• 한국정보통신학회:학술대회논문집
• /
• 한국정보통신학회 2018년도 추계학술대회
• /
• pp.148-151
• /
• 2018

소프트웨어 정의 네트워킹(SDN, Software-Defined Networking) 기술은 기존의 네트워크 장비와는 다르게 중앙 집중화된 SDN 컨트롤러가 다수의 스위치를 관리하여 어떠한 네트워크 요구사항도 쉽게 적용할 수 있는 차세대 네트워크 기술이다. 하지만 최근 몇 년간 SDN에 대한 연구가 급격하게 진행되면서 이에 대한 보안 문제도 중요하게 여겨지고 있다. 따라서 본 논문에서는 SDN에서 가능한 주요 보안 문제들을 조사하고, 이를 해결할 수 있는 방안으로 블록체인(Blockchain) 기술을 SDN에 적용할 수 있는 방법론을 소개한다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제17권7호
• /
• pp.1894-1915
• /
• 2023

Software-Defined Networking (SDN) offers several advantages in dynamic routing, flexible programmable control and custom application-driven network management. However, the programmability of the data plane in traditional SDN is limited. A network operator cannot change the ability of the data plane and perform complex packet processing on the data plane, which limits the flexibility and extendibility of SDN. In the paper, AP-SDN (Action Program enabled Software-Defined Networking) architecture is proposed, which extends the action set of SDN data plane. In the proposed architecture, a modified Open vSwitch is utilized in the data plane allowing the execution of action programs at runtime, thus enabling complex packet processing. An example action program is also implemented which transparently encrypts traffic for terminals. At last, a prototype system of AP-SDN is developed and experiments show its effectiveness and performance.

• 정보과학회 컴퓨팅의 실제 논문지
• /
• 제21권11호
• /
• pp.727-732
• /
• 2015

미래 인터넷과 관련한 많은 연구들이 활발히 진행 중에 있는 지금, SDN(Software Defined Networking)이라는 새로운 네트워킹 패러다임이 IT 사회의 큰 이슈로 대두되고 있는 추세이다. 따라서 본 논문에서는 기존의 SDN(소프트웨어 정의 네트워킹) 방식을 도입하여 서비스 정의 네트워킹을 제안한다. 이는 패킷을 전송할 때, 서비스 별로 패킷을 분류하고 전송하도록 하는 방식으로, 네트워크 자원을 효율적으로 사용함과 더불어 패킷 전송 시에 발생할 수 있는 지연을 최소화하는 알고리즘을 갖는다. 본 논문에서 제안하는 알고리즘1)을 통해 네트워크 혼잡상태에서 발생하는 가장 큰 문제점 중 하나인 패킷 전송 대기시간을 완화할 수 있으며 또한 서비스에 따라 패킷을 분류하여 전송하므로 기존 네트워크에서 다양한 크기의 패킷을 처리하는 과정에서 발생하는 네트워크 자원 사용 문제를 효율적으로 개선할 수 있다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제15권2호
• /
• pp.580-599
• /
• 2021

Software-Defined Networking (SDN) has three key features: separation of control and forwarding, centralized control, and network programmability. While improving network management flexibility, SDN has many security issues. This paper systemizes the security threats of SDN using spoofing, tampering, repudiation, information disclosure, denial of service, and elevation of privilege (STRIDE) model to understand the current security status of SDN. First, we introduce the network architecture and data flow of SDN. Second, we analyze security threats of the six types given in the STRIDE model, aiming to reveal the vulnerability mechanisms and assess the attack surface. Then, we briefly describe the corresponding defense technologies. Finally, we summarize the work of this paper and discuss the trends of SDN security research.

• 정보와 통신
• /
• 제32권7호
• /
• pp.46-55
• /
• 2015

현재의 OpenFlow 기반의 SDN(Software-Defined Networking) 기술은 데이터 센터 네트워크를 대체하기 위한 기술로 간주되고 있으며 캐리어(통신 사업자)의 네트워크에 적용하기에는 아직 많은 기술 개발이 필요한 것으로 알려져 있다. 본고에서는 캐리어 네트워크에 적용 가능한 SDN을 SDN 2.0으로 정의하고 SDN 2.0의 실현에 필요한 주요 기술들의 연구동향과 적용방안에 대해 살펴본다.

• International journal of advanced smart convergence
• /
• 제13권2호
• /
• pp.16-24
• /
• 2024

With an increase in the relevance of next-generation integrated networking environments, the need to effectively utilize advanced networking techniques also increases. Specifically, integrating Software-Defined Networking (SDN) with Multi-access Edge Computing (MEC) is critical for enhancing network flexibility and addressing challenges such as security vulnerabilities and complex network management. SDN enhances operational flexibility by separating the control and data planes, introducing management complexities. This paper proposes a reinforcement learning-based network path optimization strategy within SDN environments to maximize performance, minimize latency, and optimize resource usage in MEC settings. The proposed Enhanced Proximal Policy Optimization (PPO)-based scheme effectively selects optimal routing paths in dynamic conditions, reducing average delay times to about 60 ms and lowering energy consumption. As the proposed method outperforms conventional schemes, it poses significant practical applications.

• 전기학회논문지
• /
• 제66권12호
• /
• pp.1913-1920
• /
• 2017

Software Defined Networking creates totally new concept of networking and its applications which is based on separating the application and control layer from the networking infrastructure as a result it yields new opportunities in improving the network security and making it more automated in robust way, one of these applications is Denial of Service attack mitigation but due to the dynamic nature of Denial of Service attack it would require dynamic response which can mitigate the attack with the minimum false positive. In this paper we will propose a new mitigation Framework for DDoS attacks using Software Defined Networking technology to protect online services e.g. websites, DNS and email services against DoS and DDoS attacks.

• International Journal of Computer Science & Network Security
• /
• 제22권4호
• /
• pp.374-386
• /
• 2022

Nowadays, research in deep learning leveraged automated computing and networking paradigm evidenced rapid contributions in terms of Software Defined Networking (SDN) and its diverse security applications while handling cybercrimes. SDN plays a vital role in sniffing information related to network usage in large-scale data centers that simultaneously support an improved algorithm design for automated detection of network intrusions. Despite its security protocols, SDN is considered contradictory towards DDoS attacks (Distributed Denial of Service). Several research studies developed machine learning-based network intrusion detection systems addressing detection and mitigation of DDoS attacks in SDN-based networks due to dynamic changes in various features and behavioral patterns. Addressing this problem, this research study focuses on effectively designing a multistage hybrid and intelligent deep learning classifier based on modified deep forest classification to detect DDoS attacks in SDN networks. Experimental results depict that the performance accuracy of the proposed classifier is improved when evaluated with standard parameters.

• International Journal of Computer Science & Network Security
• /
• 제24권2호
• /
• pp.67-78
• /
• 2024

Software-Defined Networking (SDN) is a new emerging networking paradigm that has adopted a logically centralized architecture to increase overall network performance agility and programmability. Combining network virtualization with SDN will guarantees for combined advantages of improved flexibility and network performance. Combining SDN with hypervisors divides the network physical resources into several logical transparent and isolated virtual SDN network (vSDN), where each has its virtual controller. However, SDN hypervisors bring several advantages as well as several challenges to its network operators as for the virtual appliances, their efficient placement, assurance of network performance is mandatory, and their dynamic instantiation with their migration. In this article, we provide a brief and concise review of network virtualization along with its implementation in the SDN network. SDN hypervisors types are discussed, and taxonomy is provided to demonstrate the importance of hypervisors in SDN. A comparison of SDN hypervisors is performed to elaborate on the vital hypervisor software along with their features, and different challenges are discussed faced by the SDN network. A framework is proposed to add combined functionalities of hypervisors to create a more effective and efficient virtual system. The purpose of the framework is to increase network performance through proper configuration of resources, software, control plane isolation functions with defined rules and policies.

• 전자통신동향분석
• /
• 제27권6호
• /
• pp.144-154
• /
• 2012

최근 네트워킹 분야에서 활발히 연구되고 있는 SDN(Software-Defined Networking) 기술에서, 보다 편리하고 정확한 방법으로 네트워크를 구축하기 위한 SDN 프로그래밍 기술에 대해 최근 발표된 논문을 중심으로 연구 동향을 분석한다.