Software Defined Networking Architecture Research Articles

A survey on DoS/DDoS mitigation techniques in SDNs: Classification, comparison, solutions, testing tools and datasets

Software-Defined Networking (SDN) is a modern network approach that replaces the conventional network architecture with a flexible architecture by separating the control plane from the data plane. SDN simplifies network management and monitoring through logically centralized intelligence, programmability, and abstraction. SDN architectures are vulnerable to attacks, such as the Denial of Service (DoS) attack. This article reviews and classifies the research efforts on SDN and DoS. We categorized the research efforts into two groups: solutions to cope with DoS attacks on SDN and SDN-based solutions to tackle DoS attacks on networks. The first group of solutions includes six categories: Table-Entry, Scheduling, Architectural, Flow Statistics, Machine Learning, and Hybrid solutions. Furthermore, the article surveys the tools and datasets considered by the reviewed contributions. The article presents a detailed comparison among reviewed approaches in terms of network devices, network layers involved, DoS attack’s types, and targets of attacks.

Generic Method for SDN Controller Selection Using AHP and TOPSIS Methods

The control plane plays an essential role in the implementation of Software Defined Network (SDN) architecture. Basically, the control plane is an isolated process and operates on control layer. The control layer encompasses controllers which provide a global view of the entire SDN. The Controller selection is more crucial for the network administrator to meet the specific use case. This research work mainly focuses on obtaining a better SDN controller. Initially, the SDN controllers are selected using integrated Analytic Hierarchy Process and Technique for Order Preference Similarity to Ideal Solution (AHP and TOPSIS) method. It facilitates to select minimal number of controllers based on their features in the SDN application. Finally, the performance evaluation is carried out using the CBENCH tool considering the best four ranked controllers obtained from the previous step. In addition, it is validated with the real-time internet topology such as Abilene and ERNET considering the delay factor. The result shows that the “Floodlight” controller responds better for latency and throughput. The selection of an optimum controller-Floodlight, using the real-world Internet topologies, outperforms in obtaining the path with a 28.57% decrease in delay in Abilene and 16.94% in ERNET. The proposed work can be applied in high traffic SDN applications.

Optimisation Methods for the Controller Placement Problem in SDN: A Survey

Software-defined networking (SDN) has emerged in response to increasing requirements for new networks and expansion of Internet coverage. Modern needs exceed the limitations of traditional networks, for which, to simplify management, SDN is proposed as a promising paradigm that separates the control and data planes, allowing for the programming of network configuration. SDN deployment and applications are directly affected by the controller position. Single or multiple controllers are used in SDN architecture to enable programmable, flexible, and scalable configurations. Multiple controllers are essential in the current SDN, and various solutions have been recently developed to improve scalability and placement selection. In this study, the Controller Placement Problem (CPP) is explored using objective optimisation with proposed algorithms. An overview of SDN issues and the controller role is provided through its three-plane architecture with a focus on scalability and reliability. In addition, a comprehensive problem review is discussed on the basis of a well-known compendium of available solutions. Finally, relevant open problems and future research challenges are identified.

Virtualized High Throughput Satellite Gateway with a Global Bandwidth Management Method

With the development of new satellite payload technology, in order to improve the utilization of system resources, research is based on software-defined network (SDN) and network function virtualization (NFV) gateway architecture. Based on this architecture, the system realizes global resource management and overall data distribution, which can solve the problem of resource allocation and maximum/minimum rate guarantee between different VNO terminals under different beams, different gateways, and different satellites. For this, a global bandwidth management method can be used which is mainly a process of management to control the traffic on a communication link. The proposed global resource management and control method can be based on the rate guarantee value of the VNO/terminal configured in the system as the basic limiting condition and reallocate the rate guarantee value limiting parameter according to the resource application status of the online terminal. The method can maximize the resource utilization of the entire satellite communication system and satisfy the resource request of the user terminal as much as possible.

Reduction of the Delays Within an Intrusion Detection System (IDS) Based on Software Defined Networking (SDN)

Software Defined Networking (SDN) is a very useful tool not only to manage networks but also to increase network security, in particular by implementing Intrusion Detection Systems (IDS) directly into the SDN architecture. The implementation of IDS within the SDN paradigm can simplify the implementation, speed up incident responses, and, in general, allow to promptly react to cyber attacks through proper countermeasures. Nevertheless, embedding IDS within SDN also introduces delays that cannot be tolerated in specific network environments, like industrial control systems. This paper focuses on the implementation of an IDS based on Machine Learning (ML) algorithms into an SDN architecture and proposes a very practical approach to reduce the delay by using the sequential implementation of prototypes of increasing software and hardware complexity so allowing quick tests to highlight the main problems, solve them and pass to the next operative step. A fully validated performance evaluation is then shown by exploiting all the presented solutions and by using further improved hardware features. The overall performance is very good and compliant with most, even if not yet all, industrial control systems constraints. Results show how the proposed solutions provide a significant improvement of the latency so opening the door to a real implementation in the field.

Retracted] Research on Sports Training Action Image Recognition Based on SDN

Current image recognition methods cannot combine the transmission of image data with the interaction of image features, so the steps of image recognition are too independent, and the traditional methods take longer time and cannot complete the image denoising. Therefore, a recognition method of sports training action image based on software defined network (SDN) architecture is proposed. The SDN architecture is used to integrate the image data transmission and interactive process and to optimize the image processing centralization. The network architecture is composed of application layer, control layer, and infrastructure layer. Based on this, the dimension of image sample set is reduced, and the edge detection operator in any direction is constructed. The image edge filter is realized by calculating the response and threshold of image edge by using lag threshold and nonmaximum suppression (NMS). The Hough transform algorithm is improved to optimize the detection range. Extracting the neighborhood feature of sports training action, the recognition of sports training action image based on SDN architecture is completed. Simulation results show that the proposed method takes less time and the image denoising effect is better. In addition, the F1 test results of the proposed method are higher than those of the literature, and the convergence is better. Therefore, the performance of the proposed method is better.

Toward the Protection of IoT Networks: Introducing the LATAM-DDoS-IoT Dataset

Anomaly detection is a well-known topic in cybersecurity. Its application to the Internet of Things can lead to suitable protection techniques against problems such as denial of service attacks. However, Intrusion Detection Systems based on Artificial Intelligence, as a defense mechanism, need robust data sources to achieve strong generalization levels from the knowledge domain of interest. Therefore, in this research we present the LATAM-DDoS-IoT dataset, which results from a collaboration among Aligo, Universidad de Antioquia, and Tecnologico de Monterrey. The LATAM-DDoS-IoT dataset includes attack traffic to physical Internet of Things devices and normal traffic from real external users consuming actual services from Aligo’s production network. We also compare this new dataset with the Bot-IoT dataset, as the latter is a collection of data used in recent approaches to create detection systems in the Internet of Things domain. Furthermore, we build a smart anomaly-based Intrusion Detection System from our new dataset, training Decision Tree and Multi-layer Perceptron models, for later deployment and evaluation on a Software Defined Networking architecture with physical and virtual components. Before deployment, we obtained an average accuracy of 99.967% and 98.872% with our new dataset’s balanced denial of service and distributed denial of service versions. After deployment, we show that our Intrusion Detection System does not misclassify legitimate traffic and detects more than 90% of the attacks.

Smart architecture for software-defined networking

Software-defined networks (SDN) seek to solve the problems in current network schemes by simplifying their management through their reprogrammability and accessibility to the overall network infrastructure. One aspect to improve in SDN-based schemes is the precise classification of your traffic load, this can improve various aspects such as quality of service, dynamic access control, prioritized random access, among others. This research aims to propose a conceptual architecture of SDN and evaluate different machine learning methods for traffic classification. To this end, SDN architectures are analyzed and different modules are proposed to strengthen their management with the help of low computational cost classifiers. The architecture proposes the following main modules: Capture network traces module, Learning Engine module, and ML-model and Flow classifier. To determine the model to be used in the Learning Engine and Flow classifier modules, different classifiers were evaluated using a database of network traffic, as a result, it was determined that the gradient boosting algorithm is the most suitable to be integrated with the proposed SDN architecture.

Toward Software-Defined Networking-Based IoT Frameworks: A Systematic Literature Review, Taxonomy, Open Challenges and Prospects

Internet of Things (IoT) is characterized as one of the leading actors for the next evolutionary stage in the computing world. IoT-based applications have already produced a plethora of novel services and are improving the living standard by enabling innovative and smart solutions. However, along with its rapid adoption, IoT technology also creates complex challenges regarding the management of IoT networks due to its resource limitations (computational power, energy, and security). Hence, it is urgently needed to refine the IoT-based application’s architectures to robustly manage the overall IoT infrastructure. Software-defined networking (SDN) has emerged as a paradigm that offers software-based controllers to manage hardware infrastructure and traffic flow on a network effectively. SDN architecture has the potential to provide efficient and reliable IoT network management. This research provides a comprehensive survey investigating the published studies on SDN-based frameworks to address IoT management issues in the dimensions of fault tolerance, energy management, scalability, load balancing, and security service provisioning within the IoT networks. We conducted a Systematic Literature Review (SLR) on the research studies (published from 2010 to 2022) focusing on SDN-based IoT management frameworks. We provide an extensive discussion on various aspects of SDN-based IoT solutions and architectures. We elaborate a taxonomy of the existing SDN-based IoT frameworks and solutions by classifying them into categories such as network function virtualization, middleware, OpenFlow adaptation, and blockchain-based management. We present the research gaps by identifying and analyzing the key architectural requirements and management issues in IoT infrastructures. Finally, we highlight various challenges and a range of promising opportunities for future research to provide a roadmap for addressing the weaknesses and identifying the benefits from the potentials offered by SDN-based IoT solutions.

ESMD-Flow: An intelligent flow forwarding scheme with endogenous security based on Mimic defense in space-air-ground integrated network

The Space-Air-Ground Integrated Network (SAGIN) realizes the integration of space, air, and ground networks, obtaining the global communication coverage. Software-Defined Networking (SDN) architecture in SAGIN has become a promising solution to guarantee the Quality of Service (QoS). However, the current routing algorithms mainly focus on the QoS of the service, rarely considering the security requirement of flow. To realize the secure transmission of flows in SAGIN, we propose an intelligent flow forwarding scheme with endogenous security based on Mimic Defense (ESMD-Flow). In this scheme, SDN controller will evaluate the reliability of nodes and links, isolate malicious nodes based on the reliability evaluation value, and adapt multipath routing strategy to ensure that flows are always forwarded along the most reliable multiple paths. In addition, in order to meet the security requirement of flows, we introduce the programming data plane to design a multiprotocol forwarding strategy for realizing the multiprotocol dynamic forwarding of flows. ESMD-Flow can reduce the network attack surface and improve the secure transmission capability of flows by implementing multipath routing and multi-protocol hybrid forwarding mechanism. The extensive simulations demonstrate that ESMD-Flow can significantly improve the average path reliability for routing and increase the difficulty of network eavesdropping while improving the network throughput and reducing the average packet delay.

Mobile Fog Computing by Using SDN/NFV on 5G Edge Nodes

Fog computing provides quality of service for cloud infrastructure. As the data computation intensifies, edge computing becomes difficult. Therefore, mobile fog computing is used for reducing traffic and the time for data computation in the network. In previous studies, software-defined networking (SDN) and network functions virtualization (NFV) were used separately in edge computing. Current industrial and academic research is tackling to integrate SDN and NFV in different environments to address the challenges in performance, reliability, and scalability. SDN/NFV is still in development. The traditional Internet of things (IoT) data analysis system is only based on a linear and time-variant system that needs an IoT data system with a high-precision model. This paper proposes a combined architecture of SDN and NFV on an edge node server for IoT devices to reduce the computational complexity in cloud-based fog computing. SDN provides a generalization structure of the forwarding plane, which is separated from the control plane. Meanwhile, NFV concentrates on virtualization by combining the forwarding model with virtual network functions (VNFs) as a single or chain of VNFs, which leads to interoperability and consistency. The orchestrator layer in the proposed software-defined NFV is responsible for handling real-time tasks by using an edge node server through the SDN controller via four actions: task creation, modification, operation, and completion. Our proposed architecture is simulated on the EstiNet simulator, and total time delay, reliability, and satisfaction are used as evaluation parameters. The simulation results are compared with the results of existing architectures, such as software-defined unified virtual monitoring function and ASTP, to analyze the performance of the proposed architecture. The analysis results indicate that our proposed architecture achieves better performance in terms of total time delay (1800 s for 200 IoT devices), reliability (90%), and satisfaction (90%).

MAC based model to Differentiate Flash crowd and Malicious traffic in SDN

The nature of computer network flash crowd traffic, which is generated by legitimate users accessing servers or other network resources are similar to the traffic generated by Distributed Denial of Service (DDoS) like attacks. With advancement in spoof packet generation tools, attacker may generate Multi-source Multi-destination Multi-protocol (MMM) traffic; characteristics of such traffic are very similar to on-going genuine/ flash crowd traffic in the network. In the case of Software Defined Network (SDN), attacker’s target is controller plane. Controller plane in SDN is a centralized processing unit of the underlying network, which manages several data planes. Controller plane frames the policies and pushes forwarding rules to the data planes. Data planes just maintain the forwarding rules. Thus by overloading the SDN controller, functionality of complete computer network will be hampered. In this paper, we have proposed Media Access Control (MAC) address based Model to Differentiate Flash crowd and Malicious traffic in SDN (MDFMS). Novelty of the proposed model is to detect, locate and mitigate the source of Traditional DDoS (T-DDoS) and MMMDDoS traffic. MDFSM has been implemented on separate machine to avoid any additional computing load on SDN controller. It also preserves the original design of the SDN architecture. Proposed model has been evaluated under various scenarios and encouraging results have been obtained to differentiate T-DDoS and MMM-DDoS from benign flash crowd traffic.

Modeling and Control of Priority Queueing in Software Defined Networks via Machine Learning

Software Defined Networking (SDN) is a new architectural paradigm that enables programmable control of a network to make it more flexible and easier to manage. SDN architectures decouple control and forwarding functionalities, and enable switches and routers to be remotely configurable/ programmable in run-time by a controller. Modeling and optimization of such modern heterogeneous network infrastructures are key factors to achieve better performance, e.g. in terms of traffic flow improvement while reducing bandwidth allocation. Identifying an accurate model of a network device in SDNs (e.g., a switch or a router) is crucial in order to apply advanced techniques such as Model Predictive Control (MPC). However, such a problem is very challenging due to non-linearities and unavailability of internal variables measurements in real devices. To this aim, a promising direction is given by an appropriate integration of System Identification and Machine Learning techniques to obtain predictive models using historical data collected from the network thanks to the SDN paradigm. In this paper we apply a novel data-driven methodology to learn accurate models of the dynamical input-output behavior of a network’s switch device by appropriately combining AutoRegressive eXogenous (ARX) model identification with Regression Trees (RTs) and Random Forests (RFs). The advantage of such model is that it can be directly used to apply MPC (which just requires Quadratic Programming to be solved) to optimally control the queues’ bandwidth of the switch ports within the SDN paradigm.We validate our approach on an experimental emulation setup using the Mininet network emulator environment and a real dataset obtained from measurements of an Italian Internet Service Provider (Sonicatel S.r.l.). To this aim, we first develop a model of a real network switch, then implement MPC using the RYU controller, and finally demonstrate the benefits of the proposed dynamic queueing control methodology in terms of packet losses reduction and bandwidth saving, i.e. in terms of improvement of the Quality of Service.

A Software Defined Networking Architecture for DDoS-Attack in the Storage of Multimicrogrids

Multi-microgrid systems can improve the resiliency and reliability of the power system network. Secure communication for multi-microgrid operation is a crucial issue that needs to be investigated. This paper proposes a multi-controller software defined networking (SDN) architecture based on fog servers in multi-microgrids to improve the electricity grid security, monitoring and controlling. The proposed architecture defines the support vector machine (SVM) to detect the distributed denial of service (DDoS) attack in the storage of microgrids. The information of local SDN controllers on fog servers is managed and supervised by the master controller placed in the application plane properly. Based on the results of attack detection, the power scheduling problem is solved and send a command to change the status of tie and sectionalize switches. The optimization application on the cloud server implements the modified imperialist competitive algorithm (MICA) to solve this stochastic mixed-integer nonlinear problem. The effective performance of the proposed approach using an SDN-based architecture is evaluated through applying it on a multi-microgrid based on IEEE 33-bus radial distribution system with three microgrids in simulation results.

A Mechanism for Load Balancing Routing and Virtualization Based on SDWSN for IoT Applications

Wireless sensor networks (WSN) are important communication components of an internet of things (IoT). With the development of IoT and the increasing number of connected devices, network structure management and maintenance face the serious challenge of energy consumption. By balancing the network load, the energy consumption can be improved effectively. In the conventional WSN architecture, the two prerequisites of the load-balancing mechanism, flexibility and adaptability, are difficult to achieve. software-defined networking (SDN) is a novel network architecture that can promote flexibility and adaptability using a centralized controller. In this paper, a novel SDN architecture aimed at reducing load distribution and prolonging lifetime is proposed, which consists of different components such as topology, BS and controller discovery, link, and virtual routing. Accordingly, a new mechanism is proposed for load-balancing routing through SDN and virtualization. Through direct monitoring of the link load information and the network running status, the employed OpenFlow protocol can determine load-balancing routing for every flow in different IoT applications. The flows in different resource applications can be directed to a base station (BS) via various routes. This implementation reduces the exchange of network status and other relevant information. Virtual routing aims to weigh forward nodes and select the best node for each IoT application. The simulation results show the distribution of load over the network in the proposed algorithm and are characterized by the balanced network energy consumption, but also it prolongs network lifetime in comparison to the LEACH, improved LEACH, and LEACH-C algorithms.

DDoS Detection in SDN using Machine Learning Techniques

Software-defined network (SDN) becomes a new revolutionary paradigm in networks because it provides more control and network operation over a network infrastructure. The SDN controller is considered as the operating system of the SDN based network infrastructure, and it is responsible for executing the different network applications and maintaining the network services and functionalities. Despite all its tremendous capabilities, the SDN face many security issues due to the complexity of the SDN architecture. Distributed denial of services (DDoS) is a common attack on SDN due to its centralized architecture, especially at the control layer of the SDN that has a network-wide impact. Machine learning is now widely used for fast detection of these attacks. In this paper, some important feature selection methods for machine learning on DDoS detection are evaluated. The selection of optimal features reflects the classification accuracy of the machine learning techniques and the performance of the SDN controller. A comparative analysis of feature selection and machine learning classifiers is also derived to detect SDN attacks. The experimental results show that the Random forest (RF) classifier trains the more accurate model with 99.97% accuracy using features subset by the Recursive feature elimination (RFE) method.

Liquid Software-Based Edge Intelligence for Future 6G Networks

The 6G wireless network is promising to build bridges toward smart society in the digital world, which calls for innovative architectures and new solutions. The future 6G network should be sensing-based and data-driven for near-instant and massive connectivity with distributed intelligence. With a majority of intelligent applications being deployed at the edge, artificial intelligence (AI) is envisioned to play a key role in satisfying key requirements of 6G networks. Edge intelligence, as the marriage of AI and edge computing, is envisioned to fully meet the potential requirements of edge big data with energy, bandwidth, storage, and privacy concerns. However, it is an attractive issue to deal with distributed edge intelligence for the complexities and heterogeneous requirements, especially considering the time-varying channels and network dynamics. Furthermore, the ever increasing number of smart devices present great challenges for intelligent network management and newly modular network design in 6G networks, which needs to enable liquid self-management with comprehensive network intelligence. Hence, in this article, we first comprehensively give an overview on AI toward 6G networks, and characterize the requirements of a 6G network for AI applications. In particular, we investigate distributed edge intelligence challenges, requirements, and trends in future 6G networks. Then a liquid-specific and flexible software-defined network architecture for AI applications is inspired and discussed by 6G networks, which will play a crucial role in both academia and industry.

Software-Defined Networking in Cloud Computing

Through network programmability, we may simplify network management and bring innovation, cloud computing introduced some of its network concepts. One of the most prominent cloud models for minimizing maintenance obligations and simplifying network infrastructure administration is the SDN (Software Defined Network) architecture. SDN stands out because it provides separation of the control plane and programmability for developing network applications. As a result, SDN is expected to enable more efficient configuration, higher performance, and increased flexibility to support new network architectures. This article is aimed to demonstrates the importance of the SDN and the major role it plays in the organization and how SDNs can be profitable to many organizations that remain in the archaic or a traditional cloud environment and how SDN can restructure the cloud architecture with more security enhancement and also to investigate SDN related issues and challenges to provide insight into the obstacles that this revolutionary network paradigm will face in the future, from both a protocol and architecture standpoint. In this study, systematic literature was conducted and descriptive was used to analyze data. When it comes to SDN, the following challenges and issues stand out: All of these phrases are used to characterize the properties of a system: scalability, high availability, reliability, elasticity, security, performance, resilience, and dependability.

Survival backup strategy for controller placement problem in Software Defined Networking

The core concept of Software Defined Networking (SDN) is to abstract the control layer from the data layer. SDN architectures can provide programmatic interfaces in communication networks that significantly simplify network management and improve utilization efficiency. Distributed multiple controller SDN environments have become the preferred solution towards better scalability of SDNs. However, there are some inevitable problems for such networks, such as network failure, especially due to the failure of controllers themselves. To further improve network performance, reliability, and survivability, one solution is to deploy backup controllers in the network to satisfy quality of service requirements. In this paper, we aim to enhance the controller placement approach by designing a reliable and survivable controller placement framework. This framework consists of two levels. The first level is to determine the number and placement of the primary controllers using the node degree, which relies on selecting the nodes with the highest degree and then generating multiple domains exploiting the Independent Dominating Set (IDS) technique to ensure efficient distribution of controllers with lowest response times. The second level aims to provide some protection for the first level through the efficient deployment of backup controllers. The approach designed at this level is called the survivable backup controller placement approach. We evaluate this framework using real topologies; the obtained results show the significant impact of integrating both levels in improving the performance of SDNs without introducing unacceptable delay times.

Machine-Learning-Enabled DDoS Attacks Detection in P4 Programmable Networks

Distributed Denial of Service (DDoS) attacks represent a major concern in modern Software Defined Networking (SDN), as SDN controllers are sensitive points of failures in the whole SDN architecture. Recently, research on DDoS attacks detection in SDN has focused on investigation of how to leverage data plane programmability, enabled by P4 language, to detect attacks directly in network switches, with marginal involvement of SDN controllers. In order to effectively address cybersecurity management in SDN architectures, we investigate the potential of Artificial Intelligence and Machine Learning (ML) algorithms to perform automated DDoS Attacks Detection (DAD), specifically focusing on Transmission Control Protocol SYN flood attacks. We compare two different DAD architectures, called Standalone and Correlated DAD, where traffic features collection and attack detection are performed locally at network switches or in a single entity (e.g., in SDN controller), respectively. We combine the capability of ML and P4-enabled data planes to implement real-time DAD. Illustrative numerical results show that, for all tested ML algorithms, accuracy, precision, recall and F1-score are above 98% in most cases, and classification time is in the order of few hundreds of upmu text {s} in the worst case. Considering real-time DAD implementation, significant latency reduction is obtained when features are extracted at the data plane by using P4 language.Graphic