• Title/Summary/Keyword: Software-Defined Networking

Search Result 168, Processing Time 0.023 seconds

SDN-Based Packet-Forwarding and Delay Minimization Algorithm for Efficient Utilization of Network Resources and Delay Minimization (네트워크 자원의 효율적인 사용과 지연을 최소화하기 위한 SDN 기반 서비스별 패킷 전송 및 지연 최소화 알고리즘)

  • Son, Jaehyeok;Hong, ChoongSeon
    • KIISE Transactions on Computing Practices
    • /
    • v.21 no.11
    • /
    • pp.727-732
    • /
    • 2015
  • These days, many researchers are working on Future Internet and a new networking paradigm called Software Defined Networking draws a great attention. In this paper, we redefine Software Defined Networking as Service Defined Networking which means that packets are categorized according to types of services. By using Service Defined Networking, we are not only dealing with the way to utilize the network resources efficiently but we also propose an algorithm to minimize the waiting time for packets to be delivered. This proposed algorithm can solve the delay problem, one of the most significant problems caused by network congestion. Also, since we are adopting Service Defined Networking, network resource utilization can be improved compared to the existing network.

Blockchain-based Secure Software-Defined Networking (블록체인 기반의 안전한 소프트웨어 정의 네트워킹)

  • Woo, Seungwon;Shin, Seungwon
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2018.10a
    • /
    • pp.148-151
    • /
    • 2018
  • Software-Defined Networking, called SDN is a next-generation network technology that allows a centralized SDN controller to manage multiple switches and easily apply any network requirements, unlike traditional network devices. However, as the research on SDN has progressed rapidly in recent years, the security of SDN is also considered to be important. Therefore, in this paper, we investigate the major security problems in SDN and introduce a methodology to apply blockchain technology to SDN as a solution to solve them.

  • PDF

SD-ICN: Toward Wide Area Deployable Software Defined Information Centric Networking

  • Xing, Changyou;Ding, Ke;Hu, Chao;Chen, Ming;Xu, Bo
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.10 no.5
    • /
    • pp.2267-2285
    • /
    • 2016
  • Information Centric Networking that uses content name instead of IP address as routing identifier can handle challenges such as traffic explosion and user mobility, but it also suffers from scalability and incompatibility problems. In this paper by combining the concept of software defined networking and Internet end to end arguments, we propose a wide area deployable software defined information centric networking service model named SD-ICN. SD-ICN employs a dual space structure that separates edge service network and core transmission network. The enhanced SDN techniques are used in edge service network in order to implement intelligent data routing and caching, while traditional IP technique is reserved in core transmission network so as to provide wide area high speed data transmission. Besides, a distributed name resolution system based on the cooperation of different controllers is also presented. The prototype experiments in our campus network show that SD-ICN can be deployed in a scalable and incremental way with no modification of the core network, and can support typical communication modes such as multicast, mobility, multihoming, load balancing, and multipath data transmission effectively.

New Distributed SDN Framework for Mitigating DDoS Attacks (DDoS 공격 완화를 위한 새로운 분산 SDN 프레임워크)

  • Alshehhi, Ahmed;Yeun, Chan Yeob;Damiani, Ernesto
    • The Transactions of The Korean Institute of Electrical Engineers
    • /
    • v.66 no.12
    • /
    • pp.1913-1920
    • /
    • 2017
  • Software Defined Networking creates totally new concept of networking and its applications which is based on separating the application and control layer from the networking infrastructure as a result it yields new opportunities in improving the network security and making it more automated in robust way, one of these applications is Denial of Service attack mitigation but due to the dynamic nature of Denial of Service attack it would require dynamic response which can mitigate the attack with the minimum false positive. In this paper we will propose a new mitigation Framework for DDoS attacks using Software Defined Networking technology to protect online services e.g. websites, DNS and email services against DoS and DDoS attacks.

A Study of Security Threats and Security Requirements of Software Defined Networking Technology (소프트웨어 정의 네트워킹 기술의 보안 위협 및 보안 요구사항에 대한 연구)

  • Kang, Yong-Hyeog
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2017.10a
    • /
    • pp.561-562
    • /
    • 2017
  • Software defined networking technology allows centralized and powerful network control by separating packet processing and network control. However, powerfulness of software-defined networking technology threats the network itself. Most security researches of software-defined networking focus on discovering and defending network vulnerabilities. But, there is not much security for this technology itself. In this paper, the security vulnerabilities that can occur in this networking technology are analyzed and the security requirements of it are proposed. The biggest threats are the threats to the controller, the reliability problem between the controller and the switch must be solved, and a technique to detect attacks that malfunction by manipulating configuration information are needed.

  • PDF

A Hybrid Software Defined Networking Architecture for Next-Generation IoTs

  • Lee, Ahyoung;Wang, Xuan;Nguyen, Hieu;Ra, Ilkyeun
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.12 no.2
    • /
    • pp.932-945
    • /
    • 2018
  • Everything in the world is becoming connected and interactive due to the Internet. The future of interactive smart environments such as smart cities, smart industries, or smart farms demand high network bandwidth, high network flexibility, and self-organization systems without costly hardware upgrades, and they provide a sustainable, scalable, and replicable smart environment backbone infrastructure. This paper presents a new Hybrid Software-Defined architecture for integrating Internet-of-Things technologies that are essential technologies for smart environments. It combines a software-defined networking infrastructure and a real-time distributed network framework with an advanced optimization to enable self-configuration, self-management, and self-adaption for providing seamless communication and efficiently managing a vast number of smart heterogeneous devices.

A reinforcement learning-based network path planning scheme for SDN in multi-access edge computing

  • MinJung Kim;Ducsun Lim
    • International journal of advanced smart convergence
    • /
    • v.13 no.2
    • /
    • pp.16-24
    • /
    • 2024
  • With an increase in the relevance of next-generation integrated networking environments, the need to effectively utilize advanced networking techniques also increases. Specifically, integrating Software-Defined Networking (SDN) with Multi-access Edge Computing (MEC) is critical for enhancing network flexibility and addressing challenges such as security vulnerabilities and complex network management. SDN enhances operational flexibility by separating the control and data planes, introducing management complexities. This paper proposes a reinforcement learning-based network path optimization strategy within SDN environments to maximize performance, minimize latency, and optimize resource usage in MEC settings. The proposed Enhanced Proximal Policy Optimization (PPO)-based scheme effectively selects optimal routing paths in dynamic conditions, reducing average delay times to about 60 ms and lowering energy consumption. As the proposed method outperforms conventional schemes, it poses significant practical applications.

A Systematic Treat Model for Software-Defined Networking

  • Zhang, Wenbin;Wu, Zehui;Wei, Qiang;Yuan, Huijie
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.15 no.2
    • /
    • pp.580-599
    • /
    • 2021
  • Software-Defined Networking (SDN) has three key features: separation of control and forwarding, centralized control, and network programmability. While improving network management flexibility, SDN has many security issues. This paper systemizes the security threats of SDN using spoofing, tampering, repudiation, information disclosure, denial of service, and elevation of privilege (STRIDE) model to understand the current security status of SDN. First, we introduce the network architecture and data flow of SDN. Second, we analyze security threats of the six types given in the STRIDE model, aiming to reveal the vulnerability mechanisms and assess the attack surface. Then, we briefly describe the corresponding defense technologies. Finally, we summarize the work of this paper and discuss the trends of SDN security research.

AP-SDN: Action Program enabled Software-Defined Networking Architecture

  • Zheng Zhao;Xiaoya Fan;Xin Xie;Qian Mao;Qi Zhao
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.17 no.7
    • /
    • pp.1894-1915
    • /
    • 2023
  • Software-Defined Networking (SDN) offers several advantages in dynamic routing, flexible programmable control and custom application-driven network management. However, the programmability of the data plane in traditional SDN is limited. A network operator cannot change the ability of the data plane and perform complex packet processing on the data plane, which limits the flexibility and extendibility of SDN. In the paper, AP-SDN (Action Program enabled Software-Defined Networking) architecture is proposed, which extends the action set of SDN data plane. In the proposed architecture, a modified Open vSwitch is utilized in the data plane allowing the execution of action programs at runtime, thus enabling complex packet processing. An example action program is also implemented which transparently encrypts traffic for terminals. At last, a prototype system of AP-SDN is developed and experiments show its effectiveness and performance.

An Enhanced Scheme of PUF-Assisted Group Key Distribution in SDWSN (SDWSN 환경의 PUF 기반 그룹 키 분배 방법 개선)

  • Oh, Jeong Min;Jeong, Ik Rae;Byun, Jin Wook
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.29 no.1
    • /
    • pp.29-43
    • /
    • 2019
  • In recent years, as the network traffic in the WSN(Wireless Sensor Network) has been increased by the growing number of IoT wireless devices, SDWSN(Software-Defined Wireless Sensor Network) and its security that aims a secure SDN(Software-Defined Networking) for efficiently managing network resources in WSN have received much attention. In this paper, we study on how to efficiently and securely design a PUF(Physical Unclonable Function)-assisted group key distribution scheme for the SDWSN environment. Recently, Huang et al. have designed a group key distribution scheme using the strengths of SDN and the physical security features of PUF. However, we observe that Huang et al.'s scheme has weak points that it does not only lack of authentication for the auxiliary controller but also it maintains the redundant synchronization information. In this paper, we securely design an authentication process of the auxiliary controller and improve the vulnerabilities of Huang et al.'s scheme by adding counter strings and random information but deleting the redundant synchronization information.