• KIISE Transactions on Computing Practices
• /
• v.21 no.1
• /
• pp.1-12
• /
• 2015

To realize futuristic services with agility, the role of the experimental facility (i.e., testbed) based on integrated resources has become important, so that developers can flexibly utilize the dynamic provisioning power of software-defined networking and cloud computing. Following this trend, an OpenFlow-based SDN testbed environment, denoted as OF@TEIN, connects multiple sites with unique SmartX Racks (i.e., virtualization-enabled converged resources). In this paper, in order to automate the multi-point L2 (i.e., Ethernet) inter-connection of OpenFlow islands, we introduce an automated tool to configure the required Network Virtualization using Generic Routing Encapsulation (NVGRE) tunneling. With the proposed automation tool, the operators can efficiently and quickly manage network inter-connections among multiple OpenFlow sites, while letting developers to control their own traffic flows for service realization experiments.

• Review of KIISC
• /
• v.25 no.5
• /
• pp.60-66
• /
• 2015

SDN (Software Defined Networking)은 동적 재설정(Dynamic Reconfiguration)기능을 통해 지금껏 존재하지 않았던 유연성(Flexibility)을 IP(Internet Protocol)에 제공한다. 또한, 네트워크 관리, QoS (Quality of Service) 최적화, 시스템 복원력(Resilience) 강화를 위한 다양한 응용프로그램을 지원한다. 스마트그리드(Smart Grid)시스템에 SDN을 적용하기 위한 다양한 연구가 진행 중이며, 본 문서에서는 다양한 사고(Failures) 혹은 불법적인 공격으로부터 해당 시스템 복원력향상을 위한 이슈에 대해 언급한다. 이와 같은 문제점들에 대한 논의 없이 전력회사는 SDN의 장점을 충분히 활용하지 못할 가능성이 높다. 본 문서를 통해, SDN을 통한 스마트그리드 복원력향상, SDN으로 인한 추가적인 보안위협 등에 대해 논의 할 것이다.

• Convergence Security Journal
• /
• v.16 no.7
• /
• pp.3-11
• /
• 2016

With repid development of optical networking technology, Software-Defined Network (SDN) and Network Function Virtualization (NFV), high performance networking service, collaboration platform that enables collaborative research globally, drastically National Research Network (NRN) including Internet Service has changed. Therefore we compared and analyzed several world-class NRNs and took a view of future development strategy of the NRN. Also we suggest high speed security environment in super high bandwidth network with 40Gbps and 100Gbps optical transmission technology, network separation of NRN with Science DMZ to support high performance network transmission for science big data, building security environment for last-mile in campus network that supports programmability of IDS using BRO framework.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.7
• /
• pp.2936-2951
• /
• 2016

An emerging satellite technology, Operationally Responsive Space (ORS) is expected to provide a fast and flexible solution for emergency response, such as target tracking, dense earth observation, communicate relaying and so on. To realize large distance transmission, we propose the use of available relay satellites as relay nodes. Accordingly, we apply software defined network (SDN) technology to ORS networks. We additionally propose a satellite network architecture refered to as the SDN-based ORS-Satellite (Sat) networking scheme (SDOS). To overcome the issures of node failures and dynamic topology changes of satellite networks, we combine centralized and distributed routing mechanisms and propose a fast recovery routing algorithm (FRA) for SDOS. In this routing method, we use centralized routing as the base mode.The distributed opportunistic routing starts when node failures or congestion occur. The performance of the proposed routing method was validated through extensive computer simulations.The results demonstrate that the method is effective in terms of resoving low end-to-end delay, jitter and packet drops.

• Annual Conference of KIPS
• /
• 2020.11a
• /
• pp.397-400
• /
• 2020

SDN(Software Defined Networking)은 효율적인 방법과 저렴한 비용으로 네트워크를 직접 프로그램 하여 즉각적인 제어를 할 수 있다. 본 논문에서는 SDN 의 특성을 활용, SDN 구성요소인 컨트롤러와 스위치를 활용하여 공격 정보를 수집하고 이를 기반으로 공격을 탐지하는 위협 레벨 관리 모듈, 공격 탐지 모듈, 패킷 통계 모듈 등을 설계하여 프로그래밍하고 허니팟을 적용하여 서비스 거부(DoS, Denial of Services)공격을 차단하는 방법을 제시한다.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.39B no.6
• /
• pp.397-405
• /
• 2014

Software-Defined Networking (SDN), which separates the control plane from the data plane and manages data planes in a centralized way, is now considered as a future networking technology, and many researchers and practitioners have dived into this area to devise new network applications, such new routing methods. Likewise, network security applications could be redesigned with SDN, and some pioneers have proposed several interesting network security applications with SDN. However, most approaches have just reimplemented some well-known network security applications, although SDN provides many interesting features, They didn't effectively use them. To investigate if we can use SDN in realizing sophisticated network security applications, we have designed and implemented an advanced network security application, Reflectornet, which redirects malicious or suspicious network trials to other security monitoring points (e.g., honeypot). In addition, we have tested its performance and practicability in diverse angles. Our findings and some insights will encourage other researchers to design better or intelligent network security applications with SDN.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2019.01a
• /
• pp.145-146
• /
• 2019

SDN(Software Defined Networking) 환경에서는 OpenFlow 프로토콜을 사용함으로써, 컨트롤러는 스위치가 패킷의 도착이나 Table의 상태에 따라 미리 Flow table의 Entry를 추가, 갱신, 삭제하도록 제어한다. 본 논문에서는 Flow entry의 사용량에 대한 확률을 정확하게 측정하기 위하여 Hidden Markov Mode (HMM)을 적용한 새로운 Flow entry 사전 제거 기법을 제안한다. 본 연구를 통해 HMM을 사용하여 기존 기술들보다 효과적이며 Flow table 관리에 있어 향상된 성능을 목표로 한다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.2
• /
• pp.932-945
• /
• 2018

Everything in the world is becoming connected and interactive due to the Internet. The future of interactive smart environments such as smart cities, smart industries, or smart farms demand high network bandwidth, high network flexibility, and self-organization systems without costly hardware upgrades, and they provide a sustainable, scalable, and replicable smart environment backbone infrastructure. This paper presents a new Hybrid Software-Defined architecture for integrating Internet-of-Things technologies that are essential technologies for smart environments. It combines a software-defined networking infrastructure and a real-time distributed network framework with an advanced optimization to enable self-configuration, self-management, and self-adaption for providing seamless communication and efficiently managing a vast number of smart heterogeneous devices.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.1
• /
• pp.484-510
• /
• 2017

Network security is rapidly developing, but so are attack methods. Network worms are one of the most widely used attack methods and have are able to propagate quickly. As an active defense approach to network worms, the honeynet technique has long been limited by the closed architecture of traditional network devices. In this paper, we propose a closed loop defense system of worms based on a Software-Defined Networking (SDN) technology, called Worm-Hunter. The flexibility of SDN in network building is introduced to structure the network infrastructures of Worm-Hunter. By using well-designed flow tables, Worm-Hunter is able to easily deploy different honeynet systems with different network structures and dynamically. When anomalous traffic is detected by the analyzer in Worm-Hunter, it can be redirected into the honeynet and then safely analyzed. Throughout the process, attackers will not be aware that they are caught, and all of the attack behavior is recorded in the system for further analysis. Finally, we verify the system via experiments. The experiments show that Worm-Hunter is able to build multiple honeynet systems on one physical platform. Meanwhile, all of the honeynet systems with the same topology operate without interference.

• Annual Conference of KIPS
• /
• 2018.10a
• /
• pp.118-121
• /
• 2018

끊김 없는 이동성은 멀티미디어가 풍부한 실시간 서비스를 지원하는 미래의 무선 네트워크에서 필수적이다. SDN (Software Defined Networking)은 중앙 집중식 컨트롤러를 통해 무선 네트워크에서 세밀한 플로우 수준의 이동성 관리를 제공할 수 있지만 핸드오버 지연의 새로운 네트워킹 패러다임이다. 스플릿 포인트 방식은 SDN 무선 네트워크에서 핸드오버 및 종단 간 전송 지연을 줄이는 효과적인 방법이다. 스플릿 포인트는 트래픽이 새로운 AP (Access Point)를 향하여 핸드오버 한 후에 기존 플로우 경로상에 존재하는 스위치이다. 본 논문에서는 MN-CN (Corresponding Node) 경로의 각 스위치의 가중치를 스위치와 후보 AP 사이의 평균 고리(홉)로 계산하고 최소 가중치를 갖는 스위치가 스플릿 포인트로 선택된다. 스플릿 포인트 선택 외에도 이 논문은 SDN 에서 제공하는 제어 및 데이터 플레인 분리를 이용하여 핸드오버 후 플로우에 대한 최적의 경로를 복원한다. 제안 아이디어의 수치 해석은 이전 솔루션과 비교하여 총 비용이 9.6 % ~ 13 % 향상되었음을 보여준다.