• International Journal of Computer Science & Network Security
• /
• v.22 no.10
• /
• pp.303-309
• /
• 2022

Software Defined Networking (SDN) is a novel approach that have accelerated the development of numerous technologies such as policy-based access control, network virtualization, and others. It allows to boost network architectural flexibility and expedite the return on investment. However, this increases the system's complexity, necessitating the expenditure of dollars to assure the system's security. Network Function Virtualization (NFV) opens up new possibilities for network engineers, but it also raises security concerns. A number of Internet service providers and network equipment manufacturers are grappling with the difficulty of developing and characterizing NFVs and related technologies. Through Moodle's efforts to maintain security, this paper presents a detailed review of security-related challenges in software-defined networks and network virtualization services.

• ETRI Journal
• /
• v.45 no.3
• /
• pp.433-447
• /
• 2023

Critical issues such as connection congestion, long transmission delay, and packet loss become even worse during epidemic, disaster, and so on. In this study, a link load balancing method is proposed to address these issues on the data plane, a plane of the software-defined network (SDN) architecture. These problems are NP-complete, so a meta-heuristic approach, discrete particle swarm optimization, is used with a novel hybrid cost function. The superiority of the proposed method over existing methods in the literature is that it provides link and switch load balancing simultaneously. The goal is to choose a path that minimizes the connection load between the source and destination in multipath SDNs. Furthermore, the proposed work is dynamic, so selected paths are regularly updated. Simulation results prove that with the proposed method, streams reach the target with minimum time, no loss, low power consumption, and low memory usage.

• Journal of Communications and Networks
• /
• v.18 no.4
• /
• pp.559-566
• /
• 2016

Software defined network (SDN) can effectively improve the performance of traffic engineering and will be widely used in backbone networks. Therefore, new energy-saving schemes must take SDN into consideration; this action is extremely important owing to the rapidly increasing energy consumption in telecom and Internet service provider (ISP) networks. Meanwhile, the introduction of SDN in current networks must be incremental in most cases, for technical and economic reasons. During this period, operators must manage hybrid networks in which SDN and traditional protocols coexist. In this study, we investigate the energy-efficient traffic engineering problem in hybrid SDN/Internet protocol (IP) networks. First, we formulate the mathematical optimization model considering the SDN/IP hybrid routing mode. The problem is NP-hard; therefore, we propose a fast heuristic algorithm named hybrid energy-aware traffic engineering (HEATE) as a solution. In our proposed HEATE algorithm, the IP routers perform shortest-path routing by using distributed open shortest path first (OSPF) link weight optimization. The SDNs perform multipath routing with traffic-flow splitting managed by the global SDN controller. The HEATE algorithm determines the optimal setting for the OSPF link weight and the splitting ratio of SDNs. Thus, the traffic flow is aggregated onto partial links, and the underutilized links can be turned off to save energy. Based on computer simulation results, we demonstrate that our algorithm achieves a significant improvement in energy efficiency in hybrid SDN/IP networks.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.10
• /
• pp.4703-4723
• /
• 2018

In recent years, dense small cell network has been deployed to address the challenge that has resulted from the unprecendented growth of mobile data traffic and users. It has proven to be a cost efficeient solution to offload traffic from macro-cells. Software defined heterogeneous wireless network can decouple the control plane from the data plane. The control signal goes through the macro-cell while the data traffic can be offloaded by small cells. In this paper, we propose a framework for cell virtualization and user association in order to satisfy versatile requirements of multiple tenants. In the proposed framework, we propose an interference graph partioning based virtual-cell association and customized physical-cell association for multi-homed users in a software defined small cell network. The proposed user association scheme includes 3 steps: initialization, virtual-cell association and physical-cell association. Simulation results show that the proposed virtual-cell association outperforms the other schemes. For physical-cell association, the results on resource utilization and user fairness are examined for mobile users and infrastructure providers.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.39B no.6
• /
• pp.379-386
• /
• 2014

Recently, middleboxes play a key role in many network settings such as firewalls, VPN gateways, proxies, intrusion detection and prevention systems, and WAN optimizers. However, achieving the performance and security benefits that middleboxes offer is highly complex, and therefore it is essential to manage middleboxes efficiently and dynamically. In this respect, Software-Defined Networking (SDN) offers a promising solution for middlebox policy enforcement by using logically centralized management, decoupling the data and control planes, and providing the ability to programmatically configure forwarding rules. Also, cloud computing and distributed Network Function Virtualization (NFV) can enable to manage middleboxes more easily. We introduce SDN-based middlebox management framework in integrated wired and wireless networks and discuss the further issues.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.38B no.4
• /
• pp.266-278
• /
• 2013

In this paper, to manage the efficient control of IP packet flows crossing multi-provider networks such as Internet, we propose a SDN(Software Defined Networking)-based policy controller. The proposed policy controller leverages the visibility of underlying network and manages both virtual links and ports to inter-connect networking elements. The controller is capable of quickly composing multiple on-demand virtual networks and dynamically managing the composed networks, thus it can provide more flexible and optimized overlay networking environment to end-user applications. More specifically, we first look into the proposed structure and features of policy controller. With two kinds of service applications, we then verify the applicability of the proposed controller by evaluating its service composition time.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.6
• /
• pp.2848-2869
• /
• 2017

Mobile Wireless Sensor Networks (MWSN) are usually constrained in energy supply, which makes energy efficiency a key factor to extend the network lifetime. The management of the network topology has been widely used as a mechanism to enhance the lifetime of wireless sensor networks (WSN), and this work presents an alternative to this. Software Defined Networking (SDN) is a well-known technology in data center applications that separates the data and control planes during the network management. This paper proposes a solution based on SDN that optimizes the energy use in MWSN. The network intelligence is placed in a controller that can be accessed through different controller gateways within a MWSN. This network intelligence runs a Topology Control (TC) mechanism to build a backbone of coordinator nodes. Therefore, nodes only need to perform forwarding tasks, they reduce message retransmissions and CPU usage. This results in an improvement of the network lifetime. The performance of the proposed solution is evaluated and compared with a distributed approach using the OMNeT++ simulation framework. Results show that the network lifetime increases when 2 or more controller gateways are used.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.39B no.6
• /
• pp.387-396
• /
• 2014

Recently, there have been continuous efforts and progresses regarding the research on diverse network control and management platforms for SDN (Software Defined Networking). SDN is defined as a new technology to enable service providers/network operators easily to control and manage their networks by writing a simple application program. In SDN, incomplete or malicious programmable entities could cause break-down of underlying networks shared by heterogeneous devices and stake-holders. In this sense, any misunderstanding or diverse interpretations should be completely avoided. This paper proposes a new framework for SDN application verification and a prototype based on the formal method, especially with process algebra called pACSR which is an extended version of Algebra of Communicating Shared Resources (ACSR).

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.1
• /
• pp.29-43
• /
• 2019

In recent years, as the network traffic in the WSN(Wireless Sensor Network) has been increased by the growing number of IoT wireless devices, SDWSN(Software-Defined Wireless Sensor Network) and its security that aims a secure SDN(Software-Defined Networking) for efficiently managing network resources in WSN have received much attention. In this paper, we study on how to efficiently and securely design a PUF(Physical Unclonable Function)-assisted group key distribution scheme for the SDWSN environment. Recently, Huang et al. have designed a group key distribution scheme using the strengths of SDN and the physical security features of PUF. However, we observe that Huang et al.'s scheme has weak points that it does not only lack of authentication for the auxiliary controller but also it maintains the redundant synchronization information. In this paper, we securely design an authentication process of the auxiliary controller and improve the vulnerabilities of Huang et al.'s scheme by adding counter strings and random information but deleting the redundant synchronization information.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.12
• /
• pp.5723-5743
• /
• 2018

The evolving internet-based services demand high-speed data transmission in conjunction with scalability. The next generation optical network has to exploit artificial intelligence and cognitive techniques to cope with the emerging requirements. This work proposes a novel way to solve the dynamic provisioning problem in optical network. The provisioning in optical network involves the computation of routes and the reservation of wavelenghs (Routing and Wavelength assignment-RWA). This is an extensively studied multi-objective optimization problem and its complexity is known to be NP-Complete. As the exact algorithms incurs more running time, the heuristic based approaches have been widely preferred to solve this problem. Recently the software-defined networking has impacted the way the optical pipes are configured and monitored. This work proposes the dynamic selection of path computation algorithms in response to the changing service requirements and network scenarios. A software-defined controller mechanism with a novel packet matching feature was proposed to dynamically match the traffic demands with the appropriate algorithm. A software-defined controller with Path Computation Element-PCE was created in the ONOS tool. A simulation study was performed with the case study of dynamic path establishment in ONOS-Open Network Operating System based software defined controller environment. A java based NOX controller was configured with a parent path computation element. The child path computation elements were configured with different path computation algorithms under the control of the parent path computation element. The use case of dynamic bulk path creation was considered. The algorithm selection method is compared with the existing single algorithm based method and the results are analyzed.