SB
Uploaded bySubith Babu
PPTX, PDF272 views

Software Define Network

This document discusses SDN and network security. It proposes an anomaly detection algorithm to identify malicious activity on an SDN network. The algorithm involves collecting switch statistics, processing the data using time-series analysis, making decisions with fuzzy logic, and training the system with short-term and long-term learning modules. It also describes implementing two SDN security applications: TRW-CB for detecting SYN flooding attacks and rate limiting to control bursty traffic. The document concludes that SDN provides opportunities for effective network security through technologies like OpenFlow.

Embed presentation

Downloaded 19 times
BY:- SUBITH BABU 140303002
 SDN  OpenFlow  Why security?  SDN security Algorithms  Anomaly detection algorithm  Conclusion  References
 software-defined networks (SDN) offer researchers unprecedented control over network infrastructure .  define a single point of control over the data flows routing of all network infrastructure.  OpenFlow protocol is an embodiment of the software-defined networking paradigm.
 the OpenFlow (OF) is the mostly commonly used SDN communication protocol.  OpenFlow protocol can offer the flexibility.  In OpenFlow control plane rules define the basic instructions for flows that specify forwarding, changing, or dropping packets that enter the OF-switch.  OpenFlow controller contains the logic for defining,update and adapt of flow rules.
 Because the control plane plays a critical role and changes are typically propagated throughout the network, ensuring that applications are authenticated, connections are securely encrypted, security policies are properly applied.
 Different steps are involved in the algorithm :- A. Aggregation of parameters and statistics collection B. Actions C. Adapted network operating system software interface D. Statistical data processing and calculation of the characteristics E. Decision-making based on the calculated characteristics F. Training of decision-making system
 statistics collection directly on the switch;  this gives the opportunity to analyze the traffic and perform actions closer to the source of malicious activity or destination host.
 Main purpose: pass traffic, traffic filtering by specific signatures, active response or checking host.  These actions are performed by the switch in accordance with the tables of flows specified by the controller.
 A network operating system of SDN controller should provide a specialized set of functions for efficient network security application operation.  a set of functions to work with the flow rules : A. Identifying the source of the rules , and provide a method for signing rules. B. Detection of conflicts between rules, for example between the rules issued by the various applications. C. Conflict resolution based on the priorities of the sources of the rules and their signatures.
 For processing collected statistical data is proposed to use time-series analysis methods like wavelet, spectrum analysis and etc.  These methods facilitate analysis of time- frequency traffic characteristics
 The main objective of the information security management system is to detect malicious activity on the basis of a set of input variables.  Use the fuzzy logic decision making.
 Implementation of the training subsystem includes short-term and long-term learning modules. A. shortterm learning module is implemented directly in the controller. B. long-term learning module can be implemented either directly in the controller, or in an external device,.
 constructed a prototype implementation of the proposed architecture of protected SDN that includes statistic collection and processing module and decisionmaking module. A. TRW-CB B. Rate Limit
 TRW-CB algorithm was implemented as follows: 1. Assume that the host A sends a TCP SYN packet to the new host B. Since there are no flows in the switch matching this packet, the packet is forwarded to the controller. 2. The algorithm instance running on the controller simply forwards this packet, through the switch, to host B, without setting any new flows. At the same time, the algorithm adds host B to the list of hosts that host A tried to contact and decrements host’s balance.
3. There are two possible answers from host B: a. If TCP SYNACK packet from B to A is received (switch again forwards this packet to the controller, because still no flows matching this packet) then algorithm sets two flows (from A to B and backwards), and deletes the request from A host queue, as well as increments balance. b. If TCP SYNACK packet from B is not received, the algorithm does standard counters processing for the case of connection failure without interacting with the switch and without setting any flows.
 Implementation:- A. Whenever a new connection request arrives to a host which has recently been successful connected, we set two flows in either direction between hosts. B. If new request to connect arrives to a host, which is not in the working set, we add it into the delay queue. C. Every d seconds, the new connection requests are moved from the delay queue to the working set and we forward these requests through the switch without installing any flows. D. When receiving a positive reply, we install a pair of flows in both directions.
package main import "time" import "fmt" func main() { requests := make(chan int, 5) for i := 1; i <= 5; i++ { requests <- i } close(requests) limiter := time.Tick(time.Millisecond * 200) for req := range requests { <-limiter fmt.Println("request", req, time.Now()) } burstyLimiter := make(chan time.Time, 3) for i := 0; i < 3; i++ { burstyLimiter <- time.Now() }
go func() { for t := range time.Tick(time.Millisecond * 200) { burstyLimiter <- t } }() burstyRequests := make(chan int, 5) for i := 1; i <= 5; i++ { burstyRequests <- i } close(burstyRequests) for req := range burstyRequests { <-burstyLimiter fmt.Println("request", req, time.Now()) } }
 Software-defined networks provide a unique opportunity for effective detection and containment of network security problems.  OpenFlow protocol may eventually become one of the most effective technologies
 http://en.wikipedia.org/wiki/OpenFlow  https://globalconfig.net/software-defined- networking-vs-traditional/  http://en.wikipedia.org/wiki/Software- defined_networking
Software Define Network

More Related Content

PPTX
Carrier Ethernet
byAzhar Khuwaja
 
PPT
Sigtran protocol
byIsybel Harto
 
PDF
Introduzione a Software Define Networking
byfestival ICT 2016
 
PDF
Ch 02 --- sdn and openflow architecture
byYoram Orzach
 
PDF
Ch 03 --- the OpenFlow protocols
byYoram Orzach
 
PDF
Ch 04 --- sdn deployment models
byYoram Orzach
 
PDF
The Challenges of SDN/OpenFlow in an Operational and Large-scale Network
byOpen Networking Summits
 
PPT
Point-to-Point Protocol(PPP) CCN ppt
byNiaz Shaikh
 
Carrier Ethernet
byAzhar Khuwaja
 
Sigtran protocol
byIsybel Harto
 
Introduzione a Software Define Networking
byfestival ICT 2016
 
Ch 02 --- sdn and openflow architecture
byYoram Orzach
 
Ch 03 --- the OpenFlow protocols
byYoram Orzach
 
Ch 04 --- sdn deployment models
byYoram Orzach
 
The Challenges of SDN/OpenFlow in an Operational and Large-scale Network
byOpen Networking Summits
 
Point-to-Point Protocol(PPP) CCN ppt
byNiaz Shaikh
 

What's hot

PPT
Ppp
byShankar Yadav
 
PDF
Introduction to SCTP and it's benefits over TCP and UDP
byVIJAY SHARMA
 
PDF
Traffic Engineering in Software-Defined Networks
byHai Dinh Tuan
 
PPTX
Software defined networks and openflow protocol
byMahesh Mohan
 
PPTX
Architecture of OpenFlow SDNs
byUS-Ignite
 
PPTX
Point to point protocol | PPP - Nitish Jadia
byNitish Jadia
 
PPTX
Transport Layer
byDr Shashikant Athawale
 
PDF
SDN Fundamentals - short presentation
byAzhar Khuwaja
 
PPT
Point to-point-protocol
byamigurumi21
 
PDF
Overview of SCTP (Stream Control Transmission Protocol)
byPeter R. Egli
 
PDF
The dark side of SDN and OpenFlow
byDiego Kreutz
 
PPTX
RINA Distributed Mobility Management over WiFi
byARCFIRE ICT
 
PPTX
Software Defined Network (SDN)
byAhmed Ayman
 
PPTX
Data link control protocol(3)
byJeffrey Des Binwag
 
PPT
Chapter2 ppp
byjuliusbangaw
 
PDF
SDNs: hot topics, evolution & research opportunities
byDiego Kreutz
 
PPTX
Efficient Topology Discovery in Software Defined Networks
byFarzaneh Pakzad
 
PPT
An overview of TCP (Transmission Control Protocol)
byAmmad Marwat
 
PPTX
HDLC and Point to point protocol
byKinza Razzaq
 
PPTX
Pyretic - A new programmer friendly language for SDN
bynvirters
 
Ppp
byShankar Yadav
 
Introduction to SCTP and it's benefits over TCP and UDP
byVIJAY SHARMA
 
Traffic Engineering in Software-Defined Networks
byHai Dinh Tuan
 
Software defined networks and openflow protocol
byMahesh Mohan
 
Architecture of OpenFlow SDNs
byUS-Ignite
 
Point to point protocol | PPP - Nitish Jadia
byNitish Jadia
 
Transport Layer
byDr Shashikant Athawale
 
SDN Fundamentals - short presentation
byAzhar Khuwaja
 
Point to-point-protocol
byamigurumi21
 
Overview of SCTP (Stream Control Transmission Protocol)
byPeter R. Egli
 
The dark side of SDN and OpenFlow
byDiego Kreutz
 
RINA Distributed Mobility Management over WiFi
byARCFIRE ICT
 
Software Defined Network (SDN)
byAhmed Ayman
 
Data link control protocol(3)
byJeffrey Des Binwag
 
Chapter2 ppp
byjuliusbangaw
 
SDNs: hot topics, evolution & research opportunities
byDiego Kreutz
 
Efficient Topology Discovery in Software Defined Networks
byFarzaneh Pakzad
 
An overview of TCP (Transmission Control Protocol)
byAmmad Marwat
 
HDLC and Point to point protocol
byKinza Razzaq
 
Pyretic - A new programmer friendly language for SDN
bynvirters
 

Similar to Software Define Network

PPTX
A secure scheme to counter the Man in the Middle attacks in SDN networks-base...
bymiguelfokosindjoung
 
PDF
IRJET- SDN Simulation in Mininet to Provide Security Via Firewall
byIRJET Journal
 
PDF
IRJET- Collaborative Network Security in Data Center for Cloud Computing
byIRJET Journal
 
PPTX
SDN and Named Data Networking Security
bywolverinetyagi
 
PPTX
slides-91wxxwxwxwxwwxwxwxwx-i2nsf-0.pptx
bypfeprojet
 
PDF
SFA: Stateful Forwarding Abstraction in SDN Data Plane
byOpen Networking Summits
 
DOCX
software defined networks unit 2software defined networks unit 2software defi...
bySatheeshKumar349161
 
PPTX
SDN: is it a solution for network security?
byARCCN
 
PDF
Final_Report
byTlhologelo Mphahlele
 
PDF
Security sdn
byPriya Singh
 
PDF
OPTIMIZING CONGESTION CONTROL BY USING DEVICES AUTHENTICATION IN SOFTWARE-DEF...
byIJNSA Journal
 
PDF
Enhancing Security in OpenFlow
byNiketa Chellani
 
PDF
Using Software Defined Networking to manage and control IEC 61850-based systems
bypmaheswariopenventio
 
PDF
ICCT2017: A user mode implementation of filtering rule management plane using...
byRuo Ando
 
PPTX
CY.pptx
byCATalyst9
 
PPTX
Foundation of Modern Network- william stalling
byJonathanWallace46
 
PDF
Empowering SDN with DDoS attack detection: leveraging hybrid machine learning...
byIAESIJAI
 
PDF
Recent Trends in Parallel systems - 2025.pdf
bysamueljackson3773
 
PDF
Implementation of ICMP flood detection and mitigation system based on softwar...
byTELKOMNIKA JOURNAL
 
PDF
S&D PPTs sensors and devices presentation
byssuser0b643d
 
A secure scheme to counter the Man in the Middle attacks in SDN networks-base...
bymiguelfokosindjoung
 
IRJET- SDN Simulation in Mininet to Provide Security Via Firewall
byIRJET Journal
 
IRJET- Collaborative Network Security in Data Center for Cloud Computing
byIRJET Journal
 
SDN and Named Data Networking Security
bywolverinetyagi
 
slides-91wxxwxwxwxwwxwxwxwx-i2nsf-0.pptx
bypfeprojet
 
SFA: Stateful Forwarding Abstraction in SDN Data Plane
byOpen Networking Summits
 
software defined networks unit 2software defined networks unit 2software defi...
bySatheeshKumar349161
 
SDN: is it a solution for network security?
byARCCN
 
Final_Report
byTlhologelo Mphahlele
 
Security sdn
byPriya Singh
 
OPTIMIZING CONGESTION CONTROL BY USING DEVICES AUTHENTICATION IN SOFTWARE-DEF...
byIJNSA Journal
 
Enhancing Security in OpenFlow
byNiketa Chellani
 
Using Software Defined Networking to manage and control IEC 61850-based systems
bypmaheswariopenventio
 
ICCT2017: A user mode implementation of filtering rule management plane using...
byRuo Ando
 
CY.pptx
byCATalyst9
 
Foundation of Modern Network- william stalling
byJonathanWallace46
 
Empowering SDN with DDoS attack detection: leveraging hybrid machine learning...
byIAESIJAI
 
Recent Trends in Parallel systems - 2025.pdf
bysamueljackson3773
 
Implementation of ICMP flood detection and mitigation system based on softwar...
byTELKOMNIKA JOURNAL
 
S&D PPTs sensors and devices presentation
byssuser0b643d
 

Software Define Network

  • 1.
  • 2.
     SDN  OpenFlow Why security?  SDN security Algorithms  Anomaly detection algorithm  Conclusion  References
  • 3.
     software-defined networks(SDN) offer researchers unprecedented control over network infrastructure .  define a single point of control over the data flows routing of all network infrastructure.  OpenFlow protocol is an embodiment of the software-defined networking paradigm.
  • 4.
     the OpenFlow(OF) is the mostly commonly used SDN communication protocol.  OpenFlow protocol can offer the flexibility.  In OpenFlow control plane rules define the basic instructions for flows that specify forwarding, changing, or dropping packets that enter the OF-switch.  OpenFlow controller contains the logic for defining,update and adapt of flow rules.
  • 6.
     Because thecontrol plane plays a critical role and changes are typically propagated throughout the network, ensuring that applications are authenticated, connections are securely encrypted, security policies are properly applied.
  • 7.
     Different stepsare involved in the algorithm :- A. Aggregation of parameters and statistics collection B. Actions C. Adapted network operating system software interface D. Statistical data processing and calculation of the characteristics E. Decision-making based on the calculated characteristics F. Training of decision-making system
  • 9.
     statistics collectiondirectly on the switch;  this gives the opportunity to analyze the traffic and perform actions closer to the source of malicious activity or destination host.
  • 10.
     Main purpose:pass traffic, traffic filtering by specific signatures, active response or checking host.  These actions are performed by the switch in accordance with the tables of flows specified by the controller.
  • 11.
     A networkoperating system of SDN controller should provide a specialized set of functions for efficient network security application operation.  a set of functions to work with the flow rules : A. Identifying the source of the rules , and provide a method for signing rules. B. Detection of conflicts between rules, for example between the rules issued by the various applications. C. Conflict resolution based on the priorities of the sources of the rules and their signatures.
  • 12.
     For processingcollected statistical data is proposed to use time-series analysis methods like wavelet, spectrum analysis and etc.  These methods facilitate analysis of time- frequency traffic characteristics
  • 13.
     The mainobjective of the information security management system is to detect malicious activity on the basis of a set of input variables.  Use the fuzzy logic decision making.
  • 14.
     Implementation ofthe training subsystem includes short-term and long-term learning modules. A. shortterm learning module is implemented directly in the controller. B. long-term learning module can be implemented either directly in the controller, or in an external device,.
  • 16.
     constructed aprototype implementation of the proposed architecture of protected SDN that includes statistic collection and processing module and decisionmaking module. A. TRW-CB B. Rate Limit
  • 17.
     TRW-CB algorithmwas implemented as follows: 1. Assume that the host A sends a TCP SYN packet to the new host B. Since there are no flows in the switch matching this packet, the packet is forwarded to the controller. 2. The algorithm instance running on the controller simply forwards this packet, through the switch, to host B, without setting any new flows. At the same time, the algorithm adds host B to the list of hosts that host A tried to contact and decrements host’s balance.
  • 18.
    3. There aretwo possible answers from host B: a. If TCP SYNACK packet from B to A is received (switch again forwards this packet to the controller, because still no flows matching this packet) then algorithm sets two flows (from A to B and backwards), and deletes the request from A host queue, as well as increments balance. b. If TCP SYNACK packet from B is not received, the algorithm does standard counters processing for the case of connection failure without interacting with the switch and without setting any flows.
  • 20.
     Implementation:- A. Whenevera new connection request arrives to a host which has recently been successful connected, we set two flows in either direction between hosts. B. If new request to connect arrives to a host, which is not in the working set, we add it into the delay queue. C. Every d seconds, the new connection requests are moved from the delay queue to the working set and we forward these requests through the switch without installing any flows. D. When receiving a positive reply, we install a pair of flows in both directions.
  • 21.
    package main import "time" import"fmt" func main() { requests := make(chan int, 5) for i := 1; i <= 5; i++ { requests <- i } close(requests) limiter := time.Tick(time.Millisecond * 200) for req := range requests { <-limiter fmt.Println("request", req, time.Now()) } burstyLimiter := make(chan time.Time, 3) for i := 0; i < 3; i++ { burstyLimiter <- time.Now() }
  • 22.
    go func() { fort := range time.Tick(time.Millisecond * 200) { burstyLimiter <- t } }() burstyRequests := make(chan int, 5) for i := 1; i <= 5; i++ { burstyRequests <- i } close(burstyRequests) for req := range burstyRequests { <-burstyLimiter fmt.Println("request", req, time.Now()) } }
  • 23.
     Software-defined networksprovide a unique opportunity for effective detection and containment of network security problems.  OpenFlow protocol may eventually become one of the most effective technologies
  • 24.