An approach for slow distributed denial of service attack detection and alleviation in software defined networks

Over the last few years, the need for programmable networks has captured the interest of industrialists and academicians. It has led to the development of a paradigm called software defined network (SDN). It separates the network intelligence into the control plane and forwarding logic into the data plane. This architecture gives scope to various security issues of which denial of service (DoS) is the most common and challenging to detect. This paper focuses on the detection and mitigation of a slow DoS attack called Slowloris on Apache2 server in SDN based networks. The proposed solution is called Slowloris detection and mitigation mechanism (SDMM). Mininet, an emulator, and SimpleHTTPServer are used for simulation and the same is implemented using Zodiac FX OpenFlow switch, Ryu controller and Apache2 server. SDMM algorithm detects and mitigates prolonged Slowloris attack in typical networks as well as in slow networks with low bandwidth and high delay in 240-280s with an accuracy of 100% and 98% respectively. It uses expectation of burst size as a key factor for detection.

Artificial Intelligence Control Logic in Next-Generation Programmable Networks

The new generation of programmable networks allow mechanisms to be deployed for the efficient control of dynamic bandwidth allocation and ensure Quality of Service (QoS) in terms of Key Performance Indicators (KPIs) for delay or loss sensitive Internet of Things (IoT) services. To achieve flexible, dynamic and automated network resource management in Software-Defined Networking (SDN), Artificial Intelligence (AI) algorithms can provide an effective solution. In the paper, we propose the solution for network resources allocation, where the AI algorithm is responsible for controlling intent-based routing in SDN. The paper focuses on the problem of optimal switching of intents between two designated paths using the Deep-Q-Learning approach based on an artificial neural network. The proposed algorithm is the main novelty of this paper. The Developed Networked Application Emulation System (NAPES) allows the AI solution to be tested with different patterns to evaluate the performance of the proposed solution. The AI algorithm was trained to maximize the total throughput in the network and effective network utilization. The results presented confirm the validity of applied AI approach to the problem of improving network performance in next-generation networks and the usefulness of the NAPES traffic generator for efficient economical and technical deployment in IoT networking systems evaluation.

Cybersecurity in ICT Supply Chains: Key Challenges and a Relevant Architecture

The specific demands of supply chains built upon large and complex IoT systems, make it a must to design a coordinated framework for cyber resilience provisioning, intended to guarantee trusted supply chains of ICT systems, built upon distributed, dynamic, potentially insecure, and heterogeneous ICT infrastructures. As such, the solution proposed in this paper is envisioned to deal with the whole supply chain system components, from the IoT ecosystem to the infrastructure connecting them, addressing security and privacy functionalities related to risks and vulnerabilities management, accountability, and mitigation strategies, as well as security metrics and evidence-based security assurance. In this paper, we present FISHY as a preliminary architecture that is designed to orchestrate existing and beyond state-of-the-art security appliances in composed ICT scenarios. To this end, the FISHY architecture leverages the capabilities of programmable networks and IT infrastructure through seamless orchestration and instantiation of novel security services, both in real-time and proactively. The paper also includes a thorough business analysis to go far beyond the technical benefits of a potential FISHY adoption, as well as three real-world use cases highlighting the envisioned benefits of a potential FISHY adoption.

P4-KBR: A Key-Based Routing System for P4-Programmable Networks

Software-defined networking (SDN) architecture has provided well-known advantages in terms of network programmability, initially offering a standard, open, and vendor-agnostic interface (e.g., OpenFlow) to instruct the forwarding behavior of network devices from different vendors. However, in the last few years, data plane programmability has emerged as a promising approach to extend the network management allowing the definition and programming of customized and non-standardized protocols, as well as specific packet processing pipelines. In this paper, we propose an in-network key-based routing protocol called P4-KBR, in which end-points (hosts, contents or services) are identified by virtual identifiers (keys) instead of IP addresses, and where P4 network elements are programmed to be able to route the packets adequately. The proposal was implemented and evaluated using bmv2 P4 switches, verifying how data plane programmability offers a powerful tool to overcome continuing challenges that appear in SDN networks.