scholarly journals IMPLEMENTING NDN USING SDN: A REVIEW ON METHODS AND APPLICATIONS

2016 ◽  
Vol 17 (2) ◽  
pp. 11-20 ◽  
Author(s):  
Shiva Rowshanrad ◽  
Mohamad Reza Parsaei ◽  
Manijeh Keshtgari
Keyword(s):  
Computer Networks ◽  
Network Architecture ◽  
Software Defined Networking ◽  
Network Architectures ◽  
Control Plane ◽  
Network Resources ◽  
End Points ◽  
Important Requirement ◽  
Data Plane ◽  
Data Networking

In recent years many claims about the limitations of todays’ network architecture, its lack of flexibility and ability to response to ongoing changes and increasing users demands. In this regard, new network architectures are proposed. Software Defined Networking (SDN) is one of these new architectures which centralizes the control of network by separating control plane from data plane. This separation leads to intelligence, flexibility and easier control in computer networks. One of the advantages of this framework is the ability to implement and test new protocols and architectures in actual networks without any concern of interruption.Named Data Networking (NDN) is another paradigm for future network architecture. With NDN the network becomes aware of the content that is providing, rather than just transferring it among end-points. NDN attracts researchers’ attention and known as the potential future of networking and internet. Providing NDN functionalities over SDN is an important requirement to enable the innovation and optimization of network resources. In this paper first we describe about SDN and NDN, and then we introduce methods for implementing NDN using SDN. We also point out the advantages and applications of implementing NDN over SDN.

An intelligent flow-based and signature-based IDS for SDNs using ensemble feature selection and a multi-layer machine learning-based classifier

2020 ◽  
pp. 1-20
Author(s):  
K. Muthamil Sudar ◽  
P. Deepalakshmi
Keyword(s):  
Machine Learning ◽  
Feature Selection ◽  
Intrusion Detection ◽  
Intrusion Detection System ◽  
Network Architecture ◽  
Detection System ◽  
Software Defined Networking ◽  
Control Plane ◽  
Control Logic ◽  
Data Plane

Software-defined networking is a new paradigm that overcomes problems associated with traditional network architecture by separating the control logic from data plane devices. It also enhances performance by providing a highly-programmable interface that adapts to dynamic changes in network policies. As software-defined networking controllers are prone to single-point failures, providing security is one of the biggest challenges in this framework. This paper intends to provide an intrusion detection mechanism in both the control plane and data plane to secure the controller and forwarding devices respectively. In the control plane, we imposed a flow-based intrusion detection system that inspects every new incoming flow towards the controller. In the data plane, we assigned a signature-based intrusion detection system to inspect traffic between Open Flow switches using port mirroring to analyse and detect malicious activity. Our flow-based system works with the help of trained, multi-layer machine learning-based classifier, while our signature-based system works with rule-based classifiers using the Snort intrusion detection system. The ensemble feature selection technique we adopted in the flow-based system helps to identify the prominent features and hasten the classification process. Our proposed work ensures a high level of security in the Software-defined networking environment by working simultaneously in both control plane and data plane.

scholarly journals A Review on Software-Defined Networking Distributed Controllers

2020 ◽  
Vol 9 (2) ◽  
pp. 24953-24961
Author(s):  
Worku Muluye
Keyword(s):  
Network Architecture ◽  
Computer Network ◽  
Software Defined Networking ◽  
Critical Issue ◽  
Software Defined Network ◽  
Control Plane ◽  
Second Best ◽  
Distributed Controller ◽  
Data Plane ◽  
Distributed Controllers

A computer network is a critical issue in our day to day activity; however, today it works under various problems. Since in the current network architecture the control plane and data plane are vertically bundled on the same device. To solve this problem programmable Software-Defined Network is released. OpenFlow is a protocol that vertically separates control plane and data plane of the network devices. In SDN the controllers are the brains of the network that controls the network devices. Today’s network required successful integration of distributed controllers to make the network more consistent. SDN distributed controller is a controller that we can add or remove the controllers according to the number of devices change. Distributed controller architecture has investigated and compared the 6 recent distributed controllers by using 26 criteria. Orion is the first best controller and ONOS is the second best controller.

scholarly journals Detection and Mitigation of Flood Attacks in IPv6 Enabled Software Defined Networks

2020 ◽  
pp. 1-9
Author(s):  
O. Ashimi Quadri ◽  
Adeniji Oluwashola David
Keyword(s):  
Network Architecture ◽  
Denial Of Service ◽  
Cost Effective ◽  
Centralized Control ◽  
Ddos Attacks ◽  
Control Plane ◽  
Network Resources ◽  
Effective Manner ◽  
Data Plane ◽  
Experimental Testbed

Software-defined networking (SDN) is an emerging technology, which provides network architecture that decouples the control plane from the data plane. Due to the centralized control, the network becomes more dynamic, and the network resources are managed in a more efficient and cost-effective manner. The centralization of the control plane requires robust and real-time security techniques. The security Techniques will protect it from any sign of vulnerabilities associated with the network such as a distributed denial of service (DDoS) attacks. The problem of the data-plane is that the attack is hard to be tracked by the SDN controlling plane. This makes the switches to be more susceptible against these types of attacks and hence it is very important to have quick provisional methods in place to prevent the switches from breaking down as soon as first signs of an attack are detected. To resolve this problem, the research developed a mechanism that detects and mitigates flood attacks in IPv6 enabled software to define networks. An experimental testbed was developed using sFlow technique, floodlight controller, and OpenFlow version 1.3. A mitigation algorithm was also developed and was tested with a simulation tool Mininet. The real network traffic was tested on the testbed to investigate the effective mitigation of a DDoS attack. The mitigation time performance for IPv6 was 46.6% while IPv4 was 66.6%. Also, The result gathered from the experiment showed that both the response and detection times were 4 secs while the mitigation time was 7secs respectively. The overall control time being 11 secs. The experimental Testbed result shows that the developed testbed outperformed the previous methods with the ability to detect threats on the network faster. The result from the IPv6 testbed is a probable solution to mitigate the threats posed by DDoS attacks on the IPv6 enabled SDN network resources.

scholarly journals Improving the Fault Tolerance of Elements of Modern Infocommunication Networks with the Use of Default Gateway Redundancy Protocols

2020 ◽  
pp. 68-81
Author(s):  
Oleksandra Yeremenko ◽  
Amal Mersni
Keyword(s):  
Fault Tolerance ◽  
Network Architecture ◽  
Fault Tolerant ◽  
Future Research ◽  
Software Defined Network ◽  
Control Plane ◽  
Network Resources ◽  
Data Plane ◽  
Recent Developments ◽  
Control Traffic

The article is devoted to the Network Layer means to ensure resilience during designing an infocommunication system that can counteract faults and failures. A review of the default gateway redundancy protocols concept and analysis of recent developments to overcome fault tolerance challenges in the Software-Defined Networks (SDN) control plane are conducted. In addition, an approach to the use of default gateway redundancy protocols in the existing Software-Defined Network architecture is proposed. Therefore, within the approach, the redundancy of the virtual controller is organized based on the current protocol implemented in traditional IP networks, and the SDN switch interacts with the virtual controller. This mechanism aims to reduce the amount of circulating overhead (control traffic), and the backup controller’s organization increases the control plane’s reliability. Whereas in hybrid and hierarchical SDN networks with border routers, the GLBP mechanism can be applied, which increases the reliability of the controller connected to the data plane. In addition, there are several scenarios where the controller that manages the operation of the SDN data plane may have multiple backup controllers to switch in case of failure, or a controller pool is used to manage each network that makes up the SDN data plane. It also highlights promising future areas for research and development to improve Software-Defined Network resilience, which contributes to the emergence of new solutions. Thus, future research directions are seen in proposing mathematical flow-based models of fault-tolerant interaction of the control plane and the data plane based on redundancy. At the same time, setting the problem in an optimization form with the implementation of load balancing will help to use available network resources effectively.

scholarly journals Software Defined Networking – Shaping up for the next disruptive step?

2015 ◽  
Vol 3 (4) ◽  
pp. 48-62 ◽  
Author(s):  
Doan Hoang
Keyword(s):  
Service Providers ◽  
Software Defined Networking ◽  
Cost Effective ◽  
Disruptive Technology ◽  
Control Plane ◽  
Network Resources ◽  
Control Data ◽  
Data Plane ◽  
The Cost ◽  
Shared Infrastructure

Software-Defined Networking (SDN) has emerged as a networking paradigm that can remove the limitations of current network infrastructures by separating the control plane from the data forwarding plane. As an immediate result, networks can be managed cost effectively and autonomously through centralising the decision-making capability at the control plane and the programmability of network devices on the data plane. This allows the two planes to evolve independently and open up separate horizontal markets on simplified network devices and programmable controllers.  More importantly, it opens up markets for infrastructure providers to provision and offer network resources on-demand to multiple tenants and for service providers to develop and deploy their services on shared infrastructure resources cost-effectively. This paper provides an essential understanding of the SDN concept and architecture. It discusses the important implications of the control/data plane separation on network devices, management and applications beyond the scope of the original SDN. It also discusses two major issues that may help to bring the disruptive technology forward: the intent northbound interface and the cost-effective SDN approaches for the industry.

scholarly journals Software Defined Networking – Shaping up for the next disruptive step?

2015 ◽  
Vol 3 (4) ◽  
pp. 48 ◽  
Author(s):  
Doan Hoang
Keyword(s):  
Service Providers ◽  
Software Defined Networking ◽  
Cost Effective ◽  
Disruptive Technology ◽  
Control Plane ◽  
Network Resources ◽  
Control Data ◽  
Data Plane ◽  
The Cost ◽  
Shared Infrastructure

Software-Defined Networking (SDN) has emerged as a networking paradigm that can remove the limitations of current network infrastructures by separating the control plane from the data forwarding plane. As an immediate result, networks can be managed cost effectively and autonomously through centralising the decision-making capability at the control plane and the programmability of network devices on the data plane. This allows the two planes to evolve independently and open up separate horizontal markets on simplified network devices and programmable controllers.  More importantly, it opens up markets for infrastructure providers to provision and offer network resources on-demand to multiple tenants and for service providers to develop and deploy their services on shared infrastructure resources cost-effectively. This paper provides an essential understanding of the SDN concept and architecture. It discusses the important implications of the control/data plane separation on network devices, management and applications beyond the scope of the original SDN. It also discusses two major issues that may help to bring the disruptive technology forward: the intent northbound interface and the cost-effective SDN approaches for the industry.

scholarly journals Load Balance in Data Center SDN Networks

2018 ◽  
Vol 8 (5) ◽  
pp. 3084 ◽  
Author(s):  
Tariq Emad Ali ◽  
Ameer Hussein Morad ◽  
Mohammed A. Abdala
Keyword(s):  
Load Balancing ◽  
Data Center ◽  
Network Architecture ◽  
Current Data ◽  
Traffic Load ◽  
Network Architectures ◽  
Data Center Networks ◽  
Network Resources ◽  
Cloud Network ◽  
And Storage

<span>In the last two decades, networks had been changed according to the rapid changing in its requirements.  The current Data Center Networks have large number of hosts (tens or thousands) with special needs of bandwidth as the cloud network and the multimedia content computing is increased. The conventional Data Center Networks (DCNs) are highlighted by the increased number of users and bandwidth requirements which in turn have many implementation limitations.  The current networking devices with its control and forwarding planes coupling result in network architectures are not suitable for dynamic computing and storage needs.  Software Defined networking (SDN) is introduced to change this notion of traditional networks by decoupling control and forwarding planes. So, due to the rapid increase in the number of applications, websites, storage space, and some of the network resources are being underutilized due to static routing mechanisms. To overcome these limitations, a Software Defined Network based Openflow Data Center network architecture is used to obtain better performance parameters and implementing traffic load balancing function. The load balancing distributes the traffic requests over the connected servers, to diminish network congestions, and reduce underutilization problem of servers. As a result, SDN is developed to afford more effective configuration, enhanced performance, and more flexibility to deal with huge network designs</span>

scholarly journals Load Balancing in Software-Defined Networking using Controller Placement

2020 ◽  
Author(s):  
Hamid Nejadnik ◽  
Rasool Sadeghi ◽  
Sayed Mahdi Faghih Imani
Keyword(s):  
Load Balancing ◽  
Software Defined Networking ◽  
Network Simulator ◽  
Control Plane ◽  
Placement Problem ◽  
Data Plane ◽  
Controller Placement ◽  
Controller Placement Problem ◽  
Load Balancer

Abstract Software Defined Networking (SDN) is a novel architecture that separates the data plane from the control plane using an external controller. Similar to traditional networks, load balancing has a great impact on the performance and availability of SDN. Therefore, the Controller Placement Problem (CPP) in SDN influences on the load balancing solutions. In this paper, various topologies of CPP including different load balancer controllers are simulated and evaluated in the SDN using the OFSwitch13 module of ns-3 network simulator. The results provide a solid comparison of the proposed topologies in different network situations.

scholarly journals Software Defined Networking Flow Table Management of OpenFlow Switches Performance and Security Challenges: A Survey

2020 ◽  
Vol 12 (9) ◽  
pp. 147 ◽  
Author(s):  
Babangida Isyaku ◽  
Mohd Soperi Mohd Zahid ◽  
Maznah Bte Kamat ◽  
Kamalrulnizam Abu Bakar ◽  
Fuad A. Ghaleb
Keyword(s):  
Large Scale ◽  
Network Performance ◽  
Software Defined Networking ◽  
Cloud Services ◽  
Future Research ◽  
Control Plane ◽  
Processing Load ◽  
Flow Table ◽  
Data Plane ◽  
Large Scale Networks

Software defined networking (SDN) is an emerging network paradigm that decouples the control plane from the data plane. The data plane is composed of forwarding elements called switches and the control plane is composed of controllers. SDN is gaining popularity from industry and academics due to its advantages such as centralized, flexible, and programmable network management. The increasing number of traffics due to the proliferation of the Internet of Thing (IoT) devices may result in two problems: (1) increased processing load of the controller, and (2) insufficient space in the switches’ flow table to accommodate the flow entries. These problems may cause undesired network behavior and unstable network performance, especially in large-scale networks. Many solutions have been proposed to improve the management of the flow table, reducing controller processing load, and mitigating security threats and vulnerabilities on the controllers and switches. This paper provides comprehensive surveys of existing schemes to ensure SDN meets the quality of service (QoS) demands of various applications and cloud services. Finally, potential future research directions are identified and discussed such as management of flow table using machine learning.

scholarly journals Mitigation of DDoS attack instigated by compromised switches on SDN controller by analyzing the flow rule request traffic

2018 ◽  
Vol 7 (2.6) ◽  
pp. 46 ◽  
Author(s):  
Sanjeetha R ◽  
Shikhar Srivastava ◽  
Rishab Pokharna ◽  
Syed Shafiq ◽  
Dr Anita Kanavalli
Keyword(s):  
Network Architecture ◽  
Flow Rule ◽  
Software Defined Network ◽  
Ddos Attacks ◽  
Control Plane ◽  
Ddos Attack ◽  
Flow Table ◽  
Data Plane ◽  
Ddos Detection ◽  
Sdn Controller

Software Defined Network (SDN) is a new network architecture which separates the data plane from the control plane. The SDN controller implements the control plane and switches implement the data plane. Many papers discuss about DDoS attacks on primary servers present in SDN and how they can be mitigated with the help of controller. In our paper we show how DDoS attack can be instigated on the SDN controller by manipulating the flow table entries of switches, such that they send continuous requests to the controller and exhaust its resources. This is a new, but one of the possible way in which a DDoS attack can be performed on controller. We show the vulnerability of SDN for this kind of attack. We further propose a solution for mitigating it, by running a DDoS Detection module which uses variation of flow entry request traffic from all switches in the network to identify compromised switches and blocks them completely.

Sign in / Sign up

Export Citation Format

Share Document