scholarly journals A Methodology to Alleviation of Security Attack in Software Defined Network

2019 ◽  
Vol 8 (3) ◽  
pp. 5234-5241
Keyword(s):  
Computer Network ◽  
Safety Issue ◽  
Denial Of Service ◽  
Network Virtualization ◽  
Safety Data ◽  
Software Defined Network ◽  
Control Plane ◽  
Business Environments ◽  
Data Plane ◽  
Cloud Network

Computer Network is a collaboration platform for digital gadgets. Virtualization is abstracting layers from underlying Architecture. Virtualization platform provides flexibility, green resource usage and fast deployment of the carrier. Integration of Computer Network and Virtualization Platform Create Network Virtualization Platform. Software-Defined Network (SDN) Provide dynamic and scalable networking offerings to Business Environments Cloud Network and Data Centers. SDN is controlling network infrastructure with the control plane. Security is a challenging problem for the network. SDN comes with Network Programmability and automation. SDN has an advantage, but it contains a new safety issue. SDN is focused on network safety data plane and control. Security Challenges in SDN is Control Plane, Data Plane Attacks. In Controller Layer Attacker at controller Layer, an routing, visitors filtering denying, or allowing unnecessary site visitors. Control plane assault used to drop or lack of manage over traffic policy and Quality of carrier control. Data Plane Attack Attacker can create DOS Denial of Service.

scholarly journals Proposed approach to detect distributed denial of service attacks in software defined network using machine learning algorithms

2018 ◽  
Vol 7 (2.8) ◽  
pp. 472 ◽  
Author(s):  
Shruti Banerjee ◽  
Partha Sarathi Chakraborty ◽  
. .
Keyword(s):  
Machine Learning ◽  
Denial Of Service ◽  
Learning Algorithms ◽  
Machine Learning Algorithms ◽  
Paper Machine ◽  
Software Defined Network ◽  
Distributed Denial Of Service ◽  
Control Plane ◽  
Data Plane ◽  
And Control

SDN (Software Defined Network) is rapidly gaining importance of ‘programmable network’ infrastructure. The SDN architecture separates the Data plane (forwarding devices) and Control plane (controller of the SDN). This makes it easy to deploy new versions to the infrastructure and provides straightforward network virtualization. Distributed Denial-of-Service attack is a major cyber security threat to the SDN. It is equally vulnerable to both data plane and control plane. In this paper, machine learning algorithms such as Naïve Bayesian, KNN, K Means, K-Medoids, Linear Regression, use to classify the incoming traffic as usual or unusual. Above mentioned algorithms are measured using the two metrics: accuracy and detection rate. The best fit algorithm is applied to implement the signature IDS which forms the module 1 of the proposed IDS. Second Module uses open connections to state the exact node which is an attacker and to block that particular IP address by placing it in Access Control List (ACL), thus increasing the processing speed of SDN as a whole. 

scholarly journals A Review on Software-Defined Networking Distributed Controllers

2020 ◽  
Vol 9 (2) ◽  
pp. 24953-24961
Author(s):  
Worku Muluye
Keyword(s):  
Network Architecture ◽  
Computer Network ◽  
Software Defined Networking ◽  
Critical Issue ◽  
Software Defined Network ◽  
Control Plane ◽  
Second Best ◽  
Distributed Controller ◽  
Data Plane ◽  
Distributed Controllers

A computer network is a critical issue in our day to day activity; however, today it works under various problems. Since in the current network architecture the control plane and data plane are vertically bundled on the same device. To solve this problem programmable Software-Defined Network is released. OpenFlow is a protocol that vertically separates control plane and data plane of the network devices. In SDN the controllers are the brains of the network that controls the network devices. Today’s network required successful integration of distributed controllers to make the network more consistent. SDN distributed controller is a controller that we can add or remove the controllers according to the number of devices change. Distributed controller architecture has investigated and compared the 6 recent distributed controllers by using 26 criteria. Orion is the first best controller and ONOS is the second best controller.

ANALISA PERFORMANSI CONTROLLER PADA ARSITEKTUR JARINGAN SOFTWARE DEFINED NETWORK (SDN)

Repositor ◽  
2020 ◽  
Vol 2 (12) ◽  
pp. 1727
Author(s):  
Agung Dwi Rahmawan ◽  
Syaifuddin Syaifuddin ◽  
Diah Risqiwati
Keyword(s):  
Packet Loss ◽  
Network Architecture ◽  
Computer Network ◽  
Destination Node ◽  
Software Defined Network ◽  
Control Plane ◽  
Value Analysis ◽  
Background Traffic ◽  
Data Plane

AbstrakSoftware Defined Network (SDN) merupakan sebuah konsep pendekatan baru dalam jaringan untuk mendesain, membangun serta mengelola suatu jaringan komputer. Konsep ini melakukan pemisahan terhadap Data Plane dan Control Plane. Dalam konsep SDN ini terdapat suatu komponen penting yang bertanggung jawab terhadap segala aturan dalam pengelolaan dan pendistribusian informasi terhadap seluruh perangkat jaringan yaitu Controller. Karena peran Controller yang penting maka performa dari Controller perlu diuji sehingga dapat mengetahui kemampuan dari Controller yang digunakan. Dalam penelitian ini dilakukan perbandingan analisis nilai Quality of Services (QoS) terhadap implementasi SDN menggunakan Controller Floodlight dan Ryu dengan menjalankan topologi linear dan mesh dalam jumlah Switch yang beragam mulai dari 4, 8, 12 dan 16 Switch. Selama pengujian berlangsung dari node sumber ke node tujuan yang sama juga dialiri variasi background traffic mulai dari 50 hingga 200 Mbps.  Hasil yang didapatkan yaitu Controller Ryu memiliki nilai QoS yang lebih baik dari floodlight pada semua topologi yang diujikan, nilai latency dan jitter pada floodlight lebih tinggi dari ryu serta cenderung meningkat pada traffic 100 Mbps Pada throughput, ryu memiliki nilai lebih tinggi dengan kisaran 856-933 Kbps. Sedangkan pada packet loss floodlight lebih tinggi sementara ryu hanya memiliki rata-rata packet loss sebesar 0,5%. Namun pada pengujian hanya pada jumlah switch, floodlight menjamin dalam tingkat respons serta pengelolaan data yang besar di dalam arsitektur jaringan SDN.Abstract Software Defined Network (SDN) is a concept of a new approach in networking to design, build and manage a computer network. This concept separates the Data Plane and Control Plane. In this SDN concept there is an important component that is responsible for all rules in the management and distribution of information to all network devices that is Controller. Due to the important Controller role then the performance of the Controller needs to be tested so as to know the ability of the Controller to use. In this study, a comparison of Quality of Service (QoS) value analysis on SDN implementation using Floodlight and Ryu Controller by running linear and mesh topology in varying number of Switches ranging from 4, 8, 12 and 16 Switch. During the test from the source node to the same destination node is also varies background traffic ranging from 50 to 200 Mbps. The result is that Controller Ryu has better QoS value than floodlight on all tested topologies, the latency and jitter values on the floodlight are higher than ryu and tend to increase on 100 Mbps traffic. Throughput On ryu. have a higher value with the range of 856-933 Kbps. While the packet loss floodlight higher while ryu only have an average packet loss of 0.5%. But on testing only on the number of switches, the floodlight guarantees great response rates and data management within the SDN network architecture.

scholarly journals Pengujian Serangan UDP Flood di Jaringan Software-Defined pada GNS3

2018 ◽  
Vol 3 (1) ◽  
pp. 15
Author(s):  
Alimuddin Yasin ◽  
Salman Suleman
Keyword(s):  
Denial Of Service ◽  
Software Defined Network ◽  
Control Plane ◽  
Data Plane

Abstract— Software Defined Network (SDN) adalah teknologi baru dalam jaringan komputer. Dimana dalam arsitektur ini control plane terpisah dengan data plane. Controller sebagai control plane dan switch  sebagai data plane yang dihubungkan oleh protokol openflow. Teknologi ini masih dalam tahap pengembangan sehingga isu keamanan masih terbuka lebar untuk diteliti terlebih serangan dampak Distrubuted Denial of Service (DDoS) pada switch openflow. Untuk mensimulasikan serangan DDoS di jaringan SDN dipilih software simulator GNS3 untuk mensimulasikan arsitektur jaringan SDN untuk menguji dampak serangan DDoS terhadap kualitas jaringan saat serangan DDoS terjadi. Serangan DDoS dapat mempengaruhi kualitas jaringan di Arsitektur jaringan SDN di GNS3 sehingga mengakitbatkan switch openflow tidak dapat berfungsi sementara waktu

IMPLEMENTASI DAN ANALISIS EFEKTIVITAS FIREWALL PADA SOFTWARE DEFINED NETWORK BERBASIS OPENFLOW

2018 ◽  
Vol 4 (2) ◽  
pp. 46-57
Author(s):  
Fathul Muiin ◽  
Henry Saptono
Keyword(s):  
Software Defined Network ◽  
Control Plane ◽  
Flow Table ◽  
Data Plane

Penggunaan akses internet di dunia semakin berkembang, dan selaras dengan perkembangan teknologi jaringan komputer yang semakin kompleks. Oleh karena itu, keamanan data pada sebuah komputer menjadi salah satu bagian yang sangat penting dalam sebuah jaringan. Dan SDN merupakan sebuah solusi untuk menyediakan kebutuhan jaringan komputer saat ini. Software Defined Network (SDN) merupakan pendekatan pada teknologi jaringan yang melakukan penyederhanaan terhadap kontrol dan manajemen jaringan. Pada jaringan ini nantinya akan menggunakan protokol openflow, yang prinsip utamanya memisahkan fungsi control plane dan data plane pada perangkat. Kontrol jaringan pada sebuah controller bersifat programmable, jadi dengan adanya SDN maka jaringan akan mudah diatur dan lebih fleksibel. Implementasi dan analisis firewall ini menggunakan emulator mininet untuk membuat topologi jaringan yang sederhana. Dalam pengujian firewall menggunakan bahasa XML untuk implementasi aliran data, lalu menggunakan aplikasi postman sebagai alat untuk menambahkan flow table baru pada switch, dan controller yang digunakan adalah opendaylight.

scholarly journals Mitigation of DDoS attack instigated by compromised switches on SDN controller by analyzing the flow rule request traffic

2018 ◽  
Vol 7 (2.6) ◽  
pp. 46 ◽  
Author(s):  
Sanjeetha R ◽  
Shikhar Srivastava ◽  
Rishab Pokharna ◽  
Syed Shafiq ◽  
Dr Anita Kanavalli
Keyword(s):  
Network Architecture ◽  
Flow Rule ◽  
Software Defined Network ◽  
Ddos Attacks ◽  
Control Plane ◽  
Ddos Attack ◽  
Flow Table ◽  
Data Plane ◽  
Ddos Detection ◽  
Sdn Controller

Software Defined Network (SDN) is a new network architecture which separates the data plane from the control plane. The SDN controller implements the control plane and switches implement the data plane. Many papers discuss about DDoS attacks on primary servers present in SDN and how they can be mitigated with the help of controller. In our paper we show how DDoS attack can be instigated on the SDN controller by manipulating the flow table entries of switches, such that they send continuous requests to the controller and exhaust its resources. This is a new, but one of the possible way in which a DDoS attack can be performed on controller. We show the vulnerability of SDN for this kind of attack. We further propose a solution for mitigating it, by running a DDoS Detection module which uses variation of flow entry request traffic from all switches in the network to identify compromised switches and blocks them completely.

scholarly journals Cloud Based Data Protection in Anonymously Controlled SDN

2018 ◽  
Vol 2018 ◽  
pp. 1-8 ◽  
Author(s):  
Jian Shen ◽  
Jun Shen ◽  
Chin-Feng Lai ◽  
Qi Liu ◽  
Tianqi Zhou
Keyword(s):  
Data Protection ◽  
The Other ◽  
Software Defined Network ◽  
Storage Space ◽  
Control Plane ◽  
Conventional Model ◽  
Novel Structure ◽  
Data Plane ◽  
Single Controller ◽  
The One

Nowadays, Software Defined Network (SDN) develops rapidly for its novel structure which separates the control plane and the data plane of network devices. Many researchers devoted themselves to the study of such a special network. However, some limitations restrict the development of SDN. On the one hand, the single controller in the conventional model bears all threats, and the corruption of it will result in network paralysis. On the other hand, the data will be increasing more in SDN switches in the data plane, while the storage space of these switches is limited. In order to solve the mentioned issues, we propose two corresponding protocols in this paper. Specifically, one is an anonymous protocol in the control plane, and the other is a verifiable outsourcing protocol in the data plane. The evaluation indicates that our protocol is correct, secure, and efficient.

scholarly journals ADAPTIVE ENTROPY-BASED DETECTION AND MITIGATION OF DDOS ATTACKS IN SOFTWARE DEFINED NETWORKS

2020 ◽  
pp. 399-410
Author(s):  
Jawad Dalou' ◽  
Basheer Al-Duwairi ◽  
Mohammad Al-Jarrah
Keyword(s):  
Denial Of Service ◽  
Attack Detection ◽  
Point Of View ◽  
Software Defined Networks ◽  
Distributed Denial Of Service ◽  
Ddos Attacks ◽  
Control Plane ◽  
Data Plane ◽  
And Control ◽  
Sdn Controller

Software Defined Networking (SDN) has emerged as a new networking paradigm that is based on the decoupling between data plane and control plane providing several benefits that include flexible, manageable, and centrally controlled networks. From a security point of view, SDNs suffer from several vulnerabilities that are associated with the nature of communication between control plane and data plane. In this context, software defined networks are vulnerable to distributed denial of service attacks. In particular, the centralization of the SDN controller makes it an attractive target for these attacks because overloading the controller with huge packet volume would result in bringing the whole network down or degrade its performance. Moreover, DDoS attacks may have the objective of flooding a network segment with huge traffic volume targeting single or multiple end systems. In this paper, we propose an entropy-based mechanism for Distributed Denial of Service (DDoS) attack detection and mitigation in SDN networks. The proposed mechanism is based on the entropy values of source and destination IP addresses of flows observed by the SDN controller which are compared to a preset entropy threshold values that change in adaptive manner based on network dynamics. The proposed mechanism has been evaluated through extensive simulation experiments.

scholarly journals Simulasi Virtual Local Area Network (VLAN) Berbasis Software Defined Network (SDN) Menggunakan POX Controller

2015 ◽  
Vol 7 (2) ◽  
pp. 129
Author(s):  
Rohmat Tulloh ◽  
Ridha Muldina Negara ◽  
Arif Nur Hidayat
Keyword(s):  
Local Area Network ◽  
Local Area ◽  
Area Network ◽  
Software Defined Network ◽  
Control Plane ◽  
Trip Time ◽  
Background Traffic ◽  
Data Plane ◽  
Pox Controller ◽  
Set Up

VLAN (Virtual LAN) merupakan sebuah teknologi yang dapat mengkonfigurasi jaringan logis independen dari struktur jaringan fisik. Hasil dari penelitian sebelumnya sudah diprediksi bahwa dibutuhkan Virtual Network yang akhirnya terciptalah VLAN. Namun paradigma jaringan saat ini tidak flexible, ketergantungan terhadap vendor sangat besar karena fungsi data plane dan control plane berada dalam satu paket device. SDN (Software defined network) yang merupakan salahsatu evolusi teknologi jaringan sesuai dengan tuntutan yang berkembang dimana memisahkan fungsi data plane dan control plane pada suatu perangkat. POX Controller digunakan untuk men-simulasikan dan menguji Platform SDN (Software defined network). Pada penelitian ini menggunakan Openflow versi 1.0 untuk memasang header VLAN sehingga penelitian ini difokuskan untuk mengevaluasi performa forwarding VLAN yang memanfaatkan Openflow sebagai control plane dapat berfungsi dengan baik. Hasil penelitian ini mengusulkan penerapan karakteristik teknologi VLAN pada SDN karena telah berjalan dengan benar sesuai hasil pengujian konektifitas, verifikasi dan keamanan. Kemudian hasil pengujian lanjutan untuk melihat pengaruh SDN dengan skenario penambahan jumlah VLAN ID didapatkan bahwa set-up time akan bertambah seiring meningkatnya jumlah host dan dengan menggunakan protokol OpenFlow, latency yang terjadi di jaringan dapat dipantau dengan parameter round trip time (RTT) yang stabil direntang 0,2 sampai 6 second walaupun jumlah vlan_id dan background traffic bertambah.

scholarly journals The Deployment of Routing Protocols in Distributed Control Plane of SDN

2014 ◽  
Vol 2014 ◽  
pp. 1-8 ◽  
Author(s):  
Zhou Jingjing ◽  
Cheng Di ◽  
Wang Weiming ◽  
Jin Rong ◽  
Wu Xiaochun
Keyword(s):  
Distributed Control ◽  
Closed System ◽  
Routing Protocols ◽  
Network Architecture ◽  
Software Defined Network ◽  
Control Plane ◽  
Data Plane ◽  
Simulation Results ◽  
Routing Control ◽  
Programmable Network

Software defined network (SDN) provides a programmable network through decoupling the data plane, control plane, and application plane from the original closed system, thus revolutionizing the existing network architecture to improve the performance and scalability. In this paper, we learned about the distributed characteristics of Kandoo architecture and, meanwhile, improved and optimized Kandoo’s two levels of controllers based on ideological inspiration of RCP (routing control platform). Finally, we analyzed the deployment strategies of BGP and OSPF protocol in a distributed control plane of SDN. The simulation results show that our deployment strategies are superior to the traditional routing strategies.

Sign in / Sign up

Export Citation Format

Share Document