A Review of the Security Architecture for SDN in Light of Its Security Issues
Keywords:
SDN, DOS, DDoS, 5G, APIs, TCP/IP, OSIAbstract
Software-defined networking (SDN) simplifies and enhances network management for administrators. It is a modern approach that liberates networks from conventional constraints and is considered a game-changing concept for the future of the web. SDN can detect and prevent malicious traffic through its three-tiered architecture, consisting of a control layer , application layer and a forwarding layer. Our work distinguishes between DoS and DDoS attacks, which pose varying degrees of security risk for SDN users. SDN-based 5G networks are vulnerable to DDoS assaults by malevolent users, but can be secured using tools like Mininet. The SDN security architecture can be improved by methods such as network monitoring, verification, automation, improvised threat detection, and dynamic reaction. By separating network control and data planes and using software applications, SDN can effectively detect and stop malicious traffic. Combining SDN and ML enables the detection and prevention of low-rate DoS attacks, providing a security solution for SDN-based 5G networks. The coming model enhances efficacy in detecting and protecting against DoS and DDoS attacks, allowing enterprises to defend their networks and crucial services.
References
T. Alharbi, M. Portmann and F. Pakzad, "The security of Topology Discovery in Software Defined Networks," 2015 IEEE 40th Conference on Local Computer Networks (LCN), Clearwater Beach, FL, pp. 502-505, 2015.
J. Ordonez-Lucena, P. Ameigeiras, D. Lopez, J. Ramos-Munoz, J. Lorca, and J. Folgueira, ?Network Slicing for 5G with SDN/NFV: Concepts, Architectures, and Challenges,? IEEE Communications Magazine, vol. 55, pp. 80-87, 2017
Porras, P.A. Cheung, S. Fong, M.W. Skinner, K. and Yegneswaran, ” Securing the Software Defined Network Control Layer,” in NDSS pp 1-15, 2015.
Tanweer Alam, Mohammed Aljohani, “Software Defined Networks: Review and Architecture,” Vol. 1, No. 2, pp 145-146, April 2020
M. R. Parsaei, S. H. Khalilian, R. Javidan, “A Comparative Study on Fault Tolerance Methods in IP Networks versus Software Defined Networks,” International Academic Journal of Science and Engineering. Vol. 3, no. 4, pp. 146-154, 2016.
Ombase P.M., Kulkarni N.P., Bugade S.T., Mhaisgawali A.V., “Survey on DoS Attack Challenges in Software Defined Networking,” Int. J. Comput. Appl., Volume 173 – No.2, . pp23 September 2017
Ahmad I., Namal S., Ylianttila M., Gurtov A., “Securing in SDN: A Survey,” IEEE Communications Surveys & Tutorials ( Volume: 17, Issue: 4, Fourthquarter pp 1-4 , 2015)
K. Bhushan and B.B. Gupta, “Distributed Denial of Service (DDoS) Attack Mitigation in a Software Defined Network (SDN) based Cloud Computing Environment,” J. Ambient Intell. Humaniz. Comput. Vol. 10, No. 5, pp 2 , 2019
V. Duddu, “A Survey of Adversarial ML in Cyber Warfare,” Def. Sci. J., Vol. 68, No. 4, pp 356-357, 2020
Hassan Alamr, Javed Yazdani, Vijey Thayananthan, “Machine Learning for Securing SDN based 5G Network,” International Journal of Computer Applications (0975 – 8887) Volume 174 – No. 14, pp 12-13, January 2021
Milhai Nicolae, Laura Gheorghe, Raluca-Andreea Somesan, “ SDN based Security Mechanism”, IEEE advancing technology for humans , pp. 12-15, 2015,
Shan-Hsiang-Shen, “An Efficient Network Monitor for SDN Networks,” ACM Sigmetrics Performance Evaluation Review, vol. 46, issue 2, pp 95-96 , September 2018
E. Al-Shaer and S. Al-Haj, “FlowChecker: Configuration analysis and verification of federated OpenFlow infrastructures,” in Proc. 3rd ACM Workshop Assurable and Usable Security Configuration, pp. 37– 44 , 2010
M.Canini, D.Venzano, P.Peresini, D.Kostic, and J.Rexford, “A NICE way to test OpenFlow applications,” in Proc. 9th USENIX Conf. Networked Systems Designand Implementation (NSDI), pp 7-10, 2012.
Ramprasath Jayaprakash, “Malicious Attack Detection in Software Defined Networking Using Machine Learning Approach,” July 2020
Praseed A, Thilagam PS. DDoS attacks at the application layer: challenges and research perspectives for safeguarding web applications. DOI 10.1109/COMST.2018.2870658, IEEECommunications Surveys & Tutorials , pp 2-12, 2018.
T. J. Parvat, P. Chandra, “A Novel approach to deep packet inspection for intrusion detection,” Procedia Computer Science, vol. 45, pp. 506- 513, 2015.
Pradeep Kumar Sharma, S. S. Tyagi, “Improving Security through Software Defined Networking (SDN): AN SDN based Model,” International Journal of Recent Technology and Engineering (IJRTE), ISSN: 2277-3878, Volume-8 Issue-4, pp 298-299, November 2019
Pooja , Manu Sood, “SDN and Mininet: Some basic Concepts,” Int. J. Advanced Networking and Applications , ISSN: 0975-02902015,Volume: 07 Issue: 02, pp-2690-2693
K. K. Sharma and M. Sood. “Mininet as a Container Based Emulator for Software Defined Networks” in International Journal of Advanced research Volume 4, Issue 12, pp 681-684, December 2014 .
J Chica ?, J Imbachi, J Botero “Security in SDN: A comprehensive survey” Journal of Network and Computer Applications Volume 159, 1 , pp 3-8, June 2020.
Downloads
Published
How to Cite
Issue
Section
License
This work is licensed under a Creative Commons Attribution 4.0 International License.
Authors contributing to this journal agree to publish their articles under the Creative Commons Attribution 4.0 International License, allowing third parties to share their work (copy, distribute, transmit) and to adapt it, under the condition that the authors are given credit and that in the event of reuse or distribution, the terms of this license are made clear.
