Your search keyword '"software-defined network"' showing total 523 results

1. Smart deployment of IoT-TelosB service care StreamRobot using software-defined reliability optimisation design

Author

Okafor, Kennedy Chinedu and Longe, Omowunmi Mary

Published

2022

2. Towards Robust Routing: Enabling Long-Range Perception with the Power of Graph Transformers and Deep Reinforcement Learning in Software-Defined Networks.

Author

Li, Xinyuan, Li, Junze, Zhou, Jingli, and Liu, Jun

Subjects

REINFORCEMENT learning, DEEP reinforcement learning, GRAPH neural networks, TRANSFORMER models, TRAFFIC monitoring

Abstract

Deep Reinforcement Learning (DRL) has demonstrated promising capabilities for routing optimization in Software-Defined Networks (SDNs). However, existing DRL-based routing algorithms are struggling to extract graph-structured information and constrained to a fixed topology, suffering from the lack of robustness. In this paper, we strengthen the advantages of Graph Neural Networks (GNNs) for DRL-based routing optimization and propose a novel algorithm named Graph Transformer Star Routing (GTSR) to enhance robustness against topology changes. GTSR utilizes the multi-agent architecture to enable each node to make routing decisions independently, and introduces a Graph Transformer to equip agents with the capabilities of handling topology changes. Furthermore, we carefully design a global message-passing mechanism with a virtual star node and a path-based readout method, enhancing the long-range perception of traffic and the detection of potential congestion for routing decision-making. Moreover, we construct a multi-agent cooperation mechanism to facilitate the learning of universal perceptual strategies and reduce the amount of computation. Extensive experiments on multiple real-world network topologies demonstrate that GTSR is capable of adapting to unseen topology changes without retraining and decreases end-to-end latency by at least 47% and packet loss rate by at least 10% compared to all baselines, highlighting strong robustness. [ABSTRACT FROM AUTHOR]

Published

2025

3. COMPARISON OF OPEN SOURCE SDN CONTROLLERS AND CLOUD PLATFORMS IN TERMS OF PERFORMANCE, STABILITY, AND INFRASTRUCTURE FLEXIBILITY.

Author

Mycek, Andrzej

Subjects

*SOFTWARE-defined networking, *ARTIFICIAL intelligence, *INFORMATION technology industry, *TECHNOLOGICAL innovations, *CLOUD computing

Abstract

The IT industry is advancing rapidly, with virtually every branch of modern computing experiencing swift development. Concepts such as Cloud Computing and Artificial Intelligence no longer surprise anyone. Recently, Software Defined Networks (SDN) have been gaining significant popularity. This innovative approach to computer networks allows for greater flexibility and is, therefore, much more well-known in the world of cloud computing than in traditional network implementations. This paper introduces the concept of SDN and Network Functions Virtualization (NFV) and outlines all the challenges and security issues associated with the cloud environment. The dynamic nature of the IT landscape requires constant adaptation to emerging technologies, and SDN represents a noteworthy evolution in the realm of computer networking. Platforms such as SDN and open-source tools enabling the creation of private cloud environments such as OpenStack or OpenNebula were compared. At the same time, aspects like security, network performance, flexibility, and scalability were analyzed. Based on the prior analysis, a comprehensive cloud environment was built using the OpenStack solution and SDN - OpenDaylight was deployed. Additional tests conducted on the OpenStack cloud, both with and without SDN, demonstrated the superiority of SDN implementation in the cloud. [ABSTRACT FROM AUTHOR]

Published

2024

4. Priority/Demand-Based Resource Management with Intelligent O-RAN for Energy-Aware Industrial Internet of Things.

Author

Ros, Seyha, Kang, Seungwoo, Song, Inseok, Cha, Geonho, Tam, Prohim, and Kim, Seokhoon

Subjects

DEEP reinforcement learning, REINFORCEMENT learning, MARKOV processes, RADIO access networks, SOFTWARE-defined networking

Abstract

The last decade has witnessed the explosive growth of the internet of things (IoT), demonstrating the utilization of ubiquitous sensing and computation services. Hence, the industrial IoT (IIoT) is integrated into IoT devices. IIoT is concerned with the limitation of computation and battery life. Therefore, mobile edge computing (MEC) is a paradigm that enables the proliferation of resource computing and reduces network communication latency to realize the IIoT perspective. Furthermore, an open radio access network (O-RAN) is a new architecture that adopts a MEC server to offer a provisioning framework to address energy efficiency and reduce the congestion window of IIoT. However, dynamic resource computation and continuity of task generation by IIoT lead to challenges in management and orchestration (MANO) and energy efficiency. In this article, we aim to investigate the dynamic and priority of resource management on demand. Additionally, to minimize the long-term average delay and computation resource-intensive tasks, the Markov decision problem (MDP) is conducted to solve this problem. Hence, deep reinforcement learning (DRL) is conducted to address the optimal handling policy for MEC-enabled O-RAN architectures. In this study, MDP-assisted deep q-network-based priority/demanding resource management, namely DQG-PD, has been investigated in optimizing resource management. The DQG-PD algorithm aims to solve resource management and energy efficiency in IIoT devices, which demonstrates that exploiting the deep Q-network (DQN) jointly optimizes computation and resource utilization of energy for each service request. Hence, DQN is divided into online and target networks to better adapt to a dynamic IIoT environment. Finally, our experiment shows that our work can outperform reference schemes in terms of resources, cost, energy, reliability, and average service completion ratio. [ABSTRACT FROM AUTHOR]

Published

2024

5. Detection of Incidents and Anomalies in Software-Defined Network -- Based Implementations of Critical Infrastructure Resulting in Adaptive System Changes.

Author

Organiściak, Patryk, Kuraś, Paweł, Strzalka, Dominik, Paszkiewicz, Andrzej, Bolanowski, Marek, Kowal, Bartosz, Ćmil, Michał, Dymora, Paweł, Mazurek, Mirosław, and Vanivska, Veronika

Subjects

OPENFLOW (Computer network protocol), INFRASTRUCTURE (Economics), ANOMALY detection (Computer security), SOFTWARE-defined networking, TRAFFIC engineering

Abstract

In the paper an example of an integrated software-defined network (SDN) system with heterogeneous technological instances based on the Linux platform will be shown. For this purpose, two research testing stands with a POX controller and OVS (Open vSwitch) switches were used. In the first testing stand, the research based on the ICMP traffic was done while in the second one, MQTT traffic was analysed. The capabilities of these systems were examined in terms of responding to detected incidents and traffic anomalies. In particular, their appropriate responses to anomalies were tested, as well as the possibility of continuous monitoring of packet transfer between separate network components. The aim of the paper is to investigate the effectiveness of SDN in enhancing the security and adaptability of critical infrastructure systems. For isolation and optimised resource management, some components, such as POX or the MQTT broker, were run in Docker containers. The test environment used both hardware cases and prepared software, enabling comprehensive design and testing of networks based on the OpenFlow protocol used in SDN architecture, enabling the separation of control from traffic in computer networks. The results of this research make it possible to implement anomaly detection solutions in critical infrastructure systems that will adapt on the fly to changing conditions that arise, for example, in the case of an attack on such infrastructure or physical damage to it at a selected node. [ABSTRACT FROM AUTHOR]

Published

2024

6. Controller placement issue in software-defined networks with different goals: a comprehensive survey.

Author

Mojez, Hadi, Kamel, Hamed, Zanjani, Roshanak, and Bidgoli, Amir Massoud

Subjects

*SOFTWARE-defined networking, *WIDE area networks, *ENERGY consumption

Abstract

Controller placement issue (CPI) in software-defined networks (SDNs) describes the controllers' number, location, and assigning of forwarding devices to controllers. Recently, mathematical formulations and algorithms have been proposed to solve various problems in SDNs and software-defined wide area networks. The comprehensive literature review can be divided into four groups according to objectives: (i) minimizing latency between forwarding devices or switches and their corresponding controllers, and minimizing latency between controllers, (ii) improving network resilience and stability, (iii) minimizing energy consumption and installation costs and (iv) using multi-objective approaches. In addition to the objectives of each research, the importance of this paper is to examine the CPI in terms of reducing the network search space in order to optimally place the controller and how to assign switches to the controllers. In this paper, first the mathematical formulations in previous studies will be examined and then, for solving CPI, the existing algorithms will be discussed. Different classifications of CPIs and related formulas/algorithms, descriptions, advantages and disadvantages will be separately provided. A comprehensive comparison of proposed approaches with their advantages and disadvantages in the summarized tables will be provided. Also, a comparative discussion of different statistics of CPIs will be presented in terms of some technical features such as objective-oriented problems and parameters in four categories, estimated environments, and efficient estimating factors in CPIs. Finally, we explained the future studies' challenges, problems related to CPIs, ideas and following orientations in this field. [ABSTRACT FROM AUTHOR]

Published

2024

7. Flow Table Overflow Attacks in a Software-Defined Network (SDN): A Systematic Review.

Author

Isaiah, Aladesote Olomi, Abdullah, Azizol, Samian, Normalia, and Hanapi, Zurina Mohd.

Subjects

SOFTWARE-defined networking, EVIDENCE gaps, TELECOMMUNICATION systems, EVICTION, COMPUTER software

Abstract

Software-defined networking (SDN) is a modern paradigm leveraging software programmability to enhance communication networks, garnering significant attention and undergoing substantial development due to its diverse applications. One key challenge in SDN lies in managing increasing traffic while avoiding flow table overflow, particularly due to the limited capacity of Ternary Content Addressable Memory (TCAM) in OpenFlow switches. This paper presents a Systematic Literature Review (SLR) that analyzes various approaches to defending against flow table overflow in SDN. Employing a structured approach, we sift through a substantial corpus of research, distilling it into 44 noteworthy articles published from 2015 to the present. We provide an overview of strategies to mitigate flow table overflow attacks, including eviction strategies, dynamic timeout mechanisms, flow rerouting, and aggregated flow entries. Additionally, we analyze mitigation approaches based on deployment strategies, testbed environments, and traffic generation methods. In conclusion, we identify research gaps and challenges, laying the groundwork for future investigations in this domain. [ABSTRACT FROM AUTHOR]

Published

2024

8. Enhanced Mechanism for Link Failure Rerouting in Software-Defined Exchange Point Networks.

Author

Abdullahi, Abdijalil and Manickam, Selvakumar

Subjects

SOFTWARE-defined networking, INTERNET service providers, NETWORK performance, SWITCHING costs, OPERATIONS management, INTERNET exchange points, CONTENT delivery networks

Abstract

Internet Exchange Point (IXP) is a system that increases network bandwidth performance. Internet exchange points facilitate interconnection among network providers, including Internet Service Providers (ISPs) and Content Delivery Providers (CDNs). To improve service management, Internet exchange point providers have adopted the Software Defined Network (SDN) paradigm. This implementation is known as a Software-Defined Exchange Point (SDX). It improves network providers' operations and management. However, performance issues still exist, particularly with multi-hop topologies. These issues include switch memory costs, packet processing latency, and link failure recovery delays. The paper proposes Enhanced Link Failure Rerouting (ELFR), an improved mechanism for rerouting link failures in software-defined exchange point networks. The proposed mechanism aims to minimize packet processing time for fast link failure recovery and enhance path calculation efficiency while reducing switch storage overhead by exploiting the Programming Protocol-independent Packet Processors (P4) features. The paper presents the proposed mechanisms' efficiency by utilizing advanced algorithms and demonstrating improved performance in packet processing speed, path calculation effectiveness, and switch storage management compared to current mechanisms. The proposed mechanism shows significant improvements, leading to a 37.5% decrease in Recovery Time (RT) and a 33.33% decrease in both Calculation Time (CT) and Computational Overhead (CO) when compared to current mechanisms. The study highlights the effectiveness and resource efficiency of the proposed mechanism in effectively resolving crucial issues in multi-hop software-defined exchange point networks. [ABSTRACT FROM AUTHOR]

Published

2024

9. A computationally intelligent framework for traffic engineering and congestion management in software-defined network (SDN)

Author

L. Leo Prasanth and E. Uma

Subjects

Software-defined network, Multiplicative gated recurrent neural network, Hunter prey optimization, Traffic prediction, Congestion management, Telecommunication, TK5101-6720, Electronics, TK7800-8360

Abstract

Abstract Software-defined networking (SDN) revolutionizes network administration by centralizing control and decoupling the data plane from the control plane. Despite its advantages, the escalating volume of network traffic induces congestion at nodes, adversely affecting routing quality and overall performance. Addressing congestion has become imperative due to its emergence as a fundamental challenge in network management. Previous strategies often faced drawbacks in handling congestion, with issues arising from the inability to efficiently manage heavy packet surges in specific network regions. In response, this research introduces a novel approach integrating a multiplicative gated recurrent neural network with a congestion-aware hunter prey optimization (HPO) algorithm for effective traffic management in SDN. The framework leverages machine learning and deep learning techniques, acknowledged for their proficiency in processing traffic data. Comparative simulations showcase the congestion-aware HPO algorithm's superiority, achieving a normalized throughput 3.4–7.6% higher than genetic algorithm (GA) and particle swarm optimization (PSO) alternatives. Notably, the proposed framework significantly reduces data transmission delays by 58–65% compared to the GA and PSO algorithms. This research not only contributes a state-of-the-art solution but also addresses drawbacks observed in existing methodologies, thereby advancing the field of traffic engineering and congestion management in SDN. The proposed framework demonstrates notable enhancements in both throughput and latency, providing a more robust foundation for future SDN implementations.

Published

2024

10. A computationally intelligent framework for traffic engineering and congestion management in software-defined network (SDN).

Author

Prasanth, L. Leo and Uma, E.

Subjects

ENGINEERING management, RECURRENT neural networks, TRAFFIC engineering, INDUSTRIAL engineering, PARTICLE swarm optimization, SOFTWARE-defined networking, DEEP learning

Abstract

Software-defined networking (SDN) revolutionizes network administration by centralizing control and decoupling the data plane from the control plane. Despite its advantages, the escalating volume of network traffic induces congestion at nodes, adversely affecting routing quality and overall performance. Addressing congestion has become imperative due to its emergence as a fundamental challenge in network management. Previous strategies often faced drawbacks in handling congestion, with issues arising from the inability to efficiently manage heavy packet surges in specific network regions. In response, this research introduces a novel approach integrating a multiplicative gated recurrent neural network with a congestion-aware hunter prey optimization (HPO) algorithm for effective traffic management in SDN. The framework leverages machine learning and deep learning techniques, acknowledged for their proficiency in processing traffic data. Comparative simulations showcase the congestion-aware HPO algorithm's superiority, achieving a normalized throughput 3.4–7.6% higher than genetic algorithm (GA) and particle swarm optimization (PSO) alternatives. Notably, the proposed framework significantly reduces data transmission delays by 58–65% compared to the GA and PSO algorithms. This research not only contributes a state-of-the-art solution but also addresses drawbacks observed in existing methodologies, thereby advancing the field of traffic engineering and congestion management in SDN. The proposed framework demonstrates notable enhancements in both throughput and latency, providing a more robust foundation for future SDN implementations. [ABSTRACT FROM AUTHOR]

Published

2024

11. Security and Privacy Challenges in SDN-Enabled IoT Systems: Causes, Proposed Solutions, and Future Directions.

Author

Rahdari, Ahmad, Jalili, Ahmad, Esnaashari, Mehdi, Gheisari, Mehdi, Vorobeva, Alisa A., Fang, Zhaoxi, Sun, Panjun, Korzhuk, Viktoriia M., Popov, Ilya, Wu, Zongda, and Tahaei, Hamid

Subjects

SOFTWARE-defined networking, TECHNOLOGICAL innovations, ACCESS control, INTERNET of things, INTERNET security, DEEP learning

Abstract

Software-Defined Networking (SDN) represents a significant paradigm shift in network architecture, separating network logic from the underlying forwarding devices to enhance flexibility and centralize deployment. Concurrently, the Internet of Things (IoT) connects numerous devices to the Internet, enabling autonomous interactions with minimal human intervention. However, implementing and managing an SDN-IoT system is inherently complex, particularly for those with limited resources, as the dynamic and distributed nature of IoT infrastructures creates security and privacy challenges during SDN integration. The findings of this study underscore the primary security and privacy challenges across application, control, and data planes. A comprehensive review evaluates the root causes of these challenges and the defense techniques employed in prior works to establish sufficient secrecy and privacy protection. Recent investigations have explored cutting-edge methods, such as leveraging blockchain for transaction recording to enhance security and privacy, along with applying machine learning and deep learning approaches to identify and mitigate the impacts of Denial of Service (DoS) and Distributed DoS (DDoS) attacks. Moreover, the analysis indicates that encryption and hashing techniques are prevalent in the data plane, whereas access control and certificate authorization are prominently considered in the control plane, and authentication is commonly employed within the application plane. Additionally, this paper outlines future directions, offering insights into potential strategies and technological advancements aimed at fostering a more secure and privacy-conscious SDN-based IoT ecosystem. [ABSTRACT FROM AUTHOR]

Published

2024

12. Analysis of the Use of Artificial Intelligence in Software-Defined Intelligent Networks: A Survey.

Author

Ospina Cifuentes, Bayron Jesit, Suárez, Álvaro, García Pineda, Vanessa, Alvarado Jaimes, Ricardo, Montoya Benitez, Alber Oswaldo, and Grajales Bustamante, Juan David

Subjects

COMPUTER network traffic, ARTIFICIAL intelligence, INTELLIGENT networks, ALGORITHMS

Abstract

The distributed structure of traditional networks often fails to promptly and accurately provide the computational power required for artificial intelligence (AI), hindering its practical application and implementation. Consequently, this research aims to analyze the use of AI in software-defined networks (SDNs). To achieve this goal, a systematic literature review (SLR) is conducted based on the PRISMA 2020 statement. Through this review, it is found that, bottom-up, from the perspective of the data plane, control plane, and application plane of SDNs, the integration of various network planes with AI is feasible, giving rise to Intelligent Software Defined Networking (ISDN). As a primary conclusion, it was found that the application of AI-related algorithms in SDNs is extensive and faces numerous challenges. Nonetheless, these challenges are propelling the development of SDNs in a more promising direction through the adoption of novel methods and tools such as route optimization, software-defined routing, intelligent methods for network security, and AI-based traffic engineering, among others. [ABSTRACT FROM AUTHOR]

Published

2024

13. Low-latency controller load balancing strategy and offloading decision generation algorithm based on lyapunov optimization in SDN mobile edge computing environment.

Author

Chang, Shuai, Li, Chunlin, Deng, Chunping, and Luo, Youlong

Subjects

*EDGE computing, *MOBILE computing, *PROCESS capability, *PROBLEM solving, *SOFTWARE-defined networking

Abstract

To solve the problem of multi-SDN controller load balancing, a low-latency controller load balancing switch migration algorithm is proposed, and a load balancing framework consisting of three modules of load monitoring, decision-making, and switch migration is designed. Migrate the switch with the highest request rate to the controller with stronger processing capacity and closer distance, and achieve load balancing through multiple iterations, effectively solving the problem that the static controller deployment scheme cannot cope with the dynamic network environment. Since the current research on computing offloading does not consider the stability of the MEC system, an offloading decision-generation algorithm based on Lyapunov optimization is proposed. This algorithm designs a task queue scheduling model to transform the system stability problem into a queue backlog problem, considering the profit of the edge server and the delay of task processing, and establishing a resource optimization model to maximize the profit of the MEC system under the premise of meeting the stability and delay requirements of the MEC system. The experimental results show that the proposed controller load-balancing algorithm can speed up the load-balancing process and reduce the average response delay of the system by about 22.1% while maintaining high throughput. The proposed computing offload algorithm can reduce the average delay of the system by 52%, better allocate computing tasks, and make the edge server obtain higher profits. [ABSTRACT FROM AUTHOR]

Published

2024

14. Research on Detection and Defense Methods for Software‐Defined Network Architecture after Hybrid Attack by Distributed Denial of Service.

Author

Xiao, Hongfei, Xiang, Tao, and Tang, Shiqi

Subjects

*DENIAL of service attacks, *SOFTWARE-defined networking, *K-means clustering, *MILITARY research

Abstract

The architecture of software‐defined network (SDN)enhances the openness of the network by separating the control and forwarding functions, but the centralized SDN control form is susceptible to distributed denial of service (DDoS) attacks. In this paper, entropy value and back‐propagation neural network (BPNN) were applied to the DDoS attack detection of SDN, and then the two detection algorithms were simulated in MATLAB software and compared with the K‐means algorithm. The results showed that in the face of four DDoS attacks, SYN Flood, ACK Flood, UDP Flood and ICMP Flood, the BPNN‐based DDoS detection had higher accuracy and less detection time; the switch that adopted the BPNN‐based DDoS detection algorithm adjusted the traffic ratio back to normal level faster when facing DDoS attacks, reducing the impact on other switches and maintaining the traffic stability of the network. © 2024 Institute of Electrical Engineer of Japan and Wiley Periodicals LLC. [ABSTRACT FROM AUTHOR]

Published

2024

15. An Integrated DQN and RF Packet Routing Framework for the V2X Network.

Author

Yen, Chin-En, Jhang, Yu-Siang, Hsieh, Yu-Hsuan, Chen, Yu-Cheng, Kuo, Chunghui, and Chang, Ing-Chau

Subjects

DEEP reinforcement learning, REINFORCEMENT learning, ARTIFICIAL intelligence, END-to-end delay, SOFTWARE-defined networking, NETWORK routing protocols, VEHICULAR ad hoc networks

Abstract

With the development of artificial intelligence technology, deep reinforcement learning (DRL) has become a major approach to the design of intelligent vehicle-to-everything (V2X) routing protocols for vehicular ad hoc networks (VANETs). However, if the V2X routing protocol does not consider both real-time traffic conditions and historical vehicle trajectory information, the source vehicle may not transfer its packet to the correct relay vehicles and, finally, to the destination. Thus, this kind of routing protocol fails to guarantee successful packet delivery. Using the greater network flexibility and scalability of the software-defined network (SDN) architecture, this study designs a two-phase integrated DQN and RF Packet Routing Framework (IDRF) that combines the deep Q-learning network (DQN) and random forest (RF) approaches. First, the IDRF offline phase corrects the vehicle's historical trajectory information using the vehicle trajectory continuity algorithm and trains the DQN model. Then, the IDRF real-time phase judges whether vehicles can meet each other and makes a real-time routing decision to select the most appropriate relay vehicle after adding real-time vehicles to the VANET. In this way, the IDRF can obtain the packet transfer path with the shortest end-to-end delay. Compared to two DQN-based approaches, i.e., TDRL-RP and VRDRT, and traditional VANET routing algorithms, the IDRF exhibits significant performance improvements for both sparse and congested periods during intensive simulations of the historical GPS trajectories of 10,357 taxis within Beijing city. Performance improvements in the average packet delivery ratio, end-to-end delay, and overhead ratio of the IDRF over TDRL-RP and VRDRT under different numbers of pairs and transmission ranges are at least 3.56%, 12.73%, and 5.14% and 6.06%, 11.84%, and 7.08%, respectively. [ABSTRACT FROM AUTHOR]

Published

2024

16. A new intelligent cross-domain routing method in SDN based on a proposed multiagent reinforcement learning algorithm

Author

Ye, Miao, Huang, Lin Qiang, Wang, Xiao Li, Wang, Yong, Jiang, Qiu Xiang, and Qiu, Hong Bing

Published

2024

17. Hybrid RSA–AES-Based Software-Defined Network to Improve the Security of MANET

Author

Walle Yelkal Mulualem

Subjects

software-defined network, manet, rsa, hybrid cryptography algorithm, Bibliography. Library science. Information resources

Abstract

Software-defined networking offers a flexible and programmatically efficient network design. Security in today’s ad hoc mobile wireless network is paramount and incredibly challenging. Software-defined network is used to automatically and dynamically manage and control large network devices, network services, traffic paths, network topology, and packet management (quality of service). Recently different attackers are attacking our data when forwarding from one device to another. Therefore, software-defined networking and a Hybrid Rivest, Shamir, and Adelman (RSA)–Advanced Encryption Standard (AES) cryptography algorithm are needed to establish the concept of software-defined networking in mobile ad hoc networks to improve security and routing efficiency. The proposed Hybrid Cryptography Algorithm (HCA)-Based SDN mainly creates strong detection, prevention, and authentication mechanisms for MANET. The proposed secure data channel throughput increased by 0.4%, and the suggested system latency was 3.6% lower than the Normal MANET. It is already proved that the Hybrid cryptography algorithm also generates a key for security faster than RSA (Rivest, Shamir, and Adelman). The performance of the RSA–AES (hybrid) approach for encrypting and decrypting broad data significantly beats the RSA-Blowfish algorithm. In decrypting files, the hybrid approach (RSA–AES) outperforms the RSA-Blowfish method 11.2 times more efficiently when the file size is 32 kB; however, efficiency is increased by 77.1 times when the file size exceeds 4,096 kB. The experimental result shows that as the file size increases the hybrid RSA–AES solution outperforms RSA when the file is only 145 bytes; however, when the file is 6,460 bytes in size, the efficiency is multiplied by 61.3. As file size increases, RSA is less efficient than the hybrid encryption method. This is more preferred to be implemented for different parts of wireless networks like MANET.

Published

2024

18. Utilizing Extremely Fast Decision Tree (EFDT) Algorithm to Categorize Conflict Flow on a Software-Defined Network (SDN) Controller.

Author

Khairi, Mutaz H. H., Ali Abdalla, Bushra Mohammed, Hassan, Mohamed Khalafalla, Ariffin, Sharifah H. S., and Hamdan, Mosab

Subjects

DECISION trees, ALGORITHMS, MACHINE learning

Abstract

Software-Defined Networks (SDNs) provide a contemporary approach to networking technology, offering a versatile and dynamically efficient network architecture for enhanced surveillance and performance. However, SDN architectures may encounter flow conflicts. These conflicts arise when modifications are made to specific flow properties, such as priority, match field, and action. Despite the existence of recommended solutions, the process of resolving conflicts in SDN continues to encounter difficulties. This study proposes an Extremely Fast Decision Tree (EFDT) classification technique to detect and categorize conflicts inside the flow table. The novelty of this method is based on the development of an accurate and effective machine-learning technique implemented on the Ryu controller plane and validated using the Mininet simulator. The effectiveness and efficiency of the proposed method were evaluated using various indicators, demonstrating superior performance in recognizing and categorizing conflict flow types in all flow sizes ranging from 10,000 to 100,000. [ABSTRACT FROM AUTHOR]

Published

2024

19. Securing Forwarding Layers from Eavesdropping Attacks Using Proactive Approaches.

Author

Jiajun Yan, Ying Zhou, Anchen Dai, and Tao Wang

Subjects

EAVESDROPPING, EDGE computing, INTERNET of things

Abstract

As an emerging network paradigm, the software-defined network (SDN) finds extensive application in areas such as smart grids, the Internet of Things (IoT), and edge computing. The forwarding layer in software-defined networks is susceptible to eavesdropping attacks. Route hopping is amoving target defense (MTD) technology that is frequently employed to resist eavesdropping attacks. In the traditional route hopping technology, both request and reply packets use the same hopping path. If an eavesdropping attacker monitors the nodes along this path, the risk of 100% data leakage becomes substantial. In this paper, we present an effective route hopping approach, called two-day different path (TDP), that turns communication paths into untraceable moving targets. This technology minimizes theprobabilityof data leakageby transmitting request data and reply data through different paths. Firstly, a brief introduction to the network model and attack model involved in this paper is given. Secondly, the algorithm and processingmethod of the TDP are proposed. Thirdly, the paper proposes three differentmetrics tomeasure the effectiveness of the proposed approach. Finally, theoretical analysis and simulation results show that the TDP can effectively reduce the percentage of data exposure, decrease eavesdropping attack success probability, and improve the unpredictability of the path. [ABSTRACT FROM AUTHOR]

Published

2024

20. 소프트웨어 정의 네트워크에서 네트워크 계획 문제를 위한 타부서치 알고리 즘.

Author

장길웅

Abstract

To support adaptive data communication in software-defined networks, fast control processing is required from the software-defined switch to the controller. In addition, due to the limited computational power of a single controller, it is necessary to use multiple controllers to effectively handle control processing in large-scale networks. In this paper, we propose an optimization algorithm to solve the network planning problem with multiple controllers in large-scale software-defined networks. The proposed optimization algorithm proposes a method to simultaneously optimize the number of controllers in the network planning problem and the traffic delay in the network. The proposed optimization algorithm uses a metaheuristic tabu search algorithm and proposes an effective neighborhood generation method to find the optimal solution. The performance of the proposed tabu search algorithm is evaluated through computer simulations, and the results show that it has better performance in terms of the number of controllers and traffic delay than other existing algorithms. [ABSTRACT FROM AUTHOR]

Published

2024

21. Controller placement in SDN using game theory and a discrete hybrid metaheuristic algorithm.

Author

Khojand, Mahnaz, Majidzadeh, Kambiz, Masdari, Mohammad, and Farhang, Yousef

Subjects

*GAME theory, *SOFTWARE-defined networking, *END-to-end delay, *SIMULATED annealing, *ENERGY consumption, *METAHEURISTIC algorithms, *OPENFLOW (Computer network protocol)

Abstract

Software-defined networking (SDN) is a network architecture where the control and data plane are separated. As the network size grows, relying on just one controller can lead to various problems. Thus, in highly scalable networks, multiple controllers are needed. This critical issue of determining the number and placement of controllers is known as the controller placement problem (CPP). In this paper, game theory is used to solve CPP by identifying the optimal number of controllers. Two algorithms, golden eagle optimization (GEO) and grey wolf optimization (GWO), are utilized to find the most efficient mapping between switches and controllers. Since CPP is a discrete problem, GEO and GWO have first been discretized and then hybridized to form a new algorithm called GEWO. This algorithm is used to discover the most efficient mapping between switches and controllers. Additionally, simulated annealing is employed for better local search. The effectiveness of this approach is evaluated using different numbers of controllers on four well-known software-defined networks from the Internet Topology Zoo. The results are compared against various existing algorithms in the field, and it is observed that GEWO outperforms the competition. The findings demonstrate that GEWO reduces load imbalance by 24.07%, decreases end-to-end delay by 20.95%, and lowers average energy consumption by 11.65%. [ABSTRACT FROM AUTHOR]

Published

2024

22. Energy efficiency considerations in software‐defined wireless body area networks.

Author

Masood, Fahad, Khan, Wajid Ullah, Alshehri, Mohammed S., Alsumayt, Albandari, and Ahmad, Jawad

Subjects

BODY area networks, ENERGY consumption, SOFTWARE-defined networking, ROUTING algorithms, NETWORK performance, PATIENT monitoring

Abstract

Wireless body area networks (WBAN) provide remote services for patient monitoring which allows healthcare practitioners to diagnose, monitor, and prescribe them without their physical presence. To address the shortcomings of WBAN, software‐defined networking (SDN) is regarded as an effective approach in this prototype. However, integrating SDN into WBAN presents several challenges in terms of safe data exchange, architectural framework, and resource efficiency. Because energy expenses account for a considerable portion of network expenditures, energy efficiency has to turn out to be a crucial design criterion for modern networking methods. However, creating energy‐efficient systems is difficult because they must balance energy efficiency with network performance. In this article, the energy efficiency features are discussed that can widely be used in the software‐defined wireless body area network (SDWBAN). A comprehensive survey has been carried out for various modern energy efficiency models based on routing algorithms, optimization models, secure data delivery, and traffic management. A comparative assessment of all the models has also been carried out for various parameters. Furthermore, we explore important concerns and future work in SDWBAN energy efficiency. [ABSTRACT FROM AUTHOR]

Published

2024

23. SDN-Based Multipath Data Offloading Scheme Using Link Quality Prediction for LTE and WiFi Networks

Author

Santhosha Kamath, J. Aravinda Raman, Pankaj Kumar, Sanjay Singh, and M. Sathish Kumar

Subjects

Software-defined network, HetNet, mininet, floodlight, deep learning, LSTM, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

The continuous growth of mobile traffic and limited spectrum resources limits the capacity and data rate. Heterogeneous Networks (HetNet) is a solution with multiple radio interfaces in smartphones to realize such demands. Simultaneous data transfer on Long Term Evolution (LTE) and WiFi has gained attention for data offloading in 5G HetNet. Maintaining the average throughput and minimum delay for LTE users is still a challenge in data offloading owing to the mobility and load in the network. This study explores the benefits of Software-Defined Networking (SDN) based multipath for data offloading schemes for LTE-WiFi integrated networks to maintain the user’s average throughput based on channel quality classification. We classify future link qualities using deep learning models such as Long Short-Term Memory Networks (LSTM) and Bidirectional Long Short-Term Memory Networks (BLSTM). The received signal strength indicator (RSSI) and packet data rate (PDR) are parameters used in BLSTM. The results of the prediction were compared with those of state-of-the-art methods. We obtained a 2.1% better prediction than the state-of-the-art methods. The predicted results were used to offload the data using LTE and WiFi. The performance of HetNet was compared with the state-of-the-art method for average throughput, and with the proposed method, a 6.29% improvement was observed.

Published

2024

24. Smart Grids Empowered by Software-Defined Network: A Comprehensive Review of Advancements and Challenges

Author

Washington Velasquez, Guillermo Z. Moreira-Moreira, and Manuel S. Alvarez-Alvarado

Subjects

Applications, cybersecurity, energy efficiency, grid resilience, smart grid, software-defined network, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

The integration of Software-Defined Networking (SDN) technology in Smart Grids has emerged as a transformative approach to modernizing energy infrastructures and enhancing operational efficiency. This comprehensive review paper explores the advancements, challenges, and future perspectives of SDN implementation in Smart Grid environments. It delves into the applications of SDN in areas such as real-time monitoring, energy distribution optimization, grid resilience, integration of renewable energy sources, and demand response management. Additionally, the paper addresses key challenges including security concerns, interoperability issues, scalability constraints, and regulatory compliance requirements that accompany the adoption of SDN in Smart Grids. Looking ahead, the paper discusses future perspectives such as leveraging artificial intelligence, edge computing, and blockchain technology to further enhance the capabilities of SDN in Smart Grids. Through an in-depth analysis of current developments and future trends, this review provides valuable insights for researchers, practitioners, and policymakers seeking to harness the full potential of SDN for advancing Smart Grid infrastructures.

Published

2024

25. Security of Topology Discovery Service in SDN: Vulnerabilities and Countermeasures

Author

Sanaz Soltani, Ali Amanlou, Mohammad Shojafar, and Rahim Tafazolli

Subjects

Software-defined network, SDN security, topology discovery service, topology poisoning attack, Telecommunication, TK5101-6720, Transportation and communications, HE1-9990

Abstract

Software-Defined Network (SDN) controller needs comprehensive visibility of the whole network to provide effective routing and forwarding decisions in the data layer. However, the topology discovery service in the SDN controller is vulnerable to the Topology Poisoning Attack (TPA), which targets corrupting the controller’s view on the connected devices (e.g., switches or hosts) to the network and inter-switch link connections. The attack could cause dramatic impacts on the network’s forwarding policy by changing the traffic path and even opening doors for Man-in-the-Middle (MitM) and Denial of Service (DoS) attacks. Recent studies presented sophisticated types of TPA, which could successfully bypass several well-known defence mechanisms for SDN. However, the scientific literature lacks a comprehensive review and survey of existing TPAs against topology discovery services and corresponding defence mechanisms. This paper provides a thorough survey to review and analyse existing threats against topology discovery services and a security assessment of the current countermeasures. For this aim, first, we propose a taxonomy for TPAs and categorise the attacks based on different parameters, including the attack aim, exploited vulnerability, location of the adversary, and communication channel. In addition, we provide a detailed root cause analysis per attack. Second, we perform a security assessment on the state-of-the-art security measurements that mitigate the risk of TPAs in SDN and discuss the advantages and disadvantages of each defence concerning the detection capability. Finally, we figure out several open security issues and outline possible future research directions to motivate security research on SDN. The rapid growth of the SDN market and the evolution of mobile networks, including components like the RAN Intelligent Controller (RIC) acting like SDN controller, highlight the critical need for SDN security in the future.

Published

2024

26. Software defined intelligent satellite-terrestrial integrated networks: Insights and challenges

Author

Shuo Yuan, Mugen Peng, Yaohua Sun, and Xiqing Liu

Subjects

Satellite-terrestrial network, Software-defined network, Artificial intelligence, Reconfigurable networking, Information technology, T58.5-58.64

Abstract

Satellite-Terrestrial integrated Networks (STNs) have been advocated by both academia and industry as a promising network paradigm to achieve service continuity and ubiquity. However, STNs suffer from problems including poor flexibility of network architecture, low adaptability to dynamic environments, the lack of network intelligence, and low resource utilization. To handle these challenges, a Software defined Intelligent STN (SISTN) architecture is introduced. Specifically, the hierarchical architecture of the proposal is described and a distributed deployment scheme for SISTNs controllers is proposed to realize agile and effective network management and control. Moreover, three use cases in SISTNs are discussed. Meanwhile, key techniques and their corresponding solutions are presented, followed by the identification of several open issues in SISTNs including compatibility with existing networks, the tradeoff between network flexibility and performance, and so on.

Published

2023

27. Resource Allocation optimization in fog Architecture Based Software-Defined Networks

Author

sepideh sheikhi nejad, Ahmad Khadem Zadeh, Amir Masoud Rahmani, and Ali Broumandnia

Subjects

software-defined network, fog computing, multi-nodes weighted directed task graph, task assigning, task offloading, Information technology, T58.5-58.64, Telecommunication, TK5101-6720, Electronic computers. Computer science, QA75.5-76.95

Abstract

As a growing of IoT devices, new computing paradigms such as fog computing are emerging. Fog computing is more suitable for real-time processing due to the proximity of resources to IoT layer devices. Service providers must dynamically update the hardware and software parameters of the network infrastructure. Software defined network (SDN) proposed as a new network paradigm, whose separate control layer from data layer and provides flexible network management. This paper presents a software-defined fog platform to host real-time applications in IoT. Then, we propose a novel resource allocation method. This method involves scheduling multi-node real-time task graphs over the fog to minimize task execution latency. The proposed method is designed to benefit the centralized structure of SDN. The simulation results show that the proposed method can find near to optimal solutions in a very lower execution time than the brute force method.

Published

2023

28. Energy efficiency considerations in software‐defined wireless body area networks

Author

Fahad Masood, Wajid Ullah Khan, Mohammed S. Alshehri, Albandari Alsumayt, and Jawad Ahmad

Subjects

body area network, energy efficiency, SDWBAN, software‐defined network, Engineering (General). Civil engineering (General), TA1-2040, Electronic computers. Computer science, QA75.5-76.95

Abstract

Abstract Wireless body area networks (WBAN) provide remote services for patient monitoring which allows healthcare practitioners to diagnose, monitor, and prescribe them without their physical presence. To address the shortcomings of WBAN, software‐defined networking (SDN) is regarded as an effective approach in this prototype. However, integrating SDN into WBAN presents several challenges in terms of safe data exchange, architectural framework, and resource efficiency. Because energy expenses account for a considerable portion of network expenditures, energy efficiency has to turn out to be a crucial design criterion for modern networking methods. However, creating energy‐efficient systems is difficult because they must balance energy efficiency with network performance. In this article, the energy efficiency features are discussed that can widely be used in the software‐defined wireless body area network (SDWBAN). A comprehensive survey has been carried out for various modern energy efficiency models based on routing algorithms, optimization models, secure data delivery, and traffic management. A comparative assessment of all the models has also been carried out for various parameters. Furthermore, we explore important concerns and future work in SDWBAN energy efficiency.

Published

2024

29. A Comprehensive Survey of Distributed Denial of Service Detection and Mitigation Technologies in Software-Defined Network.

Author

Su, Yinghao, Xiong, Dapeng, Qian, Kechang, and Wang, Yu

Subjects

SOFTWARE-defined networking, DENIAL of service attacks, OPENFLOW (Computer network protocol)

Abstract

The widespread adoption of software-defined networking (SDN) technology has brought revolutionary changes to network control and management. Compared to traditional networks, SDN enhances security by separating the control plane from the data plane and replacing the traditional network architecture with a more flexible one. However, due to its inherent architectural flaws, SDN still faces new security threats. This paper expounds on the architecture and security of SDN, analyzes the vulnerabilities of SDN architecture, and introduces common distributed denial of service (DDoS) attacks within the SDN architecture. This article also provides a review of the relevant literature on DDoS attack detection and mitigation in the current SDN environment based on the technologies used, including statistical analysis, machine learning, policy-based, and moving target defense techniques. The advantages and disadvantages of these technologies, in terms of deployment difficulty, accuracy, and other factors, are analyzed. Finally, this study summarizes the SDN experimental environment and DDoS attack traffic generators and datasets of the reviewed literature and the limitations of current defense methods and suggests potential future research directions. [ABSTRACT FROM AUTHOR]

Published

2024

30. SDN as a defence mechanism: a comprehensive survey.

Author

Ayodele, Believe and Buttigieg, Victor

Subjects

*CYBERTERRORISM, *SOFTWARE-defined networking, *INTERNET security, *COMPUTER network security

Abstract

Investing in cybersecurity is increasingly considered a significant area and aspect a business or organisation should seriously consider. Some of these security solutions are network-based and provide many levels of protection. However, traditional networks are seen to be vendor-specific and are limited, enabling minor to no network flexibility or customisation. Implementing SDN to combat cyberattacks is a workable option for resolving this traditional network constraint. Less attention has been paid to how SDN has been utilised to address security concerns, with most surveys concentrating on the security challenges the SDN paradigm faces. This study aims to provide a comprehensive overview of the state-of-the-art on how SDN has been used to combat attacks between 2017 and 2022 by highlighting the specifics of each literature, its advantages, limitations, and potential areas for further study. This work introduces a taxonomy highlighting SDN's fundamental traits and contributions as a defence mechanism (SaaDM). [ABSTRACT FROM AUTHOR]

Published

2024

31. GaTeBaSep: game theory-based security protocol against ARP spoofing attacks in software-defined networks.

Author

Mvah, Fabrice, Kengne Tchendji, Vianney, Tayou Djamegni, Clémentin, Anwar, Ahmed H., Tosh, Deepak K., and Kamhoua, Charles

Subjects

*DENIAL of service attacks, *IDENTITY theft, *NASH equilibrium, *POISONS, *INTERNET users

Abstract

Nowadays, the growth of internet users has led to a significant increase in identity fraud security risks. One of the common forms of identity fraud is the Address Resolution Protocol (ARP) spoofing attack. These cyber-attacks come from ARP vulnerabilities and consist of compromising the victims' ARP caches by inserting fake IP-MAC pairs. These attacks should be tackled seriously because they can be used to launch more dangerous ones, such as denial of service or man-in-the-middle attacks. Most existing approaches against ARP spoofing attacks use a detection threshold to detect attackers in the network. However, these approaches may be ineffective against an intelligent attacker who avoids exceeding the threshold by combining spoofed ARP packets with normal ones. To address this problem, we leverage the advantages of software-defined networks to propose a game-theoretic approach that predicts the defender's best moves based on the Nash strategies. This approach is modeled as a non-cooperative game between the attacker who wants to poison victims' ARP caches, and the defender whose goal is to avoid ARP cache poisoning. The proposed method results in a mixed-strategy Nash equilibrium that identifies the best defensive strategy. It includes a player utility-based algorithm to detect malicious users and block their traffic or redirect them to a honeypot. Simulation results show that the proposed method is more suitable to ensure system security by preventing, detecting, and recovering from ARP spoofing attacks than those proposed in the literature. [ABSTRACT FROM AUTHOR]

Published

2024

32. Research on Power Service Route Planning Scheme Based on SDN Architecture and Reinforcement Learning Algorithm.

Author

Lv, Xinquan, Wei, Yongjing, Ma, Kai, Liu, Xiaolong, Sun, Chao, Zhu, Youxiang, and Ma, Piming

Subjects

MACHINE learning, REINFORCEMENT learning, BANDWIDTH allocation, TELECOMMUNICATION systems, SOFTWARE-defined networking, PRIVATE security services

Abstract

The power communication network carries various power services to ensure the safe operation of the power network, among which, the relay protection service is the most important service. Reasonable planning of the service route can improve the effectiveness and reliability of data transmission in the power communication network, thereby ensuring the reliable operation of the power grid. This paper constructs a route planning architecture for the power communication network based on a software-defined network. On this basis, parameters such as the power service and network-carrying service status are defined. With the goal of minimizing network risk variance and considering link bandwidth utilization and overload constraints of relay protection services, a service route allocation problem has been raised. To solve this problem, a power service route planning scheme based on a reinforcement learning algorithm is proposed. This algorithm uses the state–action–reward–state–action (SARSA) algorithm to complete service route planning. The simulation results show that using the route planning scheme proposed in this paper can avoid the overload of relay protection services, reduce network risk variance, and effectively balance network risk. [ABSTRACT FROM AUTHOR]

Published

2024

33. A Short Review on the Dynamic Slice Management in Software-Defined Network Visualization.

Author

Hassan, Mohamed Khalafalla, Sayed Ariffin, Sharifah Halizah, Syed-Yusof, Sharifah Kamila, Ghazali, Nurzal Effiyana, and Obeng, Kobby Asare

Subjects

SOFTWARE-defined networking, VIRTUAL networks, SERVICE level agreements, EVIDENCE gaps, DATA visualization, RESOURCE allocation

Abstract

Software-Defined Network (SDN) is a contemporary networking technology that offers enhanced network flexibility and streamlines network management processes. Virtual Software-Defined Networking (vSDN) enables the dynamic allocation and sharing of physical networking resources among several slices, each representing distinct service providers or services. Each tenant is granted autonomous control over their respective services or applications within the Virtual Network (VN). Network virtualization allows providers to deliver novel, advanced services while enhancing efficiency and dependability. Utilizing numerous virtual networks on a specific infrastructure presents difficulties in implementing effective resource allocation mechanisms to prevent congestion and resource scarcity while maintaining the Service Level Agreements (SLAs) in the vSDN. A limited body of research has focused on dynamic slice allocation in the vSDN domain. This article will briefly review dynamic resource management, focusing on slice resource dynamic allocation through SDN hypervisors. The survey outlined that very few studies have tackled the impact of dynamicity slice management in vSDN, and there are research gaps in implementing proactive and intelligent frameworks for slice management in vSDN. [ABSTRACT FROM AUTHOR]

Published

2023

34. Towards fostering the role of 5G networks in the field of digital health.

Author

Turab, Nidal M., Al-Nabulsi, Jamal Ibrahim, Abu-Alhaija, Mwaffaq, Owida, Hamza Abu, Alsharaiah, Mohammad, and Abuthawabeh, Ala

Subjects

DIGITAL health, TECHNOLOGICAL innovations, 5G networks, COMMUNICATION infrastructure, ARTIFICIAL intelligence, MEDICAL personnel

Abstract

A typical healthcare system needs further participation with patient monitoring, vital signs sensors and other medical devices. Healthcare moved from a traditional central hospital to scattered patients. Healthcare systems receive help from emerging technology innovations such as fifth generation (5G) communication infrastructure: internet of things (IoT), machine learning (ML), and artificial intelligence (AI). Healthcare providers benefit from IoT capabilities to comfort patients by using smart appliances that improve the healthcare level they receive. These IoT smart healthcare gadgets produce massive data volume. It is crucial to use very high-speed communication networks such as 5G wireless technology with the increased communication bandwidth, data transmission efficiency and reduced communication delay and latency, thus leading to strengthen the precise requirements of healthcare big data utilities. The adaptation of 5G in smart healthcare networks allows increasing number of IoT devices that supplies an augmentation in network performance. This paper reviewed distinctive aspects of internet of medical things (IoMT) and 5G architectures with their future and present sides, which can lead to improve healthcare of patients in the near future. [ABSTRACT FROM AUTHOR]

Published

2023

35. Space-Air-Ground Integrated Network Architecture and Transmission Optimization Technology

Author

Siqi HUANG, Deze ZENG, Yuepeng LI, Liangyu ZHANG, and Feng GAO

Subjects

space-air-ground integrated network, network architecture, software-defined network, Information technology, T58.5-58.64

Abstract

With the continuous expansion of application requirements, how to provide efficient networking services in a heterogeneous networking environment integrating space, space and ground have become a new problem.Through the analysis of the application scenarios and technical requirements of the future space-air-ground integrated network, a space-air-ground integrated network architecture based on a software-defined network was proposed to met the requirements of rapid response and collaborative processing.At the same time, it briefly expounded on its main components and transmission optimization technology.Then, the development trends and challenges of the software-defined space-air-ground integrated network architecture were summarized and prospected, which provided a reference for the future development of an space-air-ground integrated network.

Published

2023

36. Analysis of the Use of Artificial Intelligence in Software-Defined Intelligent Networks: A Survey

Author

Bayron Jesit Ospina Cifuentes, Álvaro Suárez, Vanessa García Pineda, Ricardo Alvarado Jaimes, Alber Oswaldo Montoya Benitez, and Juan David Grajales Bustamante

Subjects

software-defined network, artificial intelligence, traffic prediction, network security, intelligent networks, Technology

Abstract

The distributed structure of traditional networks often fails to promptly and accurately provide the computational power required for artificial intelligence (AI), hindering its practical application and implementation. Consequently, this research aims to analyze the use of AI in software-defined networks (SDNs). To achieve this goal, a systematic literature review (SLR) is conducted based on the PRISMA 2020 statement. Through this review, it is found that, bottom-up, from the perspective of the data plane, control plane, and application plane of SDNs, the integration of various network planes with AI is feasible, giving rise to Intelligent Software Defined Networking (ISDN). As a primary conclusion, it was found that the application of AI-related algorithms in SDNs is extensive and faces numerous challenges. Nonetheless, these challenges are propelling the development of SDNs in a more promising direction through the adoption of novel methods and tools such as route optimization, software-defined routing, intelligent methods for network security, and AI-based traffic engineering, among others.

Published

2024

37. Multi-Path Routing Algorithm Based on Deep Reinforcement Learning for SDN.

Author

Zhang, Yi, Qiu, Lanxin, Xu, Yangzhou, Wang, Xinjia, Wang, Shengjie, Paul, Agyemang, and Wu, Zhefu

Subjects

DEEP reinforcement learning, REINFORCEMENT learning, ROUTING algorithms, SOFTWARE-defined networking, DENIAL of service attacks, TRUST

Abstract

Software-Defined Networking (SDN) enhances network control but faces Distributed Denial of Service (DDoS) attacks due to centralized control and flow-table constraints in network devices. To overcome this limitation, we introduce a multi-path routing algorithm for SDN called Trust-Based Proximal Policy Optimization (TBPPO). TBPPO incorporates a Kullback–Leibler divergence (KL divergence) trust value and a node diversity mechanism as the security assessment criterion, aiming to mitigate issues such as network fluctuations, low robustness, and congestion, with a particular emphasis on countering DDoS attacks. To avoid routing loops, differently from conventional 'Next Hop' routing decision methodology, we implemented an enhanced Depth-First Search (DFS) approach involving the pre-computation of path sets, from which we select the best path. To optimize the routing efficiency, we introduced an improved Proximal Policy Optimization (PPO) algorithm based on deep reinforcement learning. This enhanced PPO algorithm focuses on optimizing multi-path routing, considering security, network delay, and variations in multi-path delays. The TBPPO outperforms traditional methods in the Germany-50 evaluation, reducing average delay by 20%, cutting delay variation by 50%, and leading in trust value by 0.5, improving security and routing efficiency in SDN. TBPPO provides a practical and effective solution to enhance SDN security and routing efficiency. [ABSTRACT FROM AUTHOR]

Published

2023

38. LSAV: Lightweight source address validation in SDN to counteract IP spoofing-based DDoS attacks.

Author

KARAKOÇ, Ali and ALAGÖZ, Fatih

Subjects

*DENIAL of service attacks, *SOFTWARE-defined networking, *INTERNET service providers, *SYSTEMS availability, *CUSTOMER services, *BLOCK ciphers

Abstract

In this paper, we propose a design to detect and prevent IP spoofing-based distributed denial of service (DDoS) attacks on software-defined networks (SDNs). DDoS attacks are still one of the significant problems for internet service providers (ISPs) and individual users. These attacks can disrupt customer services by targeting the availability of the system, and in some cases, they can completely shut down the target infrastructure. Protecting the system against DDoS attacks is therefore crucial for ensuring the reliability and availability of internet services. To address this problem, we propose a lightweight source address validation (LSAV) framework that leverages the flexibility of SDN architecture in ISP networks and employs a lightweight filtering mechanism that considers the cost of operation to maintain high performance. Our setup for the proposed mechanism reflects client–server communication through an ISP SDN, and we use the entry points to eliminate malicious user requests targeting the systems. We then propose a novel algorithm on top of this setup to introduce a new and more efficient approach to existing mitigation methodologies. In addition to filtering the traffic against IP spoofing-based DDoS attacks, LSAV also prioritizes low resource consumption and high performance in terms of delay and bandwidth. With this approach, we believe that ISPs can effectively defend against IP spoofing-based DDoS attacks while still preserving low resource consumption for the infrastructure and high-quality internet services for their customers. [ABSTRACT FROM AUTHOR]

Published

2023

39. Toward Secure Software-Defined Networks Using Machine Learning: A Review, Research Challenges, and Future Directions.

Author

Nadeem, Muhammad Waqas, Hock Guan Goh, Yichiet Aun, and Ponnusamy, Vasaki

Subjects

DEEP learning, SOFTWARE-defined networking, COMPUTER network security, MACHINE learning, DATA analysis

Abstract

Over the past few years, rapid advancements in the internet and communication technologies have led to increasingly intricate and diverse networking systems. As a result, greater intelligence is necessary to effectively manage, optimize, andmaintain these systems. Due to their distributed nature, machine learning models are challenging to deploy in traditional networks. However, Software-Defined Networking (SDN) presents an opportunity to integrate intelligence into networks by offering a programmable architecture that separates data and control planes. SDN provides a centralized network view and allows for dynamic updates of flow rules and softwarebased traffic analysis. While the programmable nature of SDN makes it easier to deploy machine learning techniques, the centralized control logic also makes it vulnerable to cyberattacks. To address these issues, recent research has focused on developing powerful machine-learning methods for detecting and mitigating attacks in SDN environments. This paper highlighted the countermeasures for cyberattacks on SDNand howcurrentmachine learningbased solutions can overcome these emerging issues. We also discuss the pros and cons of using machine learning algorithms for detecting and mitigating these attacks. Finally, we highlighted research issues, gaps, and challenges in developing machine learning-based solutions to secure the SDN controller, to help the research and network community to developmore robust and reliable solutions. [ABSTRACT FROM AUTHOR]

Published

2023

40. Virtual Network Function Development for NG-PON Access Network Architecture.

Author

Araújo, Igor, Brízido, André, and Rito Lima, Solange

Abstract

Modern networks urge agility, flexibility, and capacity to cope with the growing demand for media content and applications increasingly oriented toward data consumption. The Central Offices (CO) of telecommunication providers, being a vital aggregator of different access networks, such as optical and mobile, need to be prepared to deal with these demands. The Open Broadband-Broadband Access Abstraction (OB-BAA) architecture fits into the initiative to modernize the Information Technology (IT) components of broadband networks, more specifically the COs. This paper discusses the development of a Virtualized Network Function (VNF) in the context of network security to be integrated as a component of an OB-BAA architecture guided by the Software-Defined Network paradigm. More specifically, the authentication and authorization of network equipment within the IEEE 802.1X protocol are applied to Next Generation Passive Optical Networks. The VNF development is based on the Golang language combined with gRPC programmable interfaces for communication between the various elements of the OB-BAA architecture, and then the components were “containerized” and inserted in the Docker and Kubernetes virtualization frameworks of a multinational telecommunications operator. Finally, performance metrics such as computational resource usage (CPU, memory, and network I/O) and execution time of VNF processes were analyzed in usage tests with multiple supplicants and distinct operational modes, to attest to the most promising virtualization scenarios. [ABSTRACT FROM AUTHOR]

Published

2023

41. Resource Allocation Optimization in Fog Architecture Based Software-Defined Networks.

Author

Nejad, Sepideh Sheikhi, Khademzadeh, Ahmad, Rahmani, Amir Masoud, and Broumandnia, Ali

Subjects

RESOURCE allocation, SOFTWARE-defined networking, INTERNET service providers, DATA analysis, PARAMETER estimation

Abstract

As a growing of IoT devices, new computing paradigms such as fog computing are emerging. Fog computing is more suitable for real-time processing due to the proximity of resources to IoT layer devices. Service providers must dynamically update the hardware and software parameters of the network infrastructure. Software defined network (SDN) proposed as a new network paradigm, whose separate control layer from data layer and provides flexible network management. This paper presents a software-defined fog platform to host real-time applications in IoT. Then, we propose a novel resource allocation method. This method involves scheduling multi-node real-time task graphs over the fog to minimize task execution latency. The proposed method is designed to benefit the centralized structure of SDN. The simulation results show that the proposed method can find near to optimal solutions in a very lower execution time than the brute force method. [ABSTRACT FROM AUTHOR]

Published

2023

42. Optimal sensor network routing with secure network monitoring using deep learning architectures.

Author

Qamar, Shamimul

Subjects

*DEEP reinforcement learning, *SENSOR networks, *REINFORCEMENT learning, *DEEP learning, *DATA mining, *NETWORK routing protocols, *ROUTING algorithms

Abstract

Wireless sensor network (WSN) comprises the interconnection of things or objects that are embedded with both hardware and software. The WSN is a tiny sensor with end device sensors that are connected to the Internet. To perform effective routing in the WSN efficient and reliable data collection, schemes are deployed with the routing protocol for low power and lossy networks (RPL) routing scheme for the low power and lossy network. The RPL routing scheme of the low and lossy routing protocol design for the network with the objective function. The objective function in RPL routing involved network construction and maintenance through hop count. The RPL scheme uses the destination-oriented directed acyclic graph (DODAG) with the greedy election for estimation of instability in the network. The routers in the WSN are enabled with the software-defined network (SDN) server node. The process of routing comprises detection of routes between the source and the destination. This paper focused on secure routing and monitoring schemes in WSN. To improve the secure routing process in WSN, this paper developed a deep RPL-software-defined network (DRPL_SDN). The DRPL_SDN concentrated on the parent selection through RPL based on the predicted energy level of the parent node. The prediction is performed with the DRPL_SDN-based reinforcement learning method with the estimation of child count through a partial stability routing mechanism. The secure prediction is performed through the deep reinforcement learning method in DRPL_SDN for the succeeded node count for the routing stability. The security model is evaluated with the utilization of the knowledge discovery in database (KDD) dataset. With the KDD dataset, the different attacks are evaluated in the proposed DRPL_SDN model. Additionally, the proposed DRPL_SDN exhibits better load balancing with the uncontrolled node in the network. The DRPL_SDN focused on the establishment of a link in the available network path through a dynamic controlled environment. The simulation analysis expressed that DRPL_SDN achieves the minimal packet loss of 236 and the energy consumption is minimal for 6%. The simulation examination expressed that the DRPL_SDN model exhibits the ~ 13% higher performance than the RPL and ELDR. [ABSTRACT FROM AUTHOR]

Published

2023

43. Failure Recovery Model for Single Link with Congestion-Avoidance in SDN

Author

CHEN Ziqiang, XIA Zhengyou

Subjects

software-defined network, segment routing, single link failure, backup path, load balancing, Computer software, QA76.75-76.765, Technology (General), T1-995

Abstract

As a new network architecture,the software defined network(SDN)simplifies the network management logic by separating data plane and control plane,which is one of the popular research subjects of next-generation network.However,due to frequent link failures and other factors,it is difficult to guarantee the reliability of SDN,which is a problem well recognized in the industry.The existing SDN link failure recovery models often have the problems of long recovery delay,requiring too many flow entries and ignoring link congestion after recovery from failure.To solve these problems,this paper proposes a single-link failure recovery model(LFA-CA)based on segment routing(SR).The model employs the two heuristic algorithms of BPF and BPU to calculate a loop-free backup path during network initialization and update the congestion avoiding backup path during operation,respectively,so as to achieve fast recovery from single-link failure and congestion avoidance after failure.In this paper,massive simulation experiments are carried out to evaluate the performance of our model,and the results prove that compared with some of the existing SDN single-link failure recovery models,LFA-CA consumes less forwarding rules and has better load balancing ability after failure.

Published

2023

44. Seek-and-destroy algorithm for optimal resource allocation and security analysis in software-defined vehicular networks

Author

Raut, Umesh K. and Vishwamitra, L.K.

Published

2023

45. Privacy-Preserving and Security in SDN-Based IoT: A Survey

Author

Hossein Ahmadvand, Chhagan Lal, Hadi Hemmati, Mehdi Sookhak, and Mauro Conti

Subjects

Software-defined network, privacy-preserving, security, cloud computing, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

In recent years, the use of Software Defined Networking (SDN) has increased due to various network management requirements. Using SDN in computer network applications has brought several benefits to users, including lower operational costs, better hardware management, flexibility, and centralized network deployment. On the other hand, the Internet of Things (IoT) is another rapidly growing technology. Distributed and dynamic infrastructures are two critical characteristics of IoT. These characteristics lead to some challenges while using SDN in IoT in terms of security and privacy. In this paper, we address security and privacy issues and solutions for SDN-based IoT systems. We analyze the techniques used for defense in previous works to achieve an acceptable level of security and privacy protection in SDN-based IoT systems. In the data plane, SDN-based IoT papers have considered hashing and encryption techniques, in the control plane, certificate authority and access control have been analyzed, and in the application plane, attack detection, and authentication have been discussed. We also provide a statistical analysis of the existing work. This analysis shows that researchers have focused on certain areas more than others in recent years. The final analysis also highlights issues that previous researchers have ignored.

Published

2023

46. Energy-Efficient HTTP Adaptive Streaming System Over SDN-Enabled Wi-Fi APs

Author

Hyunmin Noh, Gi Seok Park, Yunmin Go, Sang-Heon Shin, Youngchan Jang, and Hwangjun Song

Subjects

Adaptive streaming, software-defined network, multi-path, bitrate adaptation, segment scheduling, fountain code, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

This paper presents an energy-efficient Hypertext Transfer Protocol (HTTP) adaptive streaming system to maximize the overall quality of video streaming services for all clients in an energy-efficient way over software-defined networking (SDN)-enabled Wi-Fi access points (APs). To achieve this goal, the proposed system employs multi-path technology to overcome the limitations of a single Wi-Fi AP and adopts the Luby transform (LT) code as forward error correction to support flexible and reliable data transmission via multiple APs. Furthermore, the SDN controller manages the segment bitrate, code rate of the LT code, and video packet transmission via multiple APs based on a global view of the network status, buffer occupancy, and energy consumption. The proposed system is implemented by using network simulator 3 (NS-3) to verify on a large-scale simulation environment and fully implemented in a real testbed to demonstrate its feasibility. The experimental results show that the proposed system can provide superior performance with lower energy consumption than any other existing system.

Published

2023

47. A Multi-Modal Deep Transfer Learning Framework for Attack Detection in Software-Defined Networks

Author

Hani Elubeyd, Derya Yiltas-Kaplan, and Serif Bahtiyar

Subjects

Attack detection, CICIDS2017, data analysis, transfer learning, network programming, software-defined network, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

Software-defined networking (SDN) has been recognized for its potential in network programming and centralized control. However, this advancement brings forth critical security vulnerabilities. It is essential to understand that vulnerabilities, by their inherent nature, may lead to potential attacks if not addressed timely and appropriately. In this paper, we introduce a novel multi-modal deep transfer learning (MMDTL) framework tailored for effective attack detection in SDN environments that helps us to investigate a diverse spectrum of attack types. MMDTL framework comprehensively incorporates diverse data modalities - encompassing network traffic patterns, system logs, and user behavior analytic. A pivotal feature of this framework is its transfer learning approach, which enables the assimilation of insights from pre-trained models that subsequently increases the detection performance of attacks. We rigorously analyze the proposed framework with experiments on the intrusion detection evaluation dataset (CIC-IDS2017). Analyses results show the superiority of our framework with a detection accuracy 99.97%.Thus, MMDTL framework has a significant potential to support security in SDNs.

Published

2023

48. Improving Delay in SDNs by Metaheuristic Controller Placement

Author

Maedeh Abedini Bagha, Kambiz MajidZadeh, Mohammad Masdari, and Yousef Farhang

Subjects

controller placement, seagull optimization algorithm, software-defined network, Electronics, TK7800-8360, Industry, HD2321-4730.9

Abstract

Software-defined networking is a new network model proposed to solve the complexity of traditional network problems and facilitate dynamic network operation and management. The separation of the control plane from the data plane is the main idea of software-defined networks. Controllers are the operating system of software-defined networks and are responsible for managing the entire network. It is essential to locate controllers appropriately to have a balanced topology while guaranteeing low latency. In this work, a metaheuristic algorithm is used for controller placement. First, the problem is formulated, and the network is partitioned by a clustering algorithm. Then, the seagull optimization algorithm is used to determine a suitable place for the controller in each network partition dynamically. Simulations are performed on the standard network topology from the internet topology zoo dataset to evaluate the proposed method. Simulation results reveal that the proposed method performs well in case of delay and load balancing compared with the state-of-the-art optimization algorithms.

Published

2022

49. A Deep Neural Network Architecture for Intrusion Detection in Software-Defined Networks

Author

Somayeh Jafari Horestani, Somayeh Soltani, and Seyed Amin Hosseini Seno

Subjects

intrusion detection, software-defined network, deep learning, network security, Computer software, QA76.75-76.765

Abstract

For more comprehensive security of a computer network as well as the use of firewall and anti-virus security equipment, intrusion detection systems (IDSs) are needed to detect the malicious activity of intruders. Therefore, the introduction of a high-precision intrusion detection system is critical for the network. Generally, the general framework of the proposed intrusion detection models is the use of text classification, and today deep neural networks (DNNs) are one of the top classifiers. A variety of DNN-based intrusion detection models have been proposed for software-defined networks (SDNs); however, these methods often report performance metrics solely on one well-known dataset. In this paper, we present a DNN-based IDS model with a 12-layer arrangement which works well on three datasets, namely, NSL-KDD, KDD99, and UNSW-NB15. The layered layout of the proposed model is considered the same for all the three datasets, which is one of the strengths of the proposed model. To evaluate the proposed solution, six other DNN-based IDS models have been designed. The values of the evaluation metrics, including accuracy, precision, recall, F-measure, and loss function, show the superiority of the proposed model over these six models. In addition, the proposed model is compared with several recent articles in this field, and the superiority of the proposed solution is shown.

Published

2022

50. An unsupervised and hierarchical intrusion detection system for software-defined wireless sensor networks.

Author

Arkan, AhmadShahab and Ahmadi, Mahmood

Subjects

*WIRELESS sensor networks, *INTRUSION detection systems (Computer security), *SOFTWARE-defined networking

Abstract

Wireless sensor networks are considered as the foundation of the Internet of Things. Inherent problems in wireless sensor networks such as power consumption, lack of flexibility, and disability in development and programming have led to serious challenges in these networks. Software-defined networking (SDN) is flexible with development and programming capabilities that decouple the control and data planes. The combination of wireless sensor networks and software-defined networks has created the idea of software-defined wireless sensor networks (SDWSNs). Security is considered as one of the most fundamental issues in any network. Due to their combinatorial nature, the software-defined wireless sensor networks faced a variety of security challenges for both wireless sensor networks and software-defined networks. This paper proposes a novel architecture with an unsupervised intrusion detection algorithm using a hierarchical approach to improve the security of integrated software-defined wireless sensor networks. In the proposed architecture, the sensors are not fully dependent on the SDWSN controller; instead, they run the appropriate intrusion detection algorithm module locally at the layer. The data analysis results in different zones, produced by clustering based on entropy and cumulative point similarity as criteria, are sent to the SDWSN controller, and decisions are made after the final check of data normality or abnormality. To examine the effectiveness of the proposed architecture and algorithm, the sensors were simulated on Cooja, WSN-DS and NSL-KDD standardized datasets. The results show that the proposed method is able to detect the abnormal traffic up to 97%. [ABSTRACT FROM AUTHOR]

Published

2023