scholarly journals Reliable optical networks with ODTN, resiliency and failover in data plane and control plane

2019 ◽  
Author(s):  
A. Campanella ◽  
B. Yan ◽  
R. Casellas ◽  
A. Giorgetti ◽  
V. Lopez ◽  
...  
Keyword(s):  
Optical Networks ◽  
Control Plane ◽  
Data Plane ◽  
And Control

scholarly journals ADAPTIVE ENTROPY-BASED DETECTION AND MITIGATION OF DDOS ATTACKS IN SOFTWARE DEFINED NETWORKS

2020 ◽  
pp. 399-410
Author(s):  
Jawad Dalou' ◽  
Basheer Al-Duwairi ◽  
Mohammad Al-Jarrah
Keyword(s):  
Denial Of Service ◽  
Attack Detection ◽  
Point Of View ◽  
Software Defined Networks ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Control Plane ◽  
Data Plane ◽  
And Control ◽  
Sdn Controller

Software Defined Networking (SDN) has emerged as a new networking paradigm that is based on the decoupling between data plane and control plane providing several benefits that include flexible, manageable, and centrally controlled networks. From a security point of view, SDNs suffer from several vulnerabilities that are associated with the nature of communication between control plane and data plane. In this context, software defined networks are vulnerable to distributed denial of service attacks. In particular, the centralization of the SDN controller makes it an attractive target for these attacks because overloading the controller with huge packet volume would result in bringing the whole network down or degrade its performance. Moreover, DDoS attacks may have the objective of flooding a network segment with huge traffic volume targeting single or multiple end systems. In this paper, we propose an entropy-based mechanism for Distributed Denial of Service (DDoS) attack detection and mitigation in SDN networks. The proposed mechanism is based on the entropy values of source and destination IP addresses of flows observed by the SDN controller which are compared to a preset entropy threshold values that change in adaptive manner based on network dynamics. The proposed mechanism has been evaluated through extensive simulation experiments.

scholarly journals SSG - A Solution to Prevent Saturation Attack on the Data Plane and Control Plane in SDN/Openflow Network

2019 ◽  
Vol 2019 (1) ◽  
Author(s):  
Đặng Văn Tuyên ◽  
Trương Thu Hương
Keyword(s):  
Network Security ◽  
Control Plane ◽  
Number Of Solutions ◽  
Tcp Protocol ◽  
Security Challenges ◽  
Packet Latency ◽  
Data Plane ◽  
And Control ◽  
Tcp Connections ◽  
Resource Saturation

The SDN/Openflow architecture opens new opportunities for effective solutions to address network security problems; however, it also brings new security challenges compared to the traditional network. One of those is the mechanism of reactive installation for new flow entries that can make the data plane and control plane easily become a target for resource saturation attacks with spoofing technique such as SYN flood. There are a number of solutions to this problem such as Connection Migration (CM) mechanism in Avant-Guard solution. However, most of them increase load to the commodity switches and/or split benign TCP connections, which can cause increase of packet latency and disable some features of the TCP protocol. This paper presents a solution called SDN-based SYN Flood Guard (SSG), which takes advantages of Openflow’s ability to match TCP Flags fields and the RST Cookie technique to authenticate three-way handshake processes of TCP connections in a separated device from SDN/Openflow switches. The experiment results reveal that SSG solves the aforementioned problems and improves the SYN Flood.

scholarly journals Proposed approach to detect distributed denial of service attacks in software defined network using machine learning algorithms

2018 ◽  
Vol 7 (2.8) ◽  
pp. 472 ◽  
Author(s):  
Shruti Banerjee ◽  
Partha Sarathi Chakraborty ◽  
. .
Keyword(s):  
Machine Learning ◽  
Denial Of Service ◽  
Learning Algorithms ◽  
Machine Learning Algorithms ◽  
Paper Machine ◽  
Software Defined Network ◽  
Distributed Denial Of Service ◽  
Control Plane ◽  
Data Plane ◽  
And Control

SDN (Software Defined Network) is rapidly gaining importance of ‘programmable network’ infrastructure. The SDN architecture separates the Data plane (forwarding devices) and Control plane (controller of the SDN). This makes it easy to deploy new versions to the infrastructure and provides straightforward network virtualization. Distributed Denial-of-Service attack is a major cyber security threat to the SDN. It is equally vulnerable to both data plane and control plane. In this paper, machine learning algorithms such as Naïve Bayesian, KNN, K Means, K-Medoids, Linear Regression, use to classify the incoming traffic as usual or unusual. Above mentioned algorithms are measured using the two metrics: accuracy and detection rate. The best fit algorithm is applied to implement the signature IDS which forms the module 1 of the proposed IDS. Second Module uses open connections to state the exact node which is an attacker and to block that particular IP address by placing it in Access Control List (ACL), thus increasing the processing speed of SDN as a whole. 

scholarly journals An Enhanced Message Distribution Mechanism for Northbound Interfaces in the SDN Environment

2021 ◽  
Vol 11 (10) ◽  
pp. 4346
Author(s):  
Chenhui Wang ◽  
Hong Ni ◽  
Lei Liu
Keyword(s):  
Control Plane ◽  
Message Queue ◽  
Ip Network ◽  
Data Plane ◽  
Control Response ◽  
Basic Functions ◽  
The Cost ◽  
New Generation ◽  
And Control ◽  
High Degree

Software-Defined Network (SDN), which is recommended as a new generation of the network, a substitute for TCP/IP network, has the characteristics of separation of data plane and control plane. Although the separation of the control plane brings a high degree of freedom and simple operation and maintenance, it also increases the cost of north–south communication. There are many additional modules for SDN to modify and enhance the basic functions of SDN. This paper proposes a message queue-based northbound communication mechanism, which pre-categorizes messages from the data plane and accurately pushes them to the apps potentially interested. This mechanism improves the efficiency of northbound communication and apps’ execution. Furthermore, it supports both OpenFlow and the protocol-independent southbound interface, and it has strong compatibility. Experiments have proved that this mechanism can reduce the control-response latency by up to 41% when compared with the normal controller northbound communication system, and it also improves the network situation of the data plane, such as real-time bandwidth.

scholarly journals A critical review based on Fault Tolerance in Software Defined Networks

2021 ◽  
Vol 12 (2) ◽  
pp. 456-461
Author(s):  
Ms. Shailly
Keyword(s):  
Fault Tolerant ◽  
Decoupling Control ◽  
Critical Survey ◽  
Software Defined Networks ◽  
Control Plane ◽  
Tabular Data ◽  
Plane Failure ◽  
Failure Handling ◽  
Data Plane ◽  
And Control

SDN (Software-Defined Networks) is an incipient architecture of decoupling control plane and data plane involved in dynamic management of network. SDN is being installed in production based networks which ultimately lead to the need of secure and fault tolerant SDN. In the present investigation, we     are discussing about the kind of failures with label happen in SDN. A critical survey based on the recently proposed mechanisms for handling failures in SDN. Initially, we discussed with the help of tabular data involving mechanism of data plane failure. We also discussed the various mechanisms for handling misconfiguration of drift able of switches and control plane failure handling mechanisms. We also epitomize issues with both data and control plane mechanism that are discussed earlier. In the end, we are stating that there is need of build much efficient and secure mechanism for SDN networks.

scholarly journals Performance Evaluation of Pox Controller for Software Defined Networks

2019 ◽  
Vol 8 (9S2) ◽  
pp. 679-684
Keyword(s):  
Performance Metrics ◽  
Network Control ◽  
Network Services ◽  
Software Defined Network ◽  
Software Defined Networks ◽  
Control Plane ◽  
Data Plane ◽  
Pox Controller ◽  
New Challenges ◽  
And Control

In traditional network the coupling of data plane and control plane makes the data forwarding, processing and managing of the network hard and complex. Here each switch takes its own decision, makes the network logically decentralized. To overcome the limitations in traditional network the Engineers developed a new model network known as Software Defined Network (SDN). This network the control plane is decoupled from the data plane making it less complex. It moreover has a logically centralized approach unlike the existing network. This separation enables the network control to be directly programmable and the architecture to be abstracted for applications and network services. SDN platform provides advantages like programmability, task virtualization and easy management of the network. However, it faces new challenges towards scalability and performances. It is a must to understand and analyze the performances of SDN for implementation and deployment in live network environments. SDN working with POX is studied. This paper analyses the working of POX controller and evaluates the performance metrics of POX controller for SDN environment. The emulation is done using the Emulation software

Architectural approaches for the integration of the service plane and control plane in optical networks

2008 ◽  
Vol 5 (2-3) ◽  
pp. 94-106 ◽  
Author(s):  
Nicola Ciulli ◽  
Gino Carrozzo ◽  
Giodi Giorgi ◽  
Georgios Zervas ◽  
Eduard Escalona ◽  
...  
Keyword(s):  
Optical Networks ◽  
Control Plane ◽  
And Control
Sign in / Sign up

Export Citation Format

Share Document