Threshold-Based Software-Defined Networking(SDN)Solution for Healthcare Systems against Intrusion Attacks

The healthcare sector holds valuable and sensitive data.The amount of this data and the need to handle,exchange,and protect it,has been increasing at a fast pace.Due to their nature,software-defined networks(SDNs)are widely used in healthcare systems,as they ensure effective resource utilization,safety,great network management,and monitoring.In this sector,due to the value of thedata,SDNs faceamajor challengeposed byawide range of attacks,such as distributed denial of service(DDoS)and probe attacks.These attacks reduce network performance,causing the degradation of different key performance indicators(KPIs)or,in the worst cases,a network failure which can threaten human lives.This can be significant,especially with the current expansion of portable healthcare that supports mobile and wireless devices for what is called mobile health,or m-health.In this study,we examine the effectiveness of using SDNs for defense against DDoS,as well as their effects on different network KPIs under various scenarios.We propose a threshold-based DDoS classifier(TBDC)technique to classify DDoS attacks in healthcare SDNs,aiming to block traffic considered a hazard in the form of a DDoS attack.We then evaluate the accuracy and performance of the proposed TBDC approach.Our technique shows outstanding performance,increasing the mean throughput by 190.3%,reducing the mean delay by 95%,and reducing packet loss by 99.7%relative to normal,with DDoS attack traffic.

EARS: Intelligence-Driven Experiential Network Architecture for Automatic Routing in Software-Defined Networking

Software-Defined Networking(SDN)adapts logically-centralized control by decoupling control plane from data plane and provides the efficient use of network resources.However,due to the limitation of traditional routing strategies relying on manual configuration,SDN may suffer from link congestion and inefficient bandwidth allocation among flows,which could degrade network performance significantly.In this paper,we propose EARS,an intelligence-driven experiential network architecture for automatic routing.EARS adapts deep reinforcement learning(DRL)to simulate the human methods of learning experiential knowledge,employs the closed-loop network control mechanism incorporating with network monitoring technologies to realize the interaction with network environment.The proposed EARS can learn to make better control decision from its own experience by interacting with network environment and optimize the network intelligently by adjusting services and resources offered based on network requirements and environmental conditions.Under the network architecture,we design the network utility function with throughput and delay awareness,differentiate flows based on their size characteristics,and design a DDPGbased automatic routing algorithm as DRL decision brain to find the near-optimal paths for mice and elephant flows.To validate the network architecture,we implement it on a real network environment.Extensive simulation results show that EARS significantly improve the network throughput and reduces the average packet delay in comparison with baseline schemes(e.g.OSPF,ECMP).

Software-Defined Optical Data Centre Networks

Based on the analysis of data centre(DC) traffic pattern, we introduced a holistic software-defined optical DC solution. Architecture-on-Demand based hybrid optical switched(OPS/OCS) data centre network(DCN) fabric is introduced, which is able to realise different inter-and intra-cluster configurations and dynamically support diverse traffic in the DC. The optical DCN is controlled and managed by a software-defined networking(SDN) enabled control plane to achieve high programmability. Moreover, virtual data centre(VDC) composition is developed as an application of such softwaredefined optical DC to create VDC slices for different tenants.

Achieving Consistence for Cross-Domain WAN Control in Software-Defined Networks

When applying Software-Defined Networks(SDN) to WANs,the SDN flexibility enables the cross-domain control to achieve a better control scalability.However,the control consistence is required by all the cross-domain services,to ensure the data plane configured in consensus for different domains.Such consistence process is complicated by potential failure and errors of WANs.In this paper,we propose a consistence layer to actively and passively snapshot the cross-domain control states,to reduce the complexities of service realizations.We implement the layer and evaluate performance in the PlanetLab testbed for the WAN emulation.The testbed conditions are extremely enlarged comparing to the real network.The results show its scalability,reliability and responsiveness in dealing with the control dynamics.In the normalized results,the active and passive snapshots are executed with the mean times of 1.873 s and 105 ms in135 controllers,indicating its readiness to be used in the real network.

Performance Evaluation of Topologies for Multi-Domain Software-Defined Networking

Software-defined networking(SDN)is widely used in multiple types of data center networks,and these distributed data center networks can be integrated into a multi-domain SDN by utilizing multiple controllers.However,the network topology of each control domain of SDN will affect the performance of the multidomain network,so performance evaluation is required before the deployment of the multi-domain SDN.Besides,there is a high cost to build real multi-domain SDN networks with different topologies,so it is necessary to use simulation testing methods to evaluate the topological performance of the multi-domain SDN network.As there is a lack of existing methods to construct a multi-domain SDN simulation network for the tool to evaluate the topological performance automatically,this paper proposes an automated multi-domain SDN topology performance evaluation framework,which supports multiple types of SDN network topologies in cooperating to construct a multi-domain SDN network.The framework integrates existing single-domain SDN simulation tools with network performance testing tools to realize automated performance evaluation of multidomain SDN network topologies.We designed and implemented a Mininet-based simulation tool that can connect multiple controllers and run user-specified topologies in multiple SDN control domains to build and test multi-domain SDN networks faster.Then,we used the tool to perform performance tests on various data center network topologies in single-domain and multi-domain SDN simulation environments.Test results show that Space Shuffle has the most stable performance in a single-domain environment,and Fat-tree has the best performance in a multi-domain environment.Also,this tool has the characteristics of simplicity and stability,which can meet the needs of multi-domain SDN topology performance evaluation.

Toward Secure Software-Defined Networks Using Machine Learning: A Review, Research Challenges, and Future Directions

Over the past few years,rapid advancements in the internet and communication technologies have led to increasingly intricate and diverse networking systems.As a result,greater intelligence is necessary to effectively manage,optimize,and maintain these systems.Due to their distributed nature,machine learning models are challenging to deploy in traditional networks.However,Software-Defined Networking(SDN)presents an opportunity to integrate intelligence into networks by offering a programmable architecture that separates data and control planes.SDN provides a centralized network view and allows for dynamic updates of flow rules and softwarebased traffic analysis.While the programmable nature of SDN makes it easier to deploy machine learning techniques,the centralized control logic also makes it vulnerable to cyberattacks.To address these issues,recent research has focused on developing powerful machine-learning methods for detecting and mitigating attacks in SDN environments.This paper highlighted the countermeasures for cyberattacks on SDN and how current machine learningbased solutions can overcome these emerging issues.We also discuss the pros and cons of using machine learning algorithms for detecting and mitigating these attacks.Finally,we highlighted research issues,gaps,and challenges in developing machine learning-based solutions to secure the SDN controller,to help the research and network community to develop more robust and reliable solutions.

DDoS Attack Detection Scheme Based on Entropy and PSO-BP Neural Network in SDN

SDN (Software Defined Network) has many security problems, and DDoS attack is undoubtedly the most serious harm to SDN architecture network. How to accurately and effectively detect DDoS attacks has always been a difficult point and focus of SDN security research. Based on the characteristics of SDN, a DDoS attack detection method combining generalized entropy and PSOBP neural network is proposed. The traffic is pre-detected by the generalized entropy method deployed on the switch, and the detection result is divided into normal and abnormal. Locate the switch that issued the abnormal alarm. The controller uses the PSO-BP neural network to detect whether a DDoS attack occurs by further extracting the flow features of the abnormal switch. Experiments show that compared with other methods, the detection accurate rate is guaranteed while the CPU load of the controller is reduced, and the detection capability is better.

SDN Orchestration for Dynamic End-to-End Control of Data Center Multi-Domain Optical Networking

New and emerging use cases, such as the interconnection of geographically distributed data centers(DCs), are drawing attention to the requirement for dynamic end-to-end service provisioning, spanning multiple and heterogeneous optical network domains. This heterogeneity is, not only due to the diverse data transmission and switching technologies, but also due to the different options of control plane techniques. In light of this, the problem of heterogeneous control plane interworking needs to be solved, and in particular, the solution must address the specific issues of multi-domain networks, such as limited domain topology visibility, given the scalability and confidentiality constraints. In this article, some of the recent activities regarding the Software-Defined Networking(SDN) orchestration are reviewed to address such a multi-domain control plane interworking problem. Specifically, three different models, including the single SDN controller model, multiple SDN controllers in mesh, and multiple SDN controllers in a hierarchical setting, are presented for the DC interconnection network with multiple SDN/Open Flow domains or multiple Open Flow/Generalized Multi-Protocol Label Switching( GMPLS) heterogeneous domains. I n addition, two concrete implementations of the orchestration architectures are detailed, showing the overall feasibility and procedures of SDN orchestration for the end-to-endservice provisioning in multi-domain data center optical networks.

Detecting and Mitigating DDOS Attacks in SDNs Using Deep Neural Network

Distributed denial of service(DDoS)attack is the most common attack that obstructs a network and makes it unavailable for a legitimate user.We proposed a deep neural network(DNN)model for the detection of DDoS attacks in the Software-Defined Networking(SDN)paradigm.SDN centralizes the control plane and separates it from the data plane.It simplifies a network and eliminates vendor specification of a device.Because of this open nature and centralized control,SDN can easily become a victim of DDoS attacks.We proposed a supervised Developed Deep Neural Network(DDNN)model that can classify the DDoS attack traffic and legitimate traffic.Our Developed Deep Neural Network(DDNN)model takes a large number of feature values as compared to previously proposed Machine Learning(ML)models.The proposed DNN model scans the data to find the correlated features and delivers high-quality results.The model enhances the security of SDN and has better accuracy as compared to previously proposed models.We choose the latest state-of-the-art dataset which consists of many novel attacks and overcomes all the shortcomings and limitations of the existing datasets.Our model results in a high accuracy rate of 99.76%with a low false-positive rate and 0.065%low loss rate.The accuracy increases to 99.80%as we increase the number of epochs to 100 rounds.Our proposed model classifies anomalous and normal traffic more accurately as compared to the previously proposed models.It can handle a huge amount of structured and unstructured data and can easily solve complex problems.

How AI-enabled SDN technologies improve the security and functionality of industrial IoT network:Architectures,enabling technologies,and opportunities

The ongoing expansion of the Industrial Internet of Things(IIoT)is enabling the possibility of effective Industry 4.0,where massive sensing devices in heterogeneous environments are connected through dedicated communication protocols.This brings forth new methods and models to fuse the information yielded by the various industrial plant elements and generates emerging security challenges that we have to face,providing ad-hoc functions for scheduling and guaranteeing the network operations.Recently,the large development of SoftwareDefined Networking(SDN)and Artificial Intelligence(AI)technologies have made feasible the design and control of scalable and secure IIoT networks.This paper studies how AI and SDN technologies combined can be leveraged towards improving the security and functionality of these IIoT networks.After surveying the state-of-the-art research efforts in the subject,the paper introduces a candidate architecture for AI-enabled Software-Defined IIoT Network(AI-SDIN)that divides the traditional industrial networks into three functional layers.And with this aim in mind,key technologies(Blockchain-based Data Sharing,Intelligent Wireless Data Sensing,Edge Intelligence,Time-Sensitive Networks,Integrating SDN&TSN,Distributed AI)and improve applications based on AISDIN are also discussed.Further,the paper also highlights new opportunities and potential research challenges in control and automation of IIoT networks.

基于分布式SDN的机动通信系统拓扑发现方法

针对目前传统机动通信系统、主流软件定义网络(software defined network,SDN)的拓扑发现方法不适合基于分布式SDN的机动通信系统这一问题,遵循OpenFlow拓扑发现算法(OpenFlow discovery protocol,OFDP)移植传输控制协议/网际协议(transmission control protocol/Internet protocol,TCP/IP)相关协议到SDN网络的研究思路,对开放最短路径优先(open shortest path first,OSPF)协议进行优化,精简协议状态机、优化协议报文、增加协议功能并设计拓扑发现算法,提出一种适合基于分布式SDN的机动通信系统的拓扑发现方法,并搭建仿真实验平台进行验证。实验结果表明,优化后OSPF协议适应于分布式SDN网络,网络拓扑建链时间降低80%且重新收敛时间显著降低,建链开销平均每秒接收字节数、发送字节数分别下降了31.7%和21.5%,维持开销平均每秒收发字节数降低了45%,增加了收集信道种类等网络信息的新功能。

Mitigating while Accessing:A Lightweight Defense Framework Against Link Flooding Attacks in SDN

Link flooding attack(LFA)is a type of covert distributed denial of service(DDoS)attack.The attack mechanism of LFAs is to flood critical links within the network to cut off the target area from the Internet.Recently,the proliferation of Internet of Things(IoT)has increased the quantity of vulnerable devices connected to the network and has intensified the threat of LFAs.In LFAs,attackers typically utilize low-speed flows that do not reach the victims,making the attack difficult to detect.Traditional LFA defense methods mainly reroute the attack traffic around the congested link,which encounters high complexity and high computational overhead due to the aggregation of massive attack traffic.To address these challenges,we present an LFA defense framework which can mitigate the attack flows at the border switches when they are small in scale.This framework is lightweight and can be deployed at border switches of the network in a distributed manner,which ensures the scalability of our defense system.The performance of our framework is assessed in an experimental environment.The simulation results indicate that our method is effective in detecting and mitigating LFAs with low time complexity.

SDN网络环境下大流分布检测算法的设计与实现

绝大多数网络风险均伴有大流量数据,对大流的分布检测是识别网络风险,保障网络安全的先决条件。文中基于SDN网络环境,改进了现有的LRU分布检测算法,并进行了参数优化,同时利用公开网络数据对其进行仿真检测。研究发现,a=1.2,b=0.85,t=40 ms等组别的分布算法对不同大流字节门下均具有较好的检测效果,适合推广应用。

基于SDN的分布式媒体网络多信道访问控制技术研究

分布式媒体网络常面临因网络流量分配不均而导致的信道利用率低的问题。基于此,文章提出了一种基于SDN的分布式媒体网络多信道访问控制技术。由数据收集、安全分析、策略制定和管理模块等内容组成,SDN安全控制器可实现全局网络状态监控和集中安全策略管理。文章采用AHP建立用户信任评估机制,从而量化用户信任度。最后,基于信任度设计多信道访问控制策略,确保其能按需、高效、安全地分配信道资源。实验表明,该技术的平均信道利用率达99.7%,能有效应对网络负载变化和复杂用户行为,应用效果较好。

基于SDN技术的火电厂DCS后台控制系统优化研究

为解决传统分散控制系统(Distributed Control System,DCS)存在的响应延迟、故障恢复慢以及安全防护能力不足等问题,文章基于软件定义网络(Software Defined Networking,SDN)技术设计并实现了火电厂DCS后台控制系统。通过介绍SDN技术与火电厂DCS系统,设计基于SDN技术的DCS系统架构,重点阐述实时控制反馈模块、故障检测恢复模块以及网络安全防护模块的具体设计与功能实现。通过实验分析,验证了基于SDN技术的优化方案在提高系统响应速度、增强故障恢复能力以及提升网络安全性方面的显著效果。

SDN数据平面软件一致性测试用例生成方法

SDN(software-definednetwork)旨在解决架构复杂且分散的传统网络出现的问题,使网络具有更强的灵活性.P4编程语言的特征在于用户可以直接根据自己对处理数据包的需求定义P4程序,然后经过编译过程,生成适配文件将用户需求配置到网络设备.面向P4编程语言的SDN数据平面一致性测试,是将一致性测试用例发送给P4网络设备,评估实际输出和预期输出的一致程度.一致性测试用例是执行一致性测试的载体,而传统的人工构造测试用例是一项繁琐耗时费力的工作.重点分析了面向P4编程语言的SDN数据平面软件一致性测试用例设计原则和生成方法,给出了一致性测试用例覆盖标准,设计了命令信息实体结构和测试用例实体结构,以装载P4程序的simpleswitch虚拟交换机为测试对象,说明一致性测试用例生成过程,实现了一个用于P4网络设备一致性测试的测试用例自动生成工具,并验证了该工具自动生成测试用例的有效性,实现了一致性测试用例构造过程简易性.

SDN场景中基于双向流量特征的DDoS攻击检测方法

传统网络资源的分布式特性使得管理员较难实现网络的集中管控,在分布式拒绝服务攻击发生时难以快速准确地检出攻击并溯源。针对这一问题,结合软件定义网络集中管控、动态管理的优势和分布式拒绝服务攻击特点,引入双向流量概念,提出了攻击检测四元组特征,并利用增长型分层自组织映射算法对网络流中提取的四元组特征向量快速准确地分析并分类,同时提出了一种通过自适应改变监控流表粒度以定位潜在受害者的检测方法。仿真实验结果表明,提出的四元组特征及下发适量监控流表项的检测算法能以近似96%的准确率检出攻击并定位受害者,且对控制器造成的计算开销较小。

基于SDN的DDoS攻击防御系统

软件定义网络(SDN)是一种新兴网络架构,通过将转发层和控制层分离,实现网络的集中管控。控制器作为SDN网络的核心,容易成为被攻击的目标,分布式拒绝服务(DDo S)攻击是SDN网络面临的最具威胁的攻击之一。针对这一问题,本文提出一种基于机器学习的DDo S攻击检测模型。首先基于信息熵监控交换机端口流量来判断是否存在异常流量,检测到异常后提取流量特征,使用SVM+K-Means的复合算法检测DDo S攻击,最后控制器下发丢弃流表处理攻击流量。实验结果表明,本文算法在误报率、检测率和准确率指标上均优于SVM算法和K-Means算法。

基于SDN的可编程配网通信系统关键技术研究

针对配网通信系统面临的设备厂家众多、制式各异、协议繁杂、覆盖面广、新业务接纳能力不足等问题,吸收软件定义网络(SDN)思想,提出一种由业务平面与管理平面、集中控制平面、转发平面组成的三层配电通信网体系架构,并探索控制平面资源虚拟化、管控对象建模、北向及南向接口、通信终端流表转发等关键技术,搭建测试验证平台,解决SDN技术应用于配网通信系统面临的适用性问题。该体系架构通过为应用业务、管理系统提供标准访问接口及应用程序接口(API)函数,实现网络可编程;通过定制集中管控接口协议,实现对EPON、工业以太网、无线等网络资源的合理、灵活、弹性调度,最终满足未来智能配电业务愈来愈高的通信需求。

Quick Hosting Capacity Evaluation Based on Distributed Dispatching for Smart Distribution Network Planning with Distributed Generation

The smart distribution network(SDN)is integrat ing increasing distributed generation(DG)and energy storage(ES).Hosting capacity evaluation is important for SDN plan ning with DG.DG and ES are usually invested by users or a third party,and they may form friendly microgrids(MGs)and operate independently.Traditional centralized dispatching meth od no longer suits for hosting capacity evaluation of SDN.A quick hosting capacity evaluation method based on distributed optimal dispatching is proposed.Firstly,a multi-objective DG hosting capacity evaluation model is established,and the host ing capacity for DG is determined by the optimal DG planning schemes.The steady-state security region method is applied to speed up the solving process of the DG hosting capacity evalua tion model.Then,the optimal dispatching models are estab lished for MG and SDN respectively to realize the operating simulation.Under the distributed dispatching strategy,the dual-side optimal operation of SDN-MGs can be realized by several iterations of power exchange requirement.Finally,an SDN with four MGs is conducted considering multiple flexible resources.It shows that the DG hosting capacity of SDN oversteps the sum of the maximum active power demand and the rated branch capacity.Besides,the annual DG electricity oversteps the maximum active power demand value.