• The Journal of Korean Institute of Next Generation Computing
• /
• v.15 no.4
• /
• pp.80-88
• /
• 2019

Software Defined Networking (SDN) is the future network paradigm of decoupling control and data functions. In SDN structure, it is hard to address scalability in case of large-scale networks because single controller managed thousands of switches in a centralized fashion. Most of previous studies have focused on horizontal scalability, where distributed controllers are assigned to network devices. However, they have abstracted the control plane and the application plane into a single controller. The layer of the common SDN architecture is divided into data plane, control plane, and application plane, but the control plane and application plane have been modeled as a single controller although they are logically separated. In this paper, we propose a analytical traffic model considering the both application plane and control plane based on queuing theory. This model can be used to address scalability issues such as controller placement problem without complicated simulations.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.13 no.1
• /
• pp.81-87
• /
• 2020

Recently, the network configuration is being rapidly changed to enable easy and free network service configuration based on SDN/NFV. Despite the many advantages and applications of SDN, many security issues such as Distributed Denial of Service (DDoS) attacks are being constantly raised as research issues. In particular, the effectiveness of DDoS attacks is much faster, SDN is causing more and more fatal damage. In this paper, we propose an entropy-based technique to detect and mitigate DDoS attacks in SDN, and prove it through experiments. The proposed scheme is designed to mitigate these attacks by detecting DDoS attacks on single and multiple victim systems and using time - specific techniques. We confirmed the effectiveness of the proposed scheme to reduce packet loss rate by 20(19.86)% while generating 3.21% network congestion.

• The Journal of Bigdata
• /
• v.8 no.2
• /
• pp.141-148
• /
• 2023

Recent advancements in the integration of satellite technology and the Internet of Things (IoT) have led to the development of a sophisticated network ecosystem, capable of generating and utilizing vast amounts of big data across various sectors. However, this integrated network faces significant security challenges, primarily due to constraints like limited latency, low power requirements, and the incorporation of diverse heterogeneous devices. Addressing these security concerns, this paper explores the construction of a satellite-IoT network through the application of Software Defined Networking (SDN). While SDN offers numerous benefits, it also inherits certain inherent security vulnerabilities. To mitigate these issues, we propose a novel approach that incorporates blockchain technology within the SDN framework. This blockchain-based SDN environment enhances security through a distributed controller system, which also facilitates the authentication of IoT terminals and nodes. Our paper details the implementation plan for this system and discusses its validation through a series of tests. Looking forward, we aim to expand our research to include the convergence of artificial intelligence with satellite-IoT devices, exploring new avenues for leveraging the potential of big data in this context.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.8
• /
• pp.3435-3454
• /
• 2016

Device-to-device (D2D) communication is a potential solution to the incessant increase in data traffic on cellular networks. The greatest problem is how to control the interference between D2D users and cellular mobile users, and between D2D users themselves. This paper proposes a solution for this issue by putting the full control privilege in cellular network using the software-defined networking (SDN) concept. A software virtual switch called Open vSwitch and several components are integrated into mobile devices for data forwarding and radio resource mapping, whereas the control functions are executed in the cellular network via a SDN controller. This allows the network to assign radio resources for D2D communication directly, thus reducing interference. This solution also brings out many benefits, including resource efficiency, energy saving, topology flexibility, etc. The advantages and disadvantages of this architecture are analyzed by both a mathematical method and a simple implementation. The result shows that implementation of this solution in the next generation of cellular networks is feasible.

• Annual Conference of KIPS
• /
• 2015.10a
• /
• pp.335-336
• /
• 2015

Seamless mobility is one of the most crucial feature of telecommunication industry. Researches are going on in full swing to deal with this feature in most efficient manner. Software Defined Networking (SDN) is seen as the next generation paradigm which can facilitate seamless mobility across heterogeneous networks by segregating the control plane and data plane functionalities, and logically centralizing the control plane. In this paper, we propose a simplified Layer 2 handover mechanism for enterprise wireless networks, based on SDN framework. We present a network assisted L2 handover method using the IEEE 802.21 Media Independent Handover (MIH) protocol and SDN concepts, to achieve seamless mobility across heterogeneous networks.

• Proceedings of the Korean Society of Computer Information Conference
• /
• 2018.01a
• /
• pp.11-12
• /
• 2018

FPC 알고리즘(Fast Paox-based controller algorithm)은 기존에 Paxos 프로토콜을 단순화하고 Paxos를 개발하고 구현하는 복잡성을 완화할 수 있는 다중 SDN 컨트롤러 간에 적용되는 합의를 처리할 수 있는 알고리즘이다. 하지만, 허가를 결정하는 투표 과정에서 불필요한 절차가 존재하여 연산 속도가 감소하고 계산 비용이 많이 든다는 단점이 있다. 본 논문에서는 이러한 단점을 극복하는 해결책을 제시하여 알고리즘의 성능이 향상되는 것을 증명하였다.

• Journal of Internet Computing and Services
• /
• v.16 no.6
• /
• pp.47-55
• /
• 2015

The conventional dynamic routing methods in Software Defined Networks (SDN) set the optimal routing path based on the minimum link cost, and thereby transmits the incoming or outgoing flows to the terminal. However, in this case, flows can bypass the middlebox that is responsible for security service and thus, thus the network can face a threat. That is, while determining the best route for each flow, it is necessary to consider a dynamic service chaining, which routes a flow via a security middlebox. Therefore, int this paper, we propose a new dynamic routing method that considers the dynamic flow routing method combined with the security service functions over the SDN.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.11
• /
• pp.5179-5202
• /
• 2018

Transmission Control Protocol (TCP) is the most widely used protocol in the cloud data centers today. However, cloud data centers using TCP experience many issues as TCP was designed based on the assumption that it would primarily be used in Wide Area Networks (WANs). One of the major issues with TCP in the cloud data centers is the Incast issue. This issue arises because of the many-to-one communication pattern that commonly exists in the modern cloud data centers. In many-to-one communication pattern, multiple senders simultaneously send data to a single receiver. This causes packet loss at the switch buffer which results in TCP throughput collapse that leads to high Flow Completion Time (FCT). Recently, Software-Defined Networking (SDN) has been used by many researchers to mitigate the Incast issue. In this paper, a detailed survey of various SDN based solutions to the Incast issue is carried out. In this survey, various SDN based solutions are classified into four categories i.e. TCP Receive Window based solutions, Tuning TCP Parameters based solutions, Quick Recovery based solutions and Application Layer based solutions. All the solutions are critically evaluated in terms of their principles, advantages, and shortcomings. Another important feature of this survey is to compare various SDN based solutions with respect to different performance metrics e.g. maximum number of concurrent senders supported, calculation of delay at the controller etc. These performance metrics are important for deployment of any SDN based solution in modern cloud data centers. In addition, future research directions are also discussed in this survey that can be explored to design and develop better SDN based solutions to the Incast issue.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.6
• /
• pp.2848-2869
• /
• 2017

Mobile Wireless Sensor Networks (MWSN) are usually constrained in energy supply, which makes energy efficiency a key factor to extend the network lifetime. The management of the network topology has been widely used as a mechanism to enhance the lifetime of wireless sensor networks (WSN), and this work presents an alternative to this. Software Defined Networking (SDN) is a well-known technology in data center applications that separates the data and control planes during the network management. This paper proposes a solution based on SDN that optimizes the energy use in MWSN. The network intelligence is placed in a controller that can be accessed through different controller gateways within a MWSN. This network intelligence runs a Topology Control (TC) mechanism to build a backbone of coordinator nodes. Therefore, nodes only need to perform forwarding tasks, they reduce message retransmissions and CPU usage. This results in an improvement of the network lifetime. The performance of the proposed solution is evaluated and compared with a distributed approach using the OMNeT++ simulation framework. Results show that the network lifetime increases when 2 or more controller gateways are used.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.1
• /
• pp.29-43
• /
• 2019

In recent years, as the network traffic in the WSN(Wireless Sensor Network) has been increased by the growing number of IoT wireless devices, SDWSN(Software-Defined Wireless Sensor Network) and its security that aims a secure SDN(Software-Defined Networking) for efficiently managing network resources in WSN have received much attention. In this paper, we study on how to efficiently and securely design a PUF(Physical Unclonable Function)-assisted group key distribution scheme for the SDWSN environment. Recently, Huang et al. have designed a group key distribution scheme using the strengths of SDN and the physical security features of PUF. However, we observe that Huang et al.'s scheme has weak points that it does not only lack of authentication for the auxiliary controller but also it maintains the redundant synchronization information. In this paper, we securely design an authentication process of the auxiliary controller and improve the vulnerabilities of Huang et al.'s scheme by adding counter strings and random information but deleting the redundant synchronization information.