Software-Defined Networking (SDN) is a new type of technology that embraces high flexibility and adaptability. The applications in SDN have the ability to manage and control networks while ensuring load balancing, access control, and routing. These are considered the most significant benefits of SDN. However, SDN can be influenced by several types of conflicting flows which may lead to deterioration in network performance in terms of efficiency and optimisation. Besides, SDN conflicts occur due to the impact and adjustment of certain features such as priority and action. Moreover, applying machine learning algorithms in the identification and classification of conflicting flows has limitations. As a result, this paper presents several machine learning algorithms that include Decision Tree (DT), Support Vector Machine (SVM), Extremely Fast Decision Tree (EFDT) and Hybrid (DT-SVM) for detecting and classifying conflicting flows in SDNs. The EFDT and hybrid DT-SVM algorithms were designed and deployed based on DT and SVM algorithms to achieve improved performance. Using a range flows from 1000 to 100000 with an increment of 10000 flows per step in two network topologies namely, Fat Tree and Simple Tree Topologies, that were created using the Mininet simulator and connected to the Ryu controller, the performance of the proposed algorithms was evaluated for efficiency and effectiveness across a variety of evaluation metrics. The experimental results of the detection of conflict flows show that the DT and SVM algorithms achieve accuracies of 99.27% and 98.53% respectively while the EFDT and hybrid DT-SVM algorithms achieve respective accuracies of 99.49% and 99.27%. In addition, the proposed EFDT algorithm achieves 95.73% accuracy on the task of classification between conflict flow types. The proposed EFDT and hybrid DT-SVM algorithms show a high capability of SDN applications to offer fast detection and classification of conflict flows.
Software Defined Networking (SDN) is an emerging networking paradigm that provides more flexibility and adaptability in terms of network definition and control. However, SDN is a logically centralized technology. Therefor the control plane (i.e. controller) scalability in SDN in particular, is also one of the problems that needs further focus. OpenFlow is one of the protocol standards in SDN, which allow the separation of the controller from the forwarding plane. The control plane has an SDN embedded firewall and is able to enforce and monitor the network activity. This firewall can be used to control the throughput. However, it may affect SDN performance. In this paper, throughput will be used as a performance metric to evaluate and assess the firewall impact on two protocols; Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) that passes through the forwarding planes. The evaluations have been verified through simulating the SDN OpenFlow network using MININET. The results show that an implementation of firewall module in SDN creates a significant 36% average drop for TCP and 87% average drop for UDP in the bandwidth which eventually affect the quality of the network and applications.
Software defined network (SDN) is a network architecture in which the network traffic may be operated and managed dynamically according to user requirements and demands. Issue of security is one of the big challenges of SDN because different attacks may affect performance and these attacks can be classified into different types. One of the famous attacks is distributed denial of service (DDoS). SDN is a new networking approach that is introduced with the goal to simplify the network management by separating the data and control planes. However, the separation leads to the emergence of new types of distributed denial-of-service (DDOS) attacks on SDN networks. The centralized role of the controller in SDN makes it a perfect target for the attackers. Such attacks can easily bring down the entire network by bringing down the controller. This research explains DDoS attacks and the anomaly detection as one of the famous detection techniques for intelligent networks.
<a name="_Hlk31039004"></a><span lang="EN-US">In terms of network simplification and regulation, Software Defined Networking (SDN) is a new form of infrastructure that offers greater adaptability and flexibility. SDN, however, is an invention that is logically centralized. </span><span>In addition, the optimization of the control plane and data plane in SDN has become an area deserving of more attention. The flow in OpenFlow has been one of the essential parameters in the SDN standards, in which every individual flow includes packet matching fields, flow priority, separate counters, instructions for packet forwarding, flow timeouts and a cookie. This research work is conducted in order to produce and collect flows from the OpenFlow switch in two scenarios; in normal flows and when conflict policy rules are enforced in the network. In this article, the throughput is required to review and evaluate the conflict impact on two protocols as a performance metric; the Transmission Control Protocol (TCP) and the User Datagram Protocol (UDP) that flows via a forwarded plane. During the simulation of the SDN OpenFlow network, the metrics are tested using MININET. The results demonstrate that the existence of SDN conflict rules allows TCP and UDP to have a significant average change in bandwidth that eventually affects the network and operations performance.</span>
High-speed mobility system has now become a serious concern for mobile operators due to the large frameworks of a heterogeneous network made up of multiple cell types and different frequency bands. Handover (HO) is conducted in a real-life scenario when the user equipment (UE) moves from one network coverage to another by performing proper measurement with high speed. HO breakdown and call loss are observed due to a high speed; thus, high-speed mobility system needs improvement by using the UE speed as one of the key measurement monitoring criteria for the long-term evolution (LTE) network. Vendor consultation has been considered in this paper in addition to real drive test measurement in highways. Results have shown that velocity has a direct impact on the handover quality and overall timing. Results also demonstrate that 120 km/h measurement is better than 140 km/h as UE speed.
Wireless Local Area Networks (WLANs) have become an increasingly popular mode of communication and networking, with a wide range of applications in various fields. However, the increasing popularity of WLANs has also led to an increase in security threats, including denial of service (DoS) attacks. In this study, management-frames-based DoS attacks, in which the attacker floods the network with management frames, are particularly concerning as they can cause widespread disruptions in the network. Attacks known as denial of service (DoS) can target wireless LANs. None of the wireless security mechanisms in use today contemplate defence against them. At the MAC layer, there are multiple vulnerabilities that can be exploited to launch DoS attacks. This paper focuses on designing and developing an artificial neural network (NN) scheme for detecting management-frames-based DoS attacks. The proposed scheme aims to effectively detect fake de-authentication/disassociation frames and improve network performance by avoiding communication interruption caused by such attacks. The proposed NN scheme leverages machine learning techniques to analyse patterns and features in the management frames exchanged between wireless devices. By training the NN, the system can learn to accurately detect potential DoS attacks. This approach offers a more sophisticated and effective solution to the problem of DoS attacks in wireless LANs and has the potential to significantly enhance the security and reliability of these networks. According to the experimental results, the proposed technique exhibits higher effectiveness in detection compared to existing methods, as evidenced by a significantly increased true positive rate and a decreased false positive rate.
Software Defined Networks (SDN) are a modern networking technology introduced to simplify network management via the separation of the data and control planes. Characteristically, flow entries are propagated between the control plane layer and application or data plane layers respectively while following flow table instructions through open flow protocol. More often than not, conflicts in flows occur as a result of traffic load and priority of instructions in the data plane. Several research works have been conducted on flow conflicts in SDN to reduce the effect of conflict. The flow conflict solutions in SDN have three main limitations. First, the OpenFlow table may still cause a defect in the security module according to the priority and action matching in the open flow in the control plane. Second, flow conflict detection requires more time for flow tracking and incremental update, whereas in such a case, delay affects the efficiency of SDN. Besides, the SDN algorithm and mechanism have substantially high memory requirement for instruction and proper functioning. Third, most of the available algorithms and detection methods used to avoid flow conflicts have not fully covered the security model policy. This study reviews these limitations and suggest solutions as future open research directions. ABSTRAK: Rangkaian Perisian Tertentu (SDN) adalah teknologi rangkaian moden yang diperkenalkan bagi memudahkan pengurusan rangkaian melalui pecahan data dan kawalan permukaan. Seperti biasa, aliran kemasukan disebar luas antara lapisan permukaan kawalan dan aplikasi atau lapisan permukaan data masing-masing, sambil mengikuti arahan meja melebar melalui protokol aliran terbuka. Kebiasaannya konflik dalam aliran berlaku disebabkan oleh beban trafik dan keutamaan arahan pada permukaan data. Beberapa kajian dibuat terhadap konflik aliran SDN bagi mengurangkan kesan konflik. Solusi konflik aliran dalam SDN mempunyai tiga kekurangan besar. Pertama, jadual Aliran Terbuka mungkin masih menyebabkan kekurangan dalam modul keselamatan berdasarkan keutamaan dan tindakan persamaan dalam aliran terbuka permukaan kawalan. Kedua, pengesanan aliran konflik memerlukan lebih masa bagi pengesanan aliran dan peningkatan kemaskini, kerana setiap penangguhan memberi kesan terhadap kecekapan SDN. Selain itu, algoritma SDN dan mekanisme memerlukan memori yang agak besar bagi memproses arahan dan berfungsi dengan baik. Ketiga, kebanyakan algoritma dan kaedah pengesanan yang digunakan bagi mengelak konflik pengaliran tidak sepenuhnya dilindungi polisi model keselamatan. Oleh itu, kajian ini meneliti kekurangan dan memberi cadangan penambahbaikan bagi arah tuju kajian masa depan yang terbuka.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
334 Leonard St
Brooklyn, NY 11211
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.