• Title/Summary/Keyword: Software-defined Networking

검색결과 168건 처리시간 0.022초

Introducing Network Situation Awareness into Software Defined Wireless Networks

  • Zhao, Xing;Lei, Tao;Lu, Zhaoming;Wen, Xiangming;Jiang, Shan
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • 제12권3호
    • /
    • pp.1063-1082
    • /
    • 2018
  • The concept of SDN (Software Defined Networking) endows the network with programmability and significantly improves the flexibility and extensibility of networks. Currently a plenty of research works on introducing SDN into wireless networks. Most of them focus on the innovation of the SDN based architectures but few consider how to realize the global perception of the network through the controller. In order to address this problem, a software defined carrier grade Wi-Fi framework called SWAN, is proposed firstly. Then based on the proposed SWAN architecture, a blueprint of introducing the traditional NSA (Network Situation Awareness) into SWAN is proposed and described in detail. Through perceiving various network data by a decentralized architecture and making comprehension and prediction on the perceived data, the proposed blueprint endows the controllers with the capability to aware of the current network situation and predict the near future situation. Meanwhile, the extensibility of the proposed blueprint makes it a universal solution for software defined wireless networks SDWNs rather than just for one case. Then we further research one typical use case of proposed NSA blueprint: network performance awareness (NPA). The subsequent comparison with other methods and result analysis not only well prove the effectiveness of proposed NPA but further provide a strong proof of the feasibility of proposed NSA blueprint.

A Mechanism for Configurable Network Service Chaining and Its Implementation

  • Xiong, Gang;Hu, Yuxiang;Lan, Julong;Cheng, Guozhen
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • 제10권8호
    • /
    • pp.3701-3727
    • /
    • 2016
  • Recently Service Function Chaining (SFC) is promising to innovate the network service mode in modern networks. However, a feasible implementation of SFC is still difficult due to the need to achieve functional equivalence with traditional modes without sacrificing performance or increasing network complexity. In this paper, we present a configurable network service chaining (CNSC) mechanism to provide services for network traffics in a flexible and optimal way. Firstly, we formulate the problem of network service chaining and design an effective service chain construction framework based on integrating software-defined networking (SDN) with network functions virtualization (NFV). Then, we model the service path computation problem as an integer liner optimization problem and propose an algorithm named SPCM to cooperatively combine service function instances with a network utility maximum policy. In the procedure of SPCM, we achieve the service node mapping by defining a service capacity matrix for substrate nodes, and work out the optimal link mapping policies with segment routing. Finally, the simulation results indicate that the average request acceptance ratio and resources utilization ratio can reach above 85% and 75% by our SPCM algorithm, respectively. Upon the prototype system, it is demonstrated that CNSC outperforms other approaches and can provide flexible and scalable network services.

A Software Defined Networking Approach to Improve the Energy Efficiency of Mobile Wireless Sensor Networks

  • Aparicio, Joaquin;Echevarria, Juan Jose;Legarda, Jon
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • 제11권6호
    • /
    • pp.2848-2869
    • /
    • 2017
  • Mobile Wireless Sensor Networks (MWSN) are usually constrained in energy supply, which makes energy efficiency a key factor to extend the network lifetime. The management of the network topology has been widely used as a mechanism to enhance the lifetime of wireless sensor networks (WSN), and this work presents an alternative to this. Software Defined Networking (SDN) is a well-known technology in data center applications that separates the data and control planes during the network management. This paper proposes a solution based on SDN that optimizes the energy use in MWSN. The network intelligence is placed in a controller that can be accessed through different controller gateways within a MWSN. This network intelligence runs a Topology Control (TC) mechanism to build a backbone of coordinator nodes. Therefore, nodes only need to perform forwarding tasks, they reduce message retransmissions and CPU usage. This results in an improvement of the network lifetime. The performance of the proposed solution is evaluated and compared with a distributed approach using the OMNeT++ simulation framework. Results show that the network lifetime increases when 2 or more controller gateways are used.

The Top-K QoS-aware Paths Discovery for Source Routing in SDN

  • Chen, Xi;Wu, Junlei;Wu, Tao
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • 제12권6호
    • /
    • pp.2534-2553
    • /
    • 2018
  • Source routing is the routing scheme that arranges the whole path from source to target at the origin node that may suit the requirements from the upper layer applications' perspective. The centralized control in SDN (Software-Defined Networking) networks enables the awareness of the global topology at the controller. Therefore, augmented source routing schemes can be designed to achieve various purposes. This paper proposes a source routing scheme that conducts the top-K QoS-aware paths discovery in SDN. First, the novel non-invasive QoS over LLDP scheme is designed to collect QoS information based on LLDP in a piggyback fashion. Then, variations of the KSP (K Shortest Paths) algorithm are derived to find the unconstrained/constrained top-K ranked paths with regard to individual/overall path costs, reflecting the Quality of Service. The experiment results show that the proposed scheme can efficiently collect the QoS information and find the top-K paths. Also, the performance of our scheme is applicable in QoS-sensitive application scenarios compared with previous works.

혁신 생태계 변화의 동인에 대한 이론과 사례 연구 : 표준이 역량분포와 거래비용의 진화적 변화에 미치는 영향 분석을 중심으로 (Understanding the Drivers for Migration to Innovation Ecosystem : The Influence of Standard on the Evolutionary Change of Capability Distribution and Transaction Costs)

  • 김민식;김언수
    • 한국IT서비스학회지
    • /
    • 제12권3호
    • /
    • pp.1-21
    • /
    • 2013
  • This study attempts to explain the mechanism behind the migration from vertically integrated value chain architecture to an innovation ecosystem consisting of horizontally separated layers in value chain. We first present a comprehensive framework based on the theoretical analysis of the drivers for migration to an innovation ecosystem, which are standard (institution), capability distribution, and transaction costs. The theoretical framework suggests that the migration to an innovation ecosystem is explained by the influence of standard on the evolutionary change of capability distribution and transaction costs. In particular, when the new de-jure standard competes with the de-facto standard, the new de-jure standard has the greatest impact on the distribution capabilities and the transaction costs. Based on this theoretical framework, we analyze the latest SDN (Software Defined Networking) case of the network industry. SDN standard has transformed the industry from a vertically integrated value chain architecture to a horizontally separated one with its influence on the distribution capabilities and the transaction costs in the industry.

Science DMZ 적용을 위한 SDN 기반의 네트워크 침입 방지 시스템 (SDN-Based Intrusion Prevention System for Science DMZ)

  • 조진용;장희진;이경민;공정욱
    • 한국통신학회논문지
    • /
    • 제40권6호
    • /
    • pp.1070-1080
    • /
    • 2015
  • 본 논문은 Science DMZ(Demilitarized Zone) 적용을 위한 SDN(Software Defined Networking) 기반의 네트워크 침입 방지 시스템을 소개한다. 제안된 시스템은 침입 탐지 기능을 침입 방지 장치로부터 분리하고 SDN 기술을 확장해 탐지 기능과 방어 기능을 상호 연동시킴으로써 네트워크 보안 장비의 유연성(flexibility)과 확장성(extensibility)을 높이고 패킷 검사(packet inspection) 등으로 야기되는 패킷 손실을 방지하는데 목적이 있다. 본 논문에서는 제안한 프레임워크의 한 응용 시나리오를 소개하고 국가과학기술연구망에 구축된 네트워킹 DMZ환경에 시험 적용함으로써 활용 가능성을 검증한다.

SDN 환경에서의 데이터 생성 형태를 고려한 효율적인 부하분산 기법 (An Efficient Load Balancing Technique Considering Forms of Data Generation in SDNs)

  • 윤지영;권태욱
    • 한국멀티미디어학회논문지
    • /
    • 제23권2호
    • /
    • pp.247-254
    • /
    • 2020
  • The recent Internet environment is characterized by the explosion of certain types of data, as the data that people want is affected by certain issues. In this paper, we propose a load balancing technique that considers the data generation forms. The concept of this technique is to prioritize some type of data when it suddenly explodes. This is a technique to build an add-on middle box on a switch to monitor packets and give priority to a queue for load balancing. This technique worked when certain types of data exploded. SDN(Software Defined Networking) has the advantage of efficiently managing a number of network equipment. However, load balancing in the SDN environment has not been studied much. Applying the proposed load balancing technique in the SDN environment can save time and budget and easily implement our policies. When the proposed load balancing technique is applied to the SDN environment, it has been found that the techniques we want can be easily applied to the network systems, and that efficient data processing is possible when certain types of data explosion.

A Moving Window Principal Components Analysis Based Anomaly Detection and Mitigation Approach in SDN Network

  • Wang, Mingxin;Zhou, Huachun;Chen, Jia
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • 제12권8호
    • /
    • pp.3946-3965
    • /
    • 2018
  • Network anomaly detection in Software Defined Networking, especially the detection of DDoS attack, has been given great attention in recent years. It is convenient to build the Traffic Matrix from a global view in SDN. However, the monitoring and management of high-volume feature-rich traffic in large networks brings significant challenges. In this paper, we propose a moving window Principal Components Analysis based anomaly detection and mitigation approach to map data onto a low-dimensional subspace and keep monitoring the network state in real-time. Once the anomaly is detected, the controller will install the defense flow table rules onto the corresponding data plane switches to mitigate the attack. Furthermore, we evaluate our approach with experiments. The Receiver Operating Characteristic curves show that our approach performs well in both detection probability and false alarm probability compared with the entropy-based approach. In addition, the mitigation effect is impressive that our approach can prevent most of the attacking traffic. At last, we evaluate the overhead of the system, including the detection delay and utilization of CPU, which is not excessive. Our anomaly detection approach is lightweight and effective.

SDN 환경에서의 목적지 주소별 패킷 샘플링을 이용한 SYN Flooding 공격 방어기법 (A Protection Method using Destination Address Packet Sampling for SYN Flooding Attack in SDN Environments)

  • 방기현;최덕재;방상원
    • 한국멀티미디어학회논문지
    • /
    • 제18권1호
    • /
    • pp.35-41
    • /
    • 2015
  • SDN(Software Defined Networking) has been considered as a new future computer network architecture and DDoS(Distributed Denial of Service) is the biggest threat in the network security. In SDN architecture, we present the technique to defend the DDoS SYN Flooding attack that is one of the DDoS attack method. First, we monitor the Backlog queue in order to reduce the unnecessary monitoring resources. If the Backlog queue of the certain server is occupied over 70%, the sFlow performs packet sampling with the server address as the destination address. To distinguish between the attacker and the normal user, we use the source address. We decide the SYN packet threshold using the remaining Backlog queue that possible to allow the number of connections. If certain sources address send the SYN packet over the threshold, we judge that this address is attacker. The controller will modify the flow table entry to block attack traffics. By using this method, we reduce the resource consumption about the unnecessary monitoring and the protection range is expanded to all switches. The result achieved from our experiment show that we can prevent the SYN Flooding attack before the Backlog queue is fully occupied.

IRSML: An intelligent routing algorithm based on machine learning in software defined wireless networking

  • Duong, Thuy-Van T.;Binh, Le Huu
    • ETRI Journal
    • /
    • 제44권5호
    • /
    • pp.733-745
    • /
    • 2022
  • In software-defined wireless networking (SDWN), the optimal routing technique is one of the effective solutions to improve its performance. This routing technique is done by many different methods, with the most common using integer linear programming problem (ILP), building optimal routing metrics. These methods often only focus on one routing objective, such as minimizing the packet blocking probability, minimizing end-to-end delay (EED), and maximizing network throughput. It is difficult to consider multiple objectives concurrently in a routing algorithm. In this paper, we investigate the application of machine learning to control routing in the SDWN. An intelligent routing algorithm is then proposed based on the machine learning to improve the network performance. The proposed algorithm can optimize multiple routing objectives. Our idea is to combine supervised learning (SL) and reinforcement learning (RL) methods to discover new routes. The SL is used to predict the performance metrics of the links, including EED quality of transmission (QoT), and packet blocking probability (PBP). The routing is done by the RL method. We use the Q-value in the fundamental equation of the RL to store the PBP, which is used for the aim of route selection. Concurrently, the learning rate coefficient is flexibly changed to determine the constraints of routing during learning. These constraints include QoT and EED. Our performance evaluations based on OMNeT++ have shown that the proposed algorithm has significantly improved the network performance in terms of the QoT, EED, packet delivery ratio, and network throughput compared with other well-known routing algorithms.