“…In the context of security, Floodlight is a Java-based opensource SDN controller that supports virtual switches. This makes it easier to develop and test modules in a flexible and extendable way to react to changes in network configuration [196]. Security-Enhanced (SE) Floodlight controller [197] offers a comprehensive security mediation for the SDN control layer and adds a secure programmable northbound API, which specifically enforces the privilege separation principle.…”
With the proliferation of embedded technologies and wireless capabilities, today's vehicles are no longer isolated mechanical machines. They become part of a hyper-connected system-Intelligent Transportation Systems (ITS)-that has the potential to support multiple levels of autonomy and intelligence improving considerably the safety, efficiency, and sustainability of transportation networks. However, this raises new security issues that make the whole system prone to cybersecurity attacks that threaten both the safety and privacy of all road-users. This paper gives a short background tutorial on the main security issues and the different attacks that hinder Intelligent Transport Systems. To enable secure and safe ITS applications, this paper provides a comprehensive analysis of existing solutions and highlights their strengths and limitations. Finally, this survey presents key challenges in the field, and discusses recent trends that must be factored in by researchers, implementers, and car manufactures to improve the security of ITS.
“…In the context of security, Floodlight is a Java-based opensource SDN controller that supports virtual switches. This makes it easier to develop and test modules in a flexible and extendable way to react to changes in network configuration [196]. Security-Enhanced (SE) Floodlight controller [197] offers a comprehensive security mediation for the SDN control layer and adds a secure programmable northbound API, which specifically enforces the privilege separation principle.…”
With the proliferation of embedded technologies and wireless capabilities, today's vehicles are no longer isolated mechanical machines. They become part of a hyper-connected system-Intelligent Transportation Systems (ITS)-that has the potential to support multiple levels of autonomy and intelligence improving considerably the safety, efficiency, and sustainability of transportation networks. However, this raises new security issues that make the whole system prone to cybersecurity attacks that threaten both the safety and privacy of all road-users. This paper gives a short background tutorial on the main security issues and the different attacks that hinder Intelligent Transport Systems. To enable secure and safe ITS applications, this paper provides a comprehensive analysis of existing solutions and highlights their strengths and limitations. Finally, this survey presents key challenges in the field, and discusses recent trends that must be factored in by researchers, implementers, and car manufactures to improve the security of ITS.
“…There are a number of investigations considering the victim‐based perspective for deployment location in the application plane 43,51,62,65,96 . In Maccherani et al., 51 Ha et al., 43 and Li et al., 143 the detection mechanisms are implemented on switches or middleboxes close to the victim.…”
Section: Solutions Focused On the Application Planementioning
Summary
Design flaws and vulnerabilities inherent to network protocols, devices, and services make Distributed Denial of Service (DDoS) a persisting threat in the cyberspace, despite decades of research efforts in the area. The historical vertical integration of traditional IP networks limited the solution space, forcing researchers to tweak network protocols while maintaining global compatibility and proper service to legitimate flows. The advent of Software‐Defined Networking (SDN) and advances in Programmable Data Planes (PDP) changed the state of affairs and brought novel possibilities to deal with such attacks. In summary, the ability of bringing together network intelligence to a control plane, and offloading flow processing tasks to the forwarding plane, opened up interesting opportunities for network security researchers unlike ever. In this article, we dive into recent research that relies on SDN and PDP to detect, mitigate, and prevent DDoS attacks. Our literature review takes into account the SDN layered view as defined in RFC7426 and focuses on the data, control, and application planes. We follow a systematic methodology to capture related articles and organize them into a taxonomy of DDoS defense mechanisms focusing on three facets: activity level, deployment location, and cooperation degree. From the analysis of existing work, we also highlight key research gaps that may foster future research in the field.
“…In our work, the Floodlight is adopted as the OpenFlow controller. 36 The top layer of proposed structure is the internet, which provides a large number of servers to process uploaded data and download instructions and results. In Figure 1, the higher-layer facilities of the fixed RSU are connected via the wired-network to ensure the reliability of data transmission, eg, the connection between the fixed RSU and switch, the connection between the switch and controller, and the connection between the controller and internet.…”
Section: Figure 2 Procedures Of the Proposed Schemementioning
confidence: 99%
“…In our work, the Floodlight is adopted as the OpenFlow controller 36 . The top layer of proposed structure is the internet, which provides a large number of servers to process uploaded data and download instructions and results.…”
Summary
The Internet of Vehicle (IoV) is known as a kind of highly dynamic network, in which the vehicle needs to exchange information with the fixed Roadside Unit (RSU) or other moving vehicles frequently. In order to improve the performance of existing RSU access schemes, in this paper, we proposed a BUS‐aided RSU connection scheme based on the software‐defined networking (SDN) and evolutionary game theory, in which the costs during multiple‐user access and following RSU handoff are considered. At first, we constructed a SDN‐IoV architecture and showed the benefits by introducing SDN into IoV. After that, we modified the original OpenFlow protocol stack in order to apply it to the wireless vehicular networks. Next, to explore more accessing opportunities in moving cases, the BUS was further introduced as a mobile RSU. With these fixed and mobile RSUs, an evolutionary game is then envisioned to model the multiple‐user access process with the aim to maximize the rewards of all participants. To make our proposed protocol practical, we also illustrated the implementation procedure of our protocol on the OPNET platform and gave out the finite state machine (FSM) of major routines. Numerical results showed that our proposed scheme could outperform the schemes without BUS, SDN, and game theory enabled, in terms of RSU load ratio, throughput, and handoff times.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.