can speed up the Viterbi decoding process without increasing the BER, and it performs better than the current state-of-the-art methods.

• ETRI Journal
• /
• v.45 no.3
• /
• pp.433-447
• /
• 2023

Critical issues such as connection congestion, long transmission delay, and packet loss become even worse during epidemic, disaster, and so on. In this study, a link load balancing method is proposed to address these issues on the data plane, a plane of the software-defined network (SDN) architecture. These problems are NP-complete, so a meta-heuristic approach, discrete particle swarm optimization, is used with a novel hybrid cost function. The superiority of the proposed method over existing methods in the literature is that it provides link and switch load balancing simultaneously. The goal is to choose a path that minimizes the connection load between the source and destination in multipath SDNs. Furthermore, the proposed work is dynamic, so selected paths are regularly updated. Simulation results prove that with the proposed method, streams reach the target with minimum time, no loss, low power consumption, and low memory usage.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.17 no.7
• /
• pp.1894-1915
• /
• 2023

Software-Defined Networking (SDN) offers several advantages in dynamic routing, flexible programmable control and custom application-driven network management. However, the programmability of the data plane in traditional SDN is limited. A network operator cannot change the ability of the data plane and perform complex packet processing on the data plane, which limits the flexibility and extendibility of SDN. In the paper, AP-SDN (Action Program enabled Software-Defined Networking) architecture is proposed, which extends the action set of SDN data plane. In the proposed architecture, a modified Open vSwitch is utilized in the data plane allowing the execution of action programs at runtime, thus enabling complex packet processing. An example action program is also implemented which transparently encrypts traffic for terminals. At last, a prototype system of AP-SDN is developed and experiments show its effectiveness and performance.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.3
• /
• pp.874-890
• /
• 2021

With the widespread deployment of the fifth-generation (5G) communication networks, various real-time applications are rapidly increasing and generating massive traffic on backhaul network environments. In this scenario, network congestion will occur when the communication and computation resources exceed the maximum available capacity, which severely degrades the network performance. To alleviate this problem, this paper proposed an intelligent resource allocation (IRA) to integrate with the extant resource adjustment (ERA) approach mainly based on the convergence of support vector machine (SVM) algorithm, software-defined networking (SDN), and mobile edge computing (MEC) paradigms. The proposed scheme acquires predictable schedules to adapt the downlink (DL) transmission towards off-peak hour intervals as a predominant priority. Accordingly, the peak hour bandwidth resources for serving real-time uplink (UL) transmission enlarge its capacity for a variety of mission-critical applications. Furthermore, to advance and boost gateway computation resources, MEC servers are implemented and integrated with the proposed scheme in this study. In the conclusive simulation results, the performance evaluation analyzes and compares the proposed scheme with the conventional approach over a variety of QoS metrics including network delay, jitter, packet drop ratio, packet delivery ratio, and throughput.

• KNOM Review
• /
• v.21 no.2
• /
• pp.35-45
• /
• 2018

As Network Slicing functionality gets applied to mobile networking, a mechanism that enables the selection of network slices becomes indispensable. Following the 3GPP Technical Specification for the 5G Architecture, the inclusion of the Network Slice Selection Function (NSSF) in order to leverage the process of slice selection is apparent. However, actual implementation of this network function needs to deal with the dynamic changes of network instances, due to this, a platform that supports the orchestration of Virtual Network Functions (VNF) is required. Our proposed solution include the use of the Central Office Rearchitected as a Data Center (CORD) platform, with the specified profile for mobile networks (M-CORD) that integrates a service orchestrator (XOS) alongside solutions oriented to Software Defined Networking (SDN), Network Function Virtualization (VNF) and virtual machine management through OpenStack, in order to provide the right ecosystem where our implementation of NSSF can obtain slice information dynamically by relying on synchronization between back-end services and network function instances.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2018.10a
• /
• pp.62-65
• /
• 2018

This paper comes out with the study on sensing data collection strategy in a Software-Defined Mobile Edge vehicular networking. The two cooperative data dissemination are Direct Vehicular cloud mode and edge cell trajectory prediction decision mode. In direct vehicular cloud, the vehicle observe its neighboring vehicles and sets up vehicular cloud for cooperative sensing data collection, the data collection output can be transmitted from vehicles participating in the cooperative sensing data collection computation to the vehicle on which the sensing data collection request originate through V2V communication. The vehicle on which computation originate will reassemble the computation out-put and send to the closest RSU. The SDMEVN (Software Defined Mobile Edge Vehicular Network) Controller determines how much effort the sensing data collection request requires and calculates the number of RSUs required to support coverage of one RSU to the other. We set up a simulation scenario based on realistic traffic and communication features and demonstrate the scalability of the proposed solution.

• International Journal of Computer Science & Network Security
• /
• v.22 no.4
• /
• pp.374-386
• /
• 2022

Nowadays, research in deep learning leveraged automated computing and networking paradigm evidenced rapid contributions in terms of Software Defined Networking (SDN) and its diverse security applications while handling cybercrimes. SDN plays a vital role in sniffing information related to network usage in large-scale data centers that simultaneously support an improved algorithm design for automated detection of network intrusions. Despite its security protocols, SDN is considered contradictory towards DDoS attacks (Distributed Denial of Service). Several research studies developed machine learning-based network intrusion detection systems addressing detection and mitigation of DDoS attacks in SDN-based networks due to dynamic changes in various features and behavioral patterns. Addressing this problem, this research study focuses on effectively designing a multistage hybrid and intelligent deep learning classifier based on modified deep forest classification to detect DDoS attacks in SDN networks. Experimental results depict that the performance accuracy of the proposed classifier is improved when evaluated with standard parameters.

• Journal of electromagnetic engineering and science
• /
• v.18 no.1
• /
• pp.58-62
• /
• 2018

In this study, we propose a software-defined radio-based frequency interference emulator in the space-time domain. This emulator can easily model actual interference environments because of the versatile programming capability of the universal software radio peripheral and LabVIEW. As an example of an interfering network using the contention-based multiple access scheme in the time domain, we emulate a coordinated Wi-Fi network that consists of one access point and two Wi-Fi nodes. Results show that our emulator can successfully model multiple interfering signals in the Wi-Fi network and easily adjust various space-time domain parameters.