This document summarizes the key aspects of software defined networking (SDN) and discusses associated security issues. SDN separates the control plane and data plane to allow for centralized network control and programmability. While SDN enables more effective security through visibility and automation, it also introduces new vulnerabilities related to the centralized control plane, virtualized environment, and application access. The document outlines security challenges in SDN infrastructure and potential attack vectors, as well as recommendations for protecting the data, control, and application layers through measures like role-based access policies and in-line security functions.
This presentation gives a detailed overview about Cloud Computing, its features and challenges faced by it in the market. It gives an insight into cloud security and privacy issues and its measures.
INTRODUCTION
WHAT IS OSI?
OSI MODEL
TYPES OF LAYERS
PHYSICAL LAYER
DATA LINK LAYER
NETWORK LAYER
TRANSPORT LAYER
SESSION LAYER
PRESENTATION LAYER
APPLICATION LAYER
Here is the presentation for Data Link Layer Numericals from the book Andrew S. Tanenbaum (Computer Networks) and B A Forouzan ( Data Communication and Networking)
Transactions and Concurrency Control in distributed systems. Transaction properties, classification, and transaction implementation. Flat, Nested, and Distributed transactions. Inconsistent Retrievals, Lost Update, Dirty Read, and Premature Writes Problem
Attendance management system project report.Manoj Kumar
Attendance management system project report is a document in PDF file. If you have any confusion in your document then you can clear your concepts here.
Presentation detailed about SDN (Software Defined Network) overview . It covers from basics like different controllers and touches upon some technical details.
Covers Terminologies used, OpenFlow, Controllers, Open Day light, Cisco ONE, Google B4, NFV,etc
This presentation gives a detailed overview about Cloud Computing, its features and challenges faced by it in the market. It gives an insight into cloud security and privacy issues and its measures.
INTRODUCTION
WHAT IS OSI?
OSI MODEL
TYPES OF LAYERS
PHYSICAL LAYER
DATA LINK LAYER
NETWORK LAYER
TRANSPORT LAYER
SESSION LAYER
PRESENTATION LAYER
APPLICATION LAYER
Here is the presentation for Data Link Layer Numericals from the book Andrew S. Tanenbaum (Computer Networks) and B A Forouzan ( Data Communication and Networking)
Transactions and Concurrency Control in distributed systems. Transaction properties, classification, and transaction implementation. Flat, Nested, and Distributed transactions. Inconsistent Retrievals, Lost Update, Dirty Read, and Premature Writes Problem
Attendance management system project report.Manoj Kumar
Attendance management system project report is a document in PDF file. If you have any confusion in your document then you can clear your concepts here.
Presentation detailed about SDN (Software Defined Network) overview . It covers from basics like different controllers and touches upon some technical details.
Covers Terminologies used, OpenFlow, Controllers, Open Day light, Cisco ONE, Google B4, NFV,etc
Attacking SDN infrastructure: Are we ready for the next gen networkingPriyanka Aash
"Software-Defined Networking (SDN), by decoupling the control logic from the closed and proprietary implementations of traditional network devices, allows researchers and practitioners to design new innovative network functions/protocols in a much easier, more flexible, and powerful way. This technology has gained significant attentions from both industry and academia, and it is now at its adoption stage. When considering the adoption of SDN, the security vulnerability assessment is an important process that must be conducted against any system before the deployment and arguably the starting point toward making it more secure.
In this briefing, we explore the attack surface of SDN by actually attacking each layer of SDN stack. The SDN stack is generally composed of control plane, control channel and data plane: The control plane implementations, which are commonly known as SDN controllers or Network OS, implementations are commonly developed and distributed as an open-source project. Of those various Network OS implementations, we attack the most prevalent ones, OpenDaylight (ODL) [1] and Open Network Operating System (ONOS) [2]. These Network OS projects are both actively led by major telecommunication and networking companies, and some of the companies have already deployed them to their private cloud or network [3, 4]. For the control channel, we also attack a well-known SDN protocol [5], OpenFlow. In the case of the data plane, we test some OpenFlow-enabled switch device products from major vendors, such as HP and Pica8.
Of the attacks that we disclose in this briefing, we demonstrate some of the most critical attacks that directly affect the network (service) availability or confidentiality. For example, one of the attack arbitrarily uninstalls crucial SDN applications running on an ODL(or ONOS) cluster, such as routing, forwarding, or even security service applications. Another attack directly manipulates logical network topology maintained by an ODL(or ONOS) cluster to cause network failures. In addition, we also introduce some of the SDN security projects. We briefly go over the design and implementation of Project Delta, which is an official open-source SDN penetration testing tool pushed forward by Open Networking Foundation Security group, and Security-Mode ONOS, a security extension that protects the core of ONOS from the possible threats of untrusted third-party applications. "
(Source: Black Hat USA 2016, Las Vegas)
A look at the rev 2.0 software defined networking (SDN) ODCA usage model, the incorporation of network function virtualization, and five new usage scenarios.
In this tutorial we described about the components of an OpenFlow switch, how an OpenFlow switch implements forwarding of packets and describe the forwarding with examples from the reference implementation. Next, we described some of the applications of OpenFlow in real world scenarios. We concluded by providing pointers on the evolving standards and forum of OpenFlow.
Internet Research Lab at NTU, Taiwan.
SIGCOMM HotSDN 2012 is the first conference workshop focused on SDN. This presentation provides a survey of selected papers in HotSDN'12 and revisits concepts and frameworks of SDN. Example applications are also presented.
An introduction to the key concepts of SDN and NFV with visuals of:
- How SDN is transforming the Data Center
- How NFV is transforming the Service Provider domain and the End-customer domain
- Objectives
- Origin
- Ambassadors
- Applicability
- Analogies
- Benefits
- Industry Standards
- Drivers
- Obstacles
- Growth
- Resources and Events
SDN Basics – What You Need to Know about Software-Defined NetworkingSDxCentral
SDNUniversity™ is our exclusive educational series on software-defined networking (SDN) and network functions virtualization (NFV) designed to help you develop practical, real-world knowledge and skills. Take advantage of this opportunity to learn SDN basics through a free, interactive online training session featuring experts from SDNCentral and Computerlinks.
Introduction to Software Defined Networking (SDN)rjain51
Class lecture by Prof. Raj Jain on Introduction to . The talk covers Origins of SDN, What is SDN?, Original Definition of SDN, What = Why We need SDN?, SDN Definition, XMPP, XMPP in Data Centers, Path Computation Element, PCE, Forwarding and Control Element, Sample ForCES Exchanges, Application Layer Traffic Optimization, ALTO, ALTO Extension, Current SDN Debate: What vs. How?, SDN Controller Functions, RESTful APIs, OSGi Framework, Open Daylight SDN Controller, OpenDaylight Tools, Affinity Metadata Service, SDN Related Organizations and Projects, SDN Web Sites, Hierarchy of Operations, Introduction to, Origins of SDN, What is SDN?, Original Definition of SDN, What = Why We need SDN?, SDN Definition, XMPP, XMPP in Data Centers, Path Computation Element, PCE, Forwarding and Control Element, Sample ForCES Exchanges, Application Layer Traffic Optimization, ALTO, ALTO Extension, Current SDN Debate: What vs. How?, SDN Controller Functions, RESTful APIs, OSGi Framework, Open Daylight SDN Controller, OpenDaylight Tools, Affinity Metadata Service, SDN Related Organizations and Projects, SDN Web Sites. Video recording available in YouTube.
Software-Defined Networking SDN - A Brief IntroductionJason TC HOU (侯宗成)
Internet Research Lab at NTU, Taiwan.
Software-Defined Networking overview and framework introduction. (ppt slide for download.) Comparing server virtualization and network virtualization, take Onix controller as an example. A quick view to LightRadio from Alcetel-Lucent.
Software Defined Networks - Unit -1- class lecture notes.pdfsoftwaretrainer2elys
Software-defined networking (SDN) is an approach to network management that enables network administrators to programmatically control network behavior directly from software applications, rather than through the hardware infrastructure. In traditional network architectures, such as those based on routers and switches, network control and forwarding functions are tightly coupled. SDN decouples these functions, allowing network control to become directly programmable and the underlying infrastructure to be abstracted for applications and network services.
Key components of SDN include:
SDN Controller: The central component of an SDN architecture, the controller is responsible for managing the flow control to facilitate network traffic. It provides a centralized view of the network and communicates with network devices using southbound APIs (Application Programming Interfaces).
Southbound APIs: These interfaces allow the SDN controller to communicate with the data plane devices, such as switches and routers, to configure and manage their behavior. Examples of southbound APIs include OpenFlow, NETCONF, and RESTful APIs.
Northbound APIs: These interfaces expose the functionality of the SDN controller to higher-layer applications and orchestration systems. They enable applications to interact with the SDN controller to implement network policies and services. Northbound APIs can vary depending on the specific SDN controller platform.
Network Devices: These are the switches, routers, and other network devices that forward traffic based on instructions received from the SDN controller. In an SDN architecture, these devices typically have simplified forwarding functionalities compared to traditional networking equipment.
This presentation of mine gives basic idea about SDN, use of SDN in different fields, cause of evolution of a new network architecture, openFlow standard and Architectural components.
Simplifying SDN Networking Across Private and Public Clouds5nine
This presentation everything you need to know about SDN architectures including the following topics:
- 5 Essential Elements of SDN architectures
- 6 Business benefits of software-defined network solutions
- Why software-defined networking is the future of legacy data centers
**Originally published here: https://info.5nine.com/webinar-sdn-management-and-security-best-practices
Software Defined Networking Attacks and Countermeasures .docxrosemariebrayshaw
Software Defined Networking: Attacks and
Countermeasures
Nada Mostafa Abd Elazim
Computer Engineering Department.
Arab Academy for Science and
Technology, College of Engineering
Cairo, Egypt
[email protected]
Mohamed A. Sobh
Ain Shams University
Cairo, Egypt
[email protected]
Ayman M. Bahaa-Eldin
Misr International University
On leave from Ain Shams University
[email protected]
Abstract —Software defined networking (SDN) is an
emerging network architecture; it differs from traditional
networks as it separates control planes from data planes.
This separation helps the network to be more flexible and
easier to handle and allows faster innovation cycles at both
planes. SDN has benefit over traditional networks in terms
of simplicity, programmability and elasticity. Openflow
protocol is a south-bound API interface; it is the most
popular and common protocol that used to communicate the
controller with the switches. This paper will focus on the
architecture of SDN and provide some challenges faces the
SDN; finally, it will discuss some security threats that face
SDN and their countermeasures.
Index Terms—SDN, Openflow, API interface
I. INTRODUCTION
Traditional networks were very complex and difficult
to manage. They combine the control plane with data
plane that make network management difficult.
On the other hand, software defined networking
(SDN) is a new networking approach to build computer
networks that separates and abstracts elements of these
systems to help building flexible and scalable network.
Advantages of Software defined networking (SDN)
over traditional network [1]:
• It has virtual environment as it uses resources
without caring about where it is located and how
it is orderly.
• Monitor large number of devices by one
command.
• Easy to change behaviour, size, and quantity.
• Minimize downtime, enforcement of policy,
discover the faults and solve them, and add new
devices, resources, sites, and workloads.
• Monitoring of resources.
• Improve the utilization of network device.
• The global vision of the network due to the
centralization of the controller.
Openflow [2] is a protocol found in the southbound
API interface that locates between the control and data
forwarding layer. It is the way to virtualize the network.
openflow is designed to be easy programmed, that helps
the network manager to create new protocols for solving
problems.
SDN has many applications in data centre, WAN,
IoTs, cellular networks, and Wi-Fi network.
Security threats are on the rise, SDN faces many
security threats in each of its layer, for example, in Data
forwarding layer there are man at the end attack, DoS
attack, spoofing attack, intrusion attack, scanning attack,
tampering attack, hijacking attack, side channel attack,
and anomaly attack. In control layer there are DoS/DDoS
attack, intrusion attack, anomaly attack, threats based on
distributed multi-controllers, threats from a.
Software-defined Networking (SDN)
It is an approach to computer networking that allows network administrators to programmatically initialize, control, change, and manage network behavior dynamically via:
open interfaces
abstraction of lower-level functionality
SDN is meant to address the fact that the static architecture of traditional networks doesn't support the dynamic, scalable computing and storage needs of more modern computing environments such as data centers.
This is done by decoupling or disassociating the system that makes decisions about where traffic is sent (the SDN controller, or control plane) from the underlying systems that forward traffic to the selected destination (the data plane).
This session provides an overview of HPE's Software Defined Networking (SDN) feature set and will review the benefits of following SDN apps for network operations and IT security teams: HPE Network Protector, HP Network Optimizer, and HP Visualizer.
SDN Security: Two Sides of the Same CoinZivaro Inc
When it comes to Software Defined Networking (SDN) Security there are two sides of the story. This webinar addresses both sides – what security vulnerabilities exist in modern SDN technologies and how SDN technologies can create new security protections. Also included are use cases that SDN solutions can provide and the new applications of SDN that can secure modern enterprise and data center environments.
Presented by GTRI CTO, Scott Hogg, in a webinar on June 9, 2016. For more information, visit http://www.gtri.com/.
SDN most commonly means that networks are controlled by software applications and SDN controllers rather than the traditional network management consoles and commands that required a lot of administrative overhead and could be tedious to manage on a large scale
“What is SDN? The physical separation of the network control plane from the forwarding plane, and where a control plane controls several devices.”
Software Defined Networking (SDN) Technology BriefZivaro Inc
An overview of Software-Defined Networking (SDN) and the key benefits of moving to a virtualized network, including:
- Improved time to market through automation
- Optimal trafficking with a global view of the network
- Quicker enablement of new services
- Reduced operating costs
- Improved management and visibility
- Simplified operation of network devices
From "Introduction to Software Defined Networking" webinar presented by GTRI CTO Scott Hogg on March 10, 2016. Webinar recording: https://youtu.be/gRXnctYDBjE
Software-Defined Networking Layers as Proposed by the Comprehensive Survey done on the topic:
Kreutz, D., Ramos, F. M., Verissimo, P. E., Rothenberg, C. E., Azodolmolky, S., & Uhlig, S. (2015). Software-defined networking: A comprehensive survey.Proceedings of the IEEE,103(1), 14-76.
The 8 layers are simply presented to be easily understood by the attendees.
Introduction to SDN: Software Defined NetworkingAnkita Mahajan
SDN is the next big thing in networking. It focuses on separating the intelligence from the hardware. OpenFlow is one of the ways (currently the open standard followed by all Datacenters) to implement SDN.
Security of software defined networking (sdn) and cognitive radio network (crn)Ameer Sameer
Security of Software Defined Networking (SDN)
Overview
Definition Software Defined Networking (SDN)
SDN security & Security Challenges
SDN Attack Surface & Attacks Examples
SDN Threat Model
Open Research issues SDN
Future Research Directions
Simulator for Software Defined Networking
Security of Cognitive Radio Network (CRN)
Overview
Definition Cognitive Network
Security of Cognitive Radios & Threats
Security issues in cognitive radio
Attacks and the proposed defense mechanisms
Open Research issues in Cognitive Radio
Evaluation Methodologies for Cognitive Networking
Future Research Directions
Simulator for Cognitive Radio
Big Data Analytics and Advanced Computer Networking Scenarios
SDN-ppt-new
1. A survey: Security issues of
Software defined networking
Gifty Susan Mani
Faculty Advisor: Dr. Ahmed Awad
Master of Science in Information, Network and
Computer Security
New York Institute of technology, Vancouver
2. What is SDN?
Why we need SDN?
Does it ensure security for the future?
3. Introduction
• Challenging task in the traditional networks: Maintaining the
changing environments according to the predefined policies.
• Configuration of each network device separately: Requirement of
high-level policies considering the fundamental nature of network.
• In traditional networks,
Control Plane: determines the traffic to be sent.
Data Plane: forwards the traffic at very high speed but lower
latency.
6. What is SDN
• Active programming approach with a paradigm that separates the
control plane and data plane that allows easy optimization between
the control plane and network devices.
• State Variability and Reusability.
• Key attributes are:
- Programmability
- Openness
- Heterogeneity
- Maintainability
7. SDN Explained…
• Instead of putting the hardware together to form the network, it
focus on the services that run on the network.
• It adds a software layer in between the hardware dealing with the
data and controls it.
• Co-existence of Dissimilar networks on the same physical hardware.
• Encourage the network innovation and deploys agile network
capabilities.
9. SDN Components
• Control Plane: abstract view of the network.
• North-bound Application Protocols: Represents the software interface
between the controller and applications.
• East-West Protocols: Acts as control that manages the interaction between
the multi-controller environments.
• Data Plane and south-bound protocols: forwards the communication from
the controller to the network infrastructure.
• Open flow: Protocol to manage the southbound interface of the SDN
architecture.
11. Significance of SDN streamline
• Respond faster to the changing environments with low cost.
• 80/20 rule of applications:80% should be the programmable solution
assembled in the infrastructure using the 20% commands that
request the high level request.
• Service chaining sequence application specific procedures to a
client’s job.
• Dynamic load management and implement bandwidth calendaring.
12. SDN in Network Security
• SdN is considered to the disruptive technology in the network
security.
• SDN creates security opportunities and security challenges.
• 35% of the network organizations believe that SDN will enable to
implement more effective security.
• 12% of the organizations believe the concerns of the security
vulnerabilities is a significant inhibitor to SDN deployment.
14. Deepening crisis and threats
• Mass customization: The use of unknown malware and
infections – increased malware campaigns.
• Increased data loss across the industries and data types.
• The server network is the most compromised asset by far over
the past 5 years.
• Only 15% security breaches have a reliable count, 85% of the
breaches are incomplete.
15. Opportunities of SDN
• Better utilization of the network access-55%.
• Perform end-to-end view of the network-54%
• Scale the network functionality and effective security functionality-
45%.
• The deployment cycle has drastically reduced.
• Defense in depth: Heterogeneity and decentralized nature of the
control plane.
• Separation of monitoring and security enforcement elements
16. SDN Principles of Security
• Availability and Performance.
• Integrity and Confidentiality.
• Authorization and authentication.
• Resiliency.
• Multi-domain Isolation.
• Repudiation.
• Transparency.
Security + SDN=Security Centric SDN
17. Security Challenges in SDN
• SDN changes the entire security model.
• SDN methodology rely on new overlay and encapsulation
techniques, many of current security tools are incompatible.
• Virtualization made the SDN both more and less secure.
More Secure: Abstraction Layers.
Less Secure : Lack of physical access.
18. Security Limitation in SDN
Infrastructure
• Data Layer: Insecure implementation of the management
application.
• Control Layer: Centralized orchestration represents single point of
failure - compromise the control of the network flow.
• Application Layer: Lack of mechanism in place to ensure the
authentication of the application access to the control plane.
20. Countermeasures
• Protect the data layer- segregation of protocol traffic from the data
flow through out-of-band network or security measures.
• Protect the control layer- Implementation of Role-based access
policies by verifying the legitimacy of the host migration.
• Protect the application layer- Leverage in-line mode security
function in the applications to strengthen the the end user security.
21. Conclusion
• Emerging approach to the network security and how it can smartly
replace the traditional networks.
• SDN is not a technology but a paradigm that uses the concept of
virtualization and programmable protocol.
• SDN security issues are more related to the control plane, inter-
component communication and controlling the scope applications
through access policies.