• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.40 no.6
• /
• pp.1070-1080
• /
• 2015

In this paper, we introduce an SDN-based intrusion prevention system for more secure Science DMZ with no performance limits. The proposed system is structured with intrusion-prevention, intrusion-detection, and prevention-decision subsystems which are physically distributed but informationally connected by an SDN interface. The functional distribution and the application of SDN technology increase the flexibility and extensibility of the proposed system and prevent performance degradation possibly caused by network security equipments on Science DMZ. We verified the feasibility and performance of the proposed system over a testbed set up at KREONET.

• Electronics and Telecommunications Trends
• /
• v.30 no.1
• /
• pp.87-93
• /
• 2015

본고에서는 SDN(Software Defined Networking)/NFV(Network Function Virtualization)/Cloud 기술 현황 및 SDN/NFV/Cloud 표준화 현황을 바탕으로 통합적인 측면에서 SDN/NFV/Cloud 기술을 전망한다. SDN/NFV/Cloud는 응용/서비스에 따라 ICT 인프라가 제어 및 관리할 수 있게 하여 새로운 지식 기반 서비스 및 솔루션을 창출하는 핵심 기술임을 설명한다. SDN, NFV 및 Cloud 기술을 연계 분석하여 SDN/NFV/Cloud 개별 및 융합 기술 진화방향을 전망한다. 끝으로 SDN/NFV/Cloud 기술개발 가속화, 융합 기술 확산 및 효과에 대해서 예측한다.

• Information and Communications Magazine
• /
• v.30 no.3
• /
• pp.3-8
• /
• 2013

본고에서는 최근 많은 관심을 받고 있는 SDN (Software Defined Networking) 기술의 개념 구조에 대해 설명하고 관련 핵심 요소 기술 및 진화 전망에 대해 분석한다. 또한 적용 분야별로 SDN 기술의 도입 필요성 및 적용 시나리오 대해 분석한 내용을 포함한다.

• Information and Communications Magazine
• /
• v.29 no.11
• /
• pp.100-107
• /
• 2012

최근 활발히 연구되고 있는 SDN(Software-Defined Networking) 기술과 관련하여, 보다 편리하고 정확한 방법으로 네트워크를 구축하기 위한 SDN 전용 언어와 신뢰성 검증 방법에 대하여 2012년도에 발표된 논문을 중심으로 최신 연구 동향을 분석한다.

• International Journal of Computer Science & Network Security
• /
• v.22 no.9
• /
• pp.376-388
• /
• 2022

The expansion of new applications and business models is being significantly fueled by the development of Fifth Generation (5G) networks, which are becoming more widely accessible. The creation of the newest intelligent vehicular networks and applications is made possible by the use of Vehicular Ad hoc Networks (VANETs) and Software Defined Networking (SDN). Researchers have been concentrating on the integration of SDN and VANET in recent years, and they have examined a variety of issues connected to the architecture, the advantages of software-defined VANET services, and the new features that can be added to them. However, the overall architecture's security and robustness are still in doubt and have received little attention. Furthermore, new security threats and vulnerabilities are brought about by the deployment and integration of novel entities and a number of architectural components. In this study, we comprehensively examine the good and negative effects of the most recent SDN-enabled vehicular network topologies, focusing on security and privacy. We examine various security flaws and attacks based on the existing SDVN architecture. Finally, a thorough discussion of the unresolved concerns and potential future study directions is provided.

• International Journal of Computer Science & Network Security
• /
• v.22 no.9
• /
• pp.231-243
• /
• 2022

The expansion of new applications and business models is being significantly fueled by the development of Fifth Generation (5G) networks, which are becoming more widely accessible. The creation of the newest intelligent vehicular net- works and applications is made possible by the use of Vehicular Ad hoc Networks (VANETs) and Software Defined Networking (SDN). Researchers have been concentrating on the integration of SDN and VANET in recent years, and they have examined a variety of issues connected to the architecture, the advantages of software defined VANET services, and the new features that can be added to them. However, the overall architecture's security and robustness are still in doubt and have received little attention. Furthermore, new security threats and vulnerabilities are brought about by the deployment and integration of novel entities and several architectural components. In this study, we comprehensively examine the good and negative effects of the most recent SDN-enabled vehicular network topologies, focusing on security and privacy. We examine various security flaws and attacks based on the existing SDVN architecture. Finally, a thorough discussion of the unresolved concerns and potential future study directions is provided.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38B no.4
• /
• pp.266-278
• /
• 2013

In this paper, to manage the efficient control of IP packet flows crossing multi-provider networks such as Internet, we propose a SDN(Software Defined Networking)-based policy controller. The proposed policy controller leverages the visibility of underlying network and manages both virtual links and ports to inter-connect networking elements. The controller is capable of quickly composing multiple on-demand virtual networks and dynamically managing the composed networks, thus it can provide more flexible and optimized overlay networking environment to end-user applications. More specifically, we first look into the proposed structure and features of policy controller. With two kinds of service applications, we then verify the applicability of the proposed controller by evaluating its service composition time.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.6
• /
• pp.2735-2751
• /
• 2020

The emergence of Software Defined Networking (SDN) overcomes the limitations of traditional networking architectures. There are some advantages in SDN which are centralized global network view, programmability, and separation of the data plane and control plane. Due to the limitation of data plane storage capacity in SDN, it is necessary to process the redundancy rules of switch. In this paper, we propose a method for active detection and processing of redundant rules. We use the result generated by the customized probe package to detect redundant rules. And by checking the forwarding behavior of probe packets in the data plane, the redundancy rules are further processed. Furthermore, in order to quickly check the dynamic networks, we propose an incremental algorithms for rapidly evolve the network strategies. We conduct simulation experiments on Matlab to verify the feasibility of the algorithm. The influence of some parameters on the result are discussed.

• Journal of Information Processing Systems
• /
• v.12 no.3
• /
• pp.511-524
• /
• 2016

The Virtual Local Area Network (VLAN) has been used for a long time in campus and enterprise networks as the most popular network virtualization solution. Due to the benefits and advantages achieved by using VLAN, network operators and administrators have been using it for constructing their networks up until now and have even extended it to manage the networking in a cloud computing system. However, their configuration is a complex, tedious, time-consuming, and error-prone process. Since Software Defined Networking (SDN) features the centralized network management and network programmability, it is a promising solution for handling the aforementioned challenges in VLAN management. In this paper, we first introduce a new architecture for campus and enterprise networks by leveraging SDN and OpenFlow. Next, we have designed and implemented an application for easily managing and flexibly troubleshooting the VLANs in this architecture. This application supports both static VLAN and dynamic VLAN configurations. In addition, we discuss the hybrid-mode operation where the packet processing is involved by both the OpenFlow control plane and the traditional control plane. By deploying a real test-bed prototype, we illustrate how our system works and then evaluate the network latency in dynamic VLAN operation.

• Journal of Korea Multimedia Society
• /
• v.23 no.2
• /
• pp.247-254
• /
• 2020

The recent Internet environment is characterized by the explosion of certain types of data, as the data that people want is affected by certain issues. In this paper, we propose a load balancing technique that considers the data generation forms. The concept of this technique is to prioritize some type of data when it suddenly explodes. This is a technique to build an add-on middle box on a switch to monitor packets and give priority to a queue for load balancing. This technique worked when certain types of data exploded. SDN(Software Defined Networking) has the advantage of efficiently managing a number of network equipment. However, load balancing in the SDN environment has not been studied much. Applying the proposed load balancing technique in the SDN environment can save time and budget and easily implement our policies. When the proposed load balancing technique is applied to the SDN environment, it has been found that the techniques we want can be easily applied to the network systems, and that efficient data processing is possible when certain types of data explosion.