• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2018.05a
• /
• pp.238-240
• /
• 2018

Cloud vehicular networks are a promising paradigm to improve vehicular through distributing computation tasks between remote clouds and local vehicular terminals. Software-Defined Network(SDN) can bring advantages to Intelligent Transportation System(ITS) through its ability to provide flexibility and programmability through a logically centralized controlled cluster that has a full comprehension of view of the network. However, as the SDN paradigm is currently studied in vehicular ad hoc networks(VANETs), adapting it to work on cloud-based vehicular network requires some changes to address particular computation features such as task computation of applications of cloud-based vehicular networks. There has been initial work on briging SDN concepts to vehicular networks to reduce the latency by using the fog computing technology, but most of these studies do not directly tackle the issue of task computation. This paper proposes a Software-Defined Cloud-based vehicular Network called SDCVN framework. In this framework, we study the effectiveness of task computation of applications of cloud-based vehicular networks with vehicular cloud and roadside edge cloud. Considering the edge cloud service migration due to the vehicle mobility, we present an efficient roadside cloud based controller entity scheme where the tasks are adaptively computed through vehicular cloud mode or roadside computing predictive trajectory decision mode. Simulation results show that our proposal demonstrates a stable and low route setup time in case of installing the forwarding rules of the routing applications because the source node needs to contact the controller once to setup the route.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2017.10a
• /
• pp.561-562
• /
• 2017

Software defined networking technology allows centralized and powerful network control by separating packet processing and network control. However, powerfulness of software-defined networking technology threats the network itself. Most security researches of software-defined networking focus on discovering and defending network vulnerabilities. But, there is not much security for this technology itself. In this paper, the security vulnerabilities that can occur in this networking technology are analyzed and the security requirements of it are proposed. The biggest threats are the threats to the controller, the reliability problem between the controller and the switch must be solved, and a technique to detect attacks that malfunction by manipulating configuration information are needed.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.15 no.2
• /
• pp.580-599
• /
• 2021

Software-Defined Networking (SDN) has three key features: separation of control and forwarding, centralized control, and network programmability. While improving network management flexibility, SDN has many security issues. This paper systemizes the security threats of SDN using spoofing, tampering, repudiation, information disclosure, denial of service, and elevation of privilege (STRIDE) model to understand the current security status of SDN. First, we introduce the network architecture and data flow of SDN. Second, we analyze security threats of the six types given in the STRIDE model, aiming to reveal the vulnerability mechanisms and assess the attack surface. Then, we briefly describe the corresponding defense technologies. Finally, we summarize the work of this paper and discuss the trends of SDN security research.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2020.01a
• /
• pp.235-236
• /
• 2020

본 논문에서는 기존의 SDN(Software Defined Network)의 특징 및 활용 등에 대해 살펴보고 이를 활용한 네트워크의 고도화 및 보안 측면에서의 장단점 연구를 통해 향후 SDN이 보다 고도화 되어야 하는 방향을 제시한다. SDN은 소프트웨어 앱을 사용하여 네트워크를 지능화 하고 중앙에서 제어하거나 프로그래밍 할 수 있는 네트워크 아키텍처 접근법이다. 사업자는 기본 네트워크 기술에 상관없이 전체 네트워크를 일관적으로 전체적으로 관리할 수 있다. 물리적인 네트워크를 소프트웨어 기술을 이용하여 제어하는 네트워크 기술이다. SDN은 네트워크의 제어 플레인을 네트워크 트래픽을 전달하는 데이터 플레인과 분리한다는 개념이다. 이런 분리의 목적은 중앙에서 관리하고 프로그래밍이 가능한 네트워크를 만드는 것이다. 일부 SDN 구현 솔루션은 범용 네트워크 하드웨어를 통제하는 소프트웨어 기반 관리 플랫폼을 사용한다. 또 다른 접근법은 통합된 소프트웨어와 하드웨어를 사용하기도 한다. 하지만 이러한 SDN에도 많은 취약점이 존재하며 이를 보완할 수 있어야 하며 본 논문에서 이러한 방향을 제한하도록 한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.1
• /
• pp.29-43
• /
• 2019

In recent years, as the network traffic in the WSN(Wireless Sensor Network) has been increased by the growing number of IoT wireless devices, SDWSN(Software-Defined Wireless Sensor Network) and its security that aims a secure SDN(Software-Defined Networking) for efficiently managing network resources in WSN have received much attention. In this paper, we study on how to efficiently and securely design a PUF(Physical Unclonable Function)-assisted group key distribution scheme for the SDWSN environment. Recently, Huang et al. have designed a group key distribution scheme using the strengths of SDN and the physical security features of PUF. However, we observe that Huang et al.'s scheme has weak points that it does not only lack of authentication for the auxiliary controller but also it maintains the redundant synchronization information. In this paper, we securely design an authentication process of the auxiliary controller and improve the vulnerabilities of Huang et al.'s scheme by adding counter strings and random information but deleting the redundant synchronization information.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.12
• /
• pp.5723-5743
• /
• 2018

The evolving internet-based services demand high-speed data transmission in conjunction with scalability. The next generation optical network has to exploit artificial intelligence and cognitive techniques to cope with the emerging requirements. This work proposes a novel way to solve the dynamic provisioning problem in optical network. The provisioning in optical network involves the computation of routes and the reservation of wavelenghs (Routing and Wavelength assignment-RWA). This is an extensively studied multi-objective optimization problem and its complexity is known to be NP-Complete. As the exact algorithms incurs more running time, the heuristic based approaches have been widely preferred to solve this problem. Recently the software-defined networking has impacted the way the optical pipes are configured and monitored. This work proposes the dynamic selection of path computation algorithms in response to the changing service requirements and network scenarios. A software-defined controller mechanism with a novel packet matching feature was proposed to dynamically match the traffic demands with the appropriate algorithm. A software-defined controller with Path Computation Element-PCE was created in the ONOS tool. A simulation study was performed with the case study of dynamic path establishment in ONOS-Open Network Operating System based software defined controller environment. A java based NOX controller was configured with a parent path computation element. The child path computation elements were configured with different path computation algorithms under the control of the parent path computation element. The use case of dynamic bulk path creation was considered. The algorithm selection method is compared with the existing single algorithm based method and the results are analyzed.

• International Journal of Computer Science & Network Security
• /
• v.24 no.2
• /
• pp.67-78
• /
• 2024

Software-Defined Networking (SDN) is a new emerging networking paradigm that has adopted a logically centralized architecture to increase overall network performance agility and programmability. Combining network virtualization with SDN will guarantees for combined advantages of improved flexibility and network performance. Combining SDN with hypervisors divides the network physical resources into several logical transparent and isolated virtual SDN network (vSDN), where each has its virtual controller. However, SDN hypervisors bring several advantages as well as several challenges to its network operators as for the virtual appliances, their efficient placement, assurance of network performance is mandatory, and their dynamic instantiation with their migration. In this article, we provide a brief and concise review of network virtualization along with its implementation in the SDN network. SDN hypervisors types are discussed, and taxonomy is provided to demonstrate the importance of hypervisors in SDN. A comparison of SDN hypervisors is performed to elaborate on the vital hypervisor software along with their features, and different challenges are discussed faced by the SDN network. A framework is proposed to add combined functionalities of hypervisors to create a more effective and efficient virtual system. The purpose of the framework is to increase network performance through proper configuration of resources, software, control plane isolation functions with defined rules and policies.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.1
• /
• pp.484-510
• /
• 2017

Network security is rapidly developing, but so are attack methods. Network worms are one of the most widely used attack methods and have are able to propagate quickly. As an active defense approach to network worms, the honeynet technique has long been limited by the closed architecture of traditional network devices. In this paper, we propose a closed loop defense system of worms based on a Software-Defined Networking (SDN) technology, called Worm-Hunter. The flexibility of SDN in network building is introduced to structure the network infrastructures of Worm-Hunter. By using well-designed flow tables, Worm-Hunter is able to easily deploy different honeynet systems with different network structures and dynamically. When anomalous traffic is detected by the analyzer in Worm-Hunter, it can be redirected into the honeynet and then safely analyzed. Throughout the process, attackers will not be aware that they are caught, and all of the attack behavior is recorded in the system for further analysis. Finally, we verify the system via experiments. The experiments show that Worm-Hunter is able to build multiple honeynet systems on one physical platform. Meanwhile, all of the honeynet systems with the same topology operate without interference.

• ETRI Journal
• /
• v.41 no.4
• /
• pp.452-464
• /
• 2019

The use of wireless body area networks (WBANs) in healthcare applications has made it convenient to monitor both health personnel and patient status continuously in real time through wearable wireless sensor nodes. However, the heterogeneous and complex network structure of WBANs has some disadvantages in terms of control and management. The software-defined network (SDN) approach is a promising technology that defines a new design and management approach for network communications. In order to create more flexible and dynamic network structures in WBANs, this study uses the SDN approach. For this, a WBAN architecture based on the SDN approach with a new energy-aware routing algorithm for healthcare architecture is proposed. To develop a more flexible architecture, a controller that manages all HUBs is designed. The proposed architecture is modeled using the Riverbed Modeler software for performance analysis. The simulation results show that the SDN-based structure meets the service quality requirements and shows superior performance in terms of energy consumption, throughput, successful transmission rate, and delay parameters according to the traditional routing approach.

• International journal of advanced smart convergence
• /
• v.13 no.2
• /
• pp.16-24
• /
• 2024

With an increase in the relevance of next-generation integrated networking environments, the need to effectively utilize advanced networking techniques also increases. Specifically, integrating Software-Defined Networking (SDN) with Multi-access Edge Computing (MEC) is critical for enhancing network flexibility and addressing challenges such as security vulnerabilities and complex network management. SDN enhances operational flexibility by separating the control and data planes, introducing management complexities. This paper proposes a reinforcement learning-based network path optimization strategy within SDN environments to maximize performance, minimize latency, and optimize resource usage in MEC settings. The proposed Enhanced Proximal Policy Optimization (PPO)-based scheme effectively selects optimal routing paths in dynamic conditions, reducing average delay times to about 60 ms and lowering energy consumption. As the proposed method outperforms conventional schemes, it poses significant practical applications.