scholarly journals FORTRESS: An Efficient and Distributed Firewall for Stateful Data Plane SDN

2019 ◽  
Vol 2019 ◽  
pp. 1-16 ◽  
Author(s):  
Maurantonio Caprolu ◽  
Simone Raponi ◽  
Roberto Di Pietro
Keyword(s):  
Architectural Design ◽  
Communication Channel ◽  
Modular Design ◽  
State Of The Art ◽  
Control Plane ◽  
Dynamic Nature ◽  
Research Directions ◽  
Logic Module ◽  
Data Plane ◽  
The Ideal

The Software Defined Networking (SDN) paradigm decouples the logic module from the forwarding module on traditional network devices, bringing a wave of innovation to computer networks. Firewalls, as well as other security appliances, can largely benefit from this novel paradigm. Firewalls can be easily implemented by using the default OpenFlow rules, but the logic must reside in the control plane due to the dynamic nature of their rules that cannot be handled by data plane devices. This leads to a nonnegligible overhead in the communication channel between layers, as well as introducing an additional computational load on the control plane. To address the above limitations, we propose the architectural design of FORTRESS: a stateful firewall for SDN networks that leverages the stateful data plane architecture to move the logic of the firewall from the control plane to the data plane. FORTRESS can be implemented according to two different architectural designs: Stand-Alone and Cooperative, each one with its own peculiar advantages. We compare FORTRESS against FlowTracker, the state-of-the-art solution for SDN firewalling, and show how our solution outperforms the competitor in terms of the number of packets exchanged between the control plane and the data plane—we require 0 packets for the Stand-Alone architecture and just 4 for the Cooperative one. Moreover, we discuss how the adaptability, elegant and modular design, and portability of FORTRESS contribute to make it the ideal candidate for SDN firewalling. Finally, we also provide further research directions.

scholarly journals Resource Management in SDN-Based Cloud and SDN-Based Fog Computing: Taxonomy Study

Symmetry ◽  
2021 ◽  
Vol 13 (5) ◽  
pp. 734
Author(s):  
Amirah Alomari ◽  
Shamala K. Subramaniam ◽  
Normalia Samian ◽  
Rohaya Latip ◽  
Zuriati Zukarnain
Keyword(s):  
Resource Management ◽  
Power Consumption ◽  
State Of The Art ◽  
Fog Computing ◽  
Energy Optimization ◽  
Simulation Tool ◽  
Software Defined Networks ◽  
Control Plane ◽  
Data Plane ◽  
Open Issues

Software-defined networks (SDN) is an evolution in networking field where the data plane is separated from the control plane and all the controlling and management tasks are deployed in a centralized controller. Due to its features regarding ease management, it is emerged in other fields such as cloud and fog computing in order to manage asymmetric communication across nodes, thus improving the performance and reducing the power consumption. This study focused on research that were conducted in SDN-based clouds and SDN-based fogs. It overviewed the important contributions in SDN clouds in terms of improving network performances and energy optimization. Moreover, state-of-the-art studies in SDN fogs are presented. The features, methods, environment, dataset, simulation tool and main contributions are highlighted. Finally, the open issues related to both SDN clouds and SDN fogs are defined and discussed.

Equivariant Adversarial Network for Image-to-image Translation

2021 ◽  
Vol 17 (2s) ◽  
pp. 1-14
Author(s):  
Masoumeh Zareapoor ◽  
Jie Yang
Keyword(s):  
State Of The Art ◽  
Generative Models ◽  
Generative Model ◽  
Target Domain ◽  
Adversarial Network ◽  
Proposed Model ◽  
Image Translation ◽  
Great Performance ◽  
Representative Model ◽  
The Ideal

Image-to-Image translation aims to learn an image from a source domain to a target domain. However, there are three main challenges, such as lack of paired datasets, multimodality, and diversity, that are associated with these problems and need to be dealt with. Convolutional neural networks (CNNs), despite of having great performance in many computer vision tasks, they fail to detect the hierarchy of spatial relationships between different parts of an object and thus do not form the ideal representative model we look for. This article presents a new variation of generative models that aims to remedy this problem. We use a trainable transformer, which explicitly allows the spatial manipulation of data within training. This differentiable module can be augmented into the convolutional layers in the generative model, and it allows to freely alter the generated distributions for image-to-image translation. To reap the benefits of proposed module into generative model, our architecture incorporates a new loss function to facilitate an effective end-to-end generative learning for image-to-image translation. The proposed model is evaluated through comprehensive experiments on image synthesizing and image-to-image translation, along with comparisons with several state-of-the-art algorithms.

An intelligent flow-based and signature-based IDS for SDNs using ensemble feature selection and a multi-layer machine learning-based classifier

2020 ◽  
pp. 1-20
Author(s):  
K. Muthamil Sudar ◽  
P. Deepalakshmi
Keyword(s):  
Machine Learning ◽  
Feature Selection ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Network Architecture ◽  
Detection System ◽  
Software Defined Networking ◽  
Control Plane ◽  
Control Logic ◽  
Data Plane

Software-defined networking is a new paradigm that overcomes problems associated with traditional network architecture by separating the control logic from data plane devices. It also enhances performance by providing a highly-programmable interface that adapts to dynamic changes in network policies. As software-defined networking controllers are prone to single-point failures, providing security is one of the biggest challenges in this framework. This paper intends to provide an intrusion detection mechanism in both the control plane and data plane to secure the controller and forwarding devices respectively. In the control plane, we imposed a flow-based intrusion detection system that inspects every new incoming flow towards the controller. In the data plane, we assigned a signature-based intrusion detection system to inspect traffic between Open Flow switches using port mirroring to analyse and detect malicious activity. Our flow-based system works with the help of trained, multi-layer machine learning-based classifier, while our signature-based system works with rule-based classifiers using the Snort intrusion detection system. The ensemble feature selection technique we adopted in the flow-based system helps to identify the prominent features and hasten the classification process. Our proposed work ensures a high level of security in the Software-defined networking environment by working simultaneously in both control plane and data plane.

scholarly journals Bianisotropic metasurfaces: physics and applications

Nanophotonics ◽  
2018 ◽  
Vol 7 (6) ◽  
pp. 1069-1094 ◽  
Author(s):  
Viktar S. Asadchy ◽  
Ana Díaz-Rubio ◽  
Sergei A. Tretyakov
Keyword(s):  
State Of The Art ◽  
Surface Current ◽  
Magnetic Surface ◽  
Magnetic Polarization ◽  
Research Directions ◽  
Magnetic Current ◽  
Asymmetric Reflection ◽  
Composite Layers ◽  
Electric And Magnetic Fields

AbstractMetasurfaces as optically thin composite layers can be modeled as electric and magnetic surface current sheets flowing in the layer volume in the metasurface plane. In the most general linear metasurface, the electric surface current can be induced by both incident electric and magnetic fields. Likewise, magnetic polarization and magnetic current can be induced also by external electric field. Metasurfaces which exhibit magnetoelectric coupling are called bianisotropic metasurfaces. In this review, we explain the role of bianisotropic properties in realizing various metasurface devices and overview the state-of-the-art of research in this field. Interestingly, engineered bianisotropic response is seen to be required for realization of many key field transformations, such as anomalous refraction, asymmetric reflection, polarization transformation, isolation, and more. Moreover, we summarize previously reported findings on uniform and gradient bianisotropic metasurfaces and envision novel and prospective research directions in this field.

scholarly journals Social commerce—state-of-the-art and future research directions

2016 ◽  
Vol 26 (3) ◽  
pp. 269-290 ◽  
Author(s):  
Catherine Baethge ◽  
Julia Klier ◽  
Mathias Klier
Keyword(s):  
State Of The Art ◽  
Future Research ◽  
Social Commerce ◽  
Research Directions ◽  
Future Research Directions

Some Possible Lines of Development in Aircraft Engines

1921 ◽  
Vol 25 (123) ◽  
pp. 130-165
Keyword(s):  
Present State ◽  
State Of The Art ◽  
Point Of View ◽  
Aircraft Engines ◽  
Aero Engine ◽  
The Ideal

In the following paper the writer's aim is to indicate certain possible lines of development and research which his own investigations and preliminary experiments have shown to be at least worthy of serious consideration.If we review the present state of the art we find the position to be substantially as follows :—From a thermodynamic point of view the performance of the modern aero engine has approached so nearly to the ideal obtainable from the cycle on which it operates that there is little scope for improvement.

Sign in / Sign up

Export Citation Format

Share Document