Security for Future Software Defined Mobile Networks

Liyanage, Madhusanka; Ahmed, I.; Ylianttila, Mika; Santos, Jesús Llorente; Kantola, Raimo; Perez, Oscar López; Itzazelaia, Mikel Uriarte; de, Edgardo Montes; Valtierra, Asier; Jiménez, Carlos

doi:10.1109/ngmast.2015.43

Cited by 34 publications

(25 citation statements)

References 26 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Surveys of SDN-based networks' vulnerabilities and related solutions are presented in [67], [68], [72], [75]. Survey in [67] identifies possibilities of security threats and attacks in SDN in relevance with the traditional STRIDE (Spoofing, Tampering, Repudiation, Information disclosure, DoS (Denial of Service), Elevation of privilege) threat model and discusses respective work and proposed solutions.…”

Section: E Sdn Specific Security Issuesmentioning

confidence: 99%

See 1 more Smart Citation

Will SDN Be Part of 5G?

Zaidi¹,

Friderikos

Yousaf³

et al. 2018

IEEE Commun. Surv. Tutorials

View full text Add to dashboard Cite

For many, this is no longer a valid question and the case is considered settled with SDN/NFV (Software Defined Networking/Network Function Virtualization) providing the inevitable innovation enablers towards the realization of a virtualized, flexible, programmable and flexible 5G network. As SDN along with other technology enablers (including NFV) are still in the process of evolution, the first commercial deployment of 5G may take few years. However, some companies are claiming the availability of 5G solutions, but considering the monumental task of softwarization of mobile cellular networks there are genuine concerns that we may only see some point solutions involving SDN technology instead of a fully virtualized SDN-enabled 5G mobile network. In order to determine the technology readiness of SDN solutions in the context of 5G networks, this survey paper attempts to identify all important obstacles in the way, and looks at the state of the art of the relevant research. This survey is different from the previous surveys on SDN-based mobile networks as it focuses on the salient problems and discusses solutions proposed within and outside SDN literature. Our main focus is on fronthaul, backward compatibility, supposedly disruptive nature of SDN deployment, business cases and monetization of SDN related upgrades, latency of general purpose processors (GPP), and additional security vulnerabilities that softwarization brings along to the mobile network. We have also provided a summary of the architectural developments in SDN-based mobile network landscape, including deployment options for SDN within NFV framework, as not all work can be covered under the focused issues. This paper provides a comprehensive survey on the state of the art of SDNbased mobile networks and clearly points out the gaps in the technology.

show abstract

Section: E Sdn Specific Security Issuesmentioning

confidence: 99%

“…1) Controller: The logically centralized controller is very critical component of the network. If the controller is compromised, the attacker will have tremendous access over the network [67], [68], [70], [75]. The idea of standby controller, when one of the controller fails, is discussed in [69].…”

Section: E Sdn Specific Security Issuesmentioning

confidence: 99%

Will SDN Be Part of 5G?

Zaidi¹,

Friderikos

Yousaf³

et al. 2018

IEEE Commun. Surv. Tutorials

View full text Add to dashboard Cite

show abstract

“…Mutual authentication mechanisms together with the key distribution algorithms can be applied for securing the channel. Additionally, we can use improved protocols such as the host identity protocol (HIP) and IPsec tunneling to secure the channels between the controllers and the forwarding components [14,44].…”

Section: Communication Protocols Security Issuesmentioning

confidence: 99%

A ReRAM Physically Unclonable Function (ReRAM PUF)-Based Approach to Enhance Authentication Security in Software Defined Wireless Networks

Afghah

Cambou

Abedini³

et al. 2018

Int J Wireless Inf Networks

View full text Add to dashboard Cite

The exponentially increasing number of ubiquitous wireless devices connected to the Internet in Internet of Things (IoT) networks highlights the need for a new paradigm of data flow management in such large-scale networks under software defined wireless networking (SDWN). The limited power and computation capability available at IoT devices as well as the centralized management and decision making approach in SDWN introduce a whole new set of security threats to the networks. In particular, the authentication mechanism between the controllers and the forwarding devices in SDWNs is a key challenge from both secrecy and integrity aspects. Conventional authentication protocols based on public key infrastructure (PKI) are no longer sufficient for these networks considering the large-scale and heterogeneity nature of the networks as well as their deployment cost, and security vulnerabilities due to key distribution and storage. We propose a novel security protocol based on physical unclonable functions (PUFs) known as hardware security primitives to enhance the authentication security in SDWNs. In this approach, digital PUFs are developed using the inherent randomness of the nanomaterials of Resistive Random Access Memory (ReRAM) that are embedded in most IoT devices to enable a secure authentication and access control in these networks. These PUFs are developed based on a novel approach of multi states, in which the natural drifts due to the physical variations in the environment are predicted to reduce the potential errors in challenge-response pairs of PUFs being tested in different situations. We also proposed a PUF-based PKI protocol to secure the controller in SDWNs. The performance of the developed ReRAM-based PUFs are evaluated in the experimental results. Moreover, the effectiveness of the proposed multi-state machine learning technique to predict the drifts of the PUFs' responses in different temperature and biased conditions is presented. of such networks. In these networks, whenever the network administrators need to change or update a parameter of the protocols, they may need to re-configure all related devices (i.e. routers, switches, and firewalls) throughout the network. Depending on the size of the network, it can be a burdensome and time-consuming process.The recently developed SDN technology aims at addressing the aforementioned challenges by separating the control and data planes. In the SDN paradigm, instead of designating the decision making to every active components in the network, this will be handled by a centralized controller called the network operating system (NOS). For instance, when a switch receives a packet, it chooses the proper action (forward, drop, modify, sending to the controller, etc.) based on the rules (flow table), which are defined by the programmable network applications at the centralized controller that rely on the NOS [39]. The communication between the NOS and the forwarding layer or the data plane is established by some protocols such as OpenFlow [49]. In contrast to ...

show abstract

“…The [3] TLS used for encryption benefits to evade eavesdropping as well as spoofed northbound and southbound communications. The shared authentication [7] in order to authenticate the individuality of both module, stopping attackers from linking rogue controllers and switches. The re-routing of the traffic to middle boxes is also explained.…”

Section: Related Workmentioning

confidence: 99%

Impact of DoS Attack in Software Defined Network for Virtual Network

Ramachandran¹,

Shanmugam

2016

Wireless Pers Commun

View full text Add to dashboard Cite

A virtual network is a computer network which does not contain any physical link between two computational nodes instead they connect through the virtual links. In recent years the virtual network is managed by Software Defined Network (SDN). SDN is one of the most emerging network technologies in the current trends. Most of the companies configure their networks in SDN. It has been found important to understand the security issues that are being raised in any large scale developments from any new technologies that have been raised in recent years. Though the system acquires lot of benefits from SDN the system have to do some little work in security phase. This work confers four kinds of Denial-of-Service (DoS) attacks that are specific to networks in the OpenFlow SDN in different layers. Those attacks are Ping of Death, HTTP Unbearable Load King, SYN flood and Smurf attack. We introduced these attacks in SDN. These have been emulated on Mininet and an analysis is provided that was obtained on the consequence of these attacks. The DoS attack that is more severe than others has been found out and a suitable prevention techniques for that DoS attack is suggested.

show abstract

Security for Future Software Defined Mobile Networks

Cited by 34 publications

References 26 publications

Will SDN Be Part of 5G?

Will SDN Be Part of 5G?

A ReRAM Physically Unclonable Function (ReRAM PUF)-Based Approach to Enhance Authentication Security in Software Defined Wireless Networks

Impact of DoS Attack in Software Defined Network for Virtual Network

Contact Info

Product

Resources

About