• Smart Media Journal
• /
• v.4 no.4
• /
• pp.24-32
• /
• 2015

Recently, SDN is actively used as datacenter networks and gradually increase its applied areas. Along with this change of networking environment, research of deploying network security systems on SDN becomes highlighted. Especially, systems for detecting network flooding attacks by monitoring every packets through ports of OpenFlow switches have been proposed. However, because of the centralized management of a SDN controller which manage multiple switches, it may be substantial overhead that the attack detection system continuously monitors all the flows. In this paper, a sampling based network flooding attack detection and prevention system is proposed to reduce the overhead of monitoring packets and to achieve reasonable functionality of attack detection and prevention. The proposed system periodically takes sample packets of network flows with the given sampling conditions, analyzes the sampled packets to detect network flooding attacks, and block the attack flows actively by managing the flow entries in OpenFlow switches. As network traffic sampler, sFlow agent is used, and snort, an opensource IDS, is used to detect network flooding attack from the sampled packets. For active prevention of the detected attacks, an OpenDaylight application is developed and applied. The proposed system is evaluated on the local testbed composed with multiple OVSes (Open Virtual Switch), and the performance and overhead of the proposed system under various sampling condition is analyzed.

• Journal of Internet of Things and Convergence
• /
• v.2 no.2
• /
• pp.37-49
• /
• 2016

An IP address is used as a host identifier and a locator to bind hosts and applications to their location in existing Internet. Several protocols are proposed to eliminate this binding. Most of these protocols use IPv6-based host identifiers to maintain compatibility with existing Internet, but these identifiers cannot be handled by standard IPv6 routers because such identifiers are unroutable. Therefore, host identifiers need to be usually converted to locators at hosts, and the standard IPv6 protocol should be modified to interoperate with these protocols. In this paper, we propose a network-based host identifier locator separating scheme in software-defined networking. The proposed scheme separates the underlying network into Host Identity and IP domains in order to directly forward unroutable identifiers. The Host Identity domain operates as an overlaid network over IP domain, and it makes the unroutable identifiers to be routable using distributed hash table based routing strategy. For the evaluation, we compared the proposed scheme with the previous scheme using signaling costs and packet delivery costs. The result shows that the proposed scheme is more suitable in the recent mobile-based environments.

• The Journal of Korean Institute of Next Generation Computing
• /
• v.13 no.6
• /
• pp.7-20
• /
• 2017

The advancement of cloud and big data and the considerable growth of traffic have increased the complexity and problems in the management inefficiency of existing networks. The software-defined networking (SDN) environment has been developed to solve this problem. SDN enables us to control network equipment through programming by separating the transmission and control functions of the equipment. Accordingly, several studies have been conducted to improve the performance of SDN controllers, such as the method of connecting existing legacy equipment with SDN, the packet management method for efficient data communication, and the method of distributing controller load in a centralized architecture. However, there is insufficient research on the control of SDN in terms of the quality of network-using applications. To support the establishment and change of the routing paths that meet the required network service quality, we require a mechanism to identify network requirements based on a contract for application network service quality and to collect information about the current network status and identify the violations of network service quality. This study proposes a method of identifying the quality violations of network paths through ontology to ensure the network service quality of applications and provide efficient services in an SDN environment.

• Journal of Intelligence and Information Systems
• /
• v.22 no.1
• /
• pp.107-118
• /
• 2016

The advent of 5G mobile communications, which is expected in 2020, will provide many services such as Internet of Things (IoT) and vehicle-to-infra/vehicle/nomadic (V2X) communication. There are many requirements to realizing these services: reduced latency, high data rate and reliability, and real-time service. In particular, a high level of reliability and delay sensitivity with an increased data rate are very important for M2M, IoT, and Factory 4.0. Around the world, 5G standardization organizations have considered these services and grouped them to finally derive the technical requirements and service scenarios. The first scenario is broadcast services that use a high data rate for multiple cases of sporting events or emergencies. The second scenario is as support for e-Health, car reliability, etc.; the third scenario is related to VR games with delay sensitivity and real-time techniques. Recently, these groups have been forming agreements on the requirements for such scenarios and the target level. Various techniques are being studied to satisfy such requirements and are being discussed in the context of software-defined networking (SDN) as the next-generation network architecture. SDN is being used to standardize ONF and basically refers to a structure that separates signals for the control plane from the packets for the data plane. One of the best examples for low latency and high reliability is an intelligent traffic system (ITS) using V2X. Because a car passes a small cell of the 5G network very rapidly, the messages to be delivered in the event of an emergency have to be transported in a very short time. This is a typical example requiring high delay sensitivity. 5G has to support a high reliability and delay sensitivity requirements for V2X in the field of traffic control. For these reasons, V2X is a major application of critical delay. V2X (vehicle-to-infra/vehicle/nomadic) represents all types of communication methods applicable to road and vehicles. It refers to a connected or networked vehicle. V2X can be divided into three kinds of communications. First is the communication between a vehicle and infrastructure (vehicle-to-infrastructure; V2I). Second is the communication between a vehicle and another vehicle (vehicle-to-vehicle; V2V). Third is the communication between a vehicle and mobile equipment (vehicle-to-nomadic devices; V2N). This will be added in the future in various fields. Because the SDN structure is under consideration as the next-generation network architecture, the SDN architecture is significant. However, the centralized architecture of SDN can be considered as an unfavorable structure for delay-sensitive services because a centralized architecture is needed to communicate with many nodes and provide processing power. Therefore, in the case of emergency V2X communications, delay-related control functions require a tree supporting structure. For such a scenario, the architecture of the network processing the vehicle information is a major variable affecting delay. Because it is difficult to meet the desired level of delay sensitivity with a typical fully centralized SDN structure, research on the optimal size of an SDN for processing information is needed. This study examined the SDN architecture considering the V2X emergency delay requirements of a 5G network in the worst-case scenario and performed a system-level simulation on the speed of the car, radius, and cell tier to derive a range of cells for information transfer in SDN network. In the simulation, because 5G provides a sufficiently high data rate, the information for neighboring vehicle support to the car was assumed to be without errors. Furthermore, the 5G small cell was assumed to have a cell radius of 50-100 m, and the maximum speed of the vehicle was considered to be 30-200 km/h in order to examine the network architecture to minimize the delay.