Security Features in a Hybrid Software-Defined Network

The paper presents a novel paradigm of software-defined network that is significantly different from previous traditional networks and enables new opportunities in the architecture and implementation of security solutions. The analysis of network environments will compare traditional networks and software-defined networks and emphasize significant differences. A survey of the existing research includes vector attacks and troubleshooting using the capabilities of SDN with an emphasis on access control, detection, and prevention of attacks. This paper uses previous research and results to obtain information that will be used in improving critical system network protection and compares it with the existing conventional approach as well as implements it through a hybrid software-defined network

Survey of Consistent Network Updates

Computer networks have become a critical infrastructure. Designing dependable computer networks however is challenging, as such networks should not only meet strict requirements in terms of correctness, availability, and performance, but they should also be flexible enough to support fast updates, e.g., due to a change in the security policy, an increasing traffic demand, or a failure. The advent of Software-Defined Networks (SDNs) promises to provide such flexiblities, allowing to update networks in a fine-grained manner, also enabling a more online traffic engineering. In this paper, we present a structured survey of mechanisms and protocols to update computer networks in a fast and consistent manner. In particular, we identify and discuss the different desirable update consistency properties a network should provide, the algorithmic techniques which are needed to meet these consistency properties, their implications on the speed and costs at which updates can be performed. We also discuss the relationship of consistent network update problems to classic algorithmic optimization problems. While our survey is mainly motivated by the advent of Software-Defined Networks (SDNs), the fundamental underlying problems are not new, and we also provide a historical perspective of the subject

Security for 5G Mobile Wireless Networks

The advanced features of 5G mobile wireless network systems yield new security requirements and challenges. This paper presents a comprehensive survey on security of 5G wireless network systems compared to the traditional cellular networks. The paper starts with a review on 5G wireless networks particularities as well as on the new requirements and motivations of 5G wireless security. The potential attacks and security services with the consideration of new service requirements and new use cases in 5G wireless networks are then summarized. The recent development and the existing schemes for the 5G wireless security are presented based on the corresponding security services including authentication, availability, data confidentiality, key management and privacy. The paper further discusses the new security features involving different technologies applied to 5G such as heterogeneous networks, device-to-device communications, massive multiple-input multiple-output, software defined networks and Internet of Things. Motivated by these security research and development activities, we propose a new 5G wireless security architecture, based on which the analysis of identity management and flexible authentication is provided. As a case study, we explore a handover procedure as well as a signaling load scheme to show the advantage of the proposed security architecture. The challenges and future directions of 5G wireless security are finally summarized

A Brief Review of Security in Emerging Programmable Computer Networking Technologies

Recent programmable networking paradigms, such as cloud computing, fog computing, software- defined networks, and network function virtualization gain significant traction in industry and academia. While these newly developed networking technologies open a pathway to new architectures and enable a faster innovation cycle, there exist many problems in this area. In this article, we provide a review of these programmable networking architectures for comparison. Second, we provide a survey of security attacks and defense mechanisms in these emerging programmable networking technologies

Towards Bayesian-Based Trust Management for Insider Attacks in Healthcare Software-Defined Networks

© 2004-2012 IEEE. The medical industry is increasingly digitalized and Internet-connected (e.g., Internet of Medical Things), and when deployed in an Internet of Medical Things environment, software-defined networks (SDNs) allow the decoupling of network control from the data plane. There is no debate among security experts that the security of Internet-enabled medical devices is crucial, and an ongoing threat vector is insider attacks. In this paper, we focus on the identification of insider attacks in healthcare SDNs. Specifically, we survey stakeholders from 12 healthcare organizations (i.e., two hospitals and two clinics in Hong Kong, two hospitals and two clinics in Singapore, and two hospitals and two clinics in China). Based on the survey findings, we develop a trust-based approach based on Bayesian inference to figure out malicious devices in a healthcare environment. Experimental results in either a simulated and a real-world network environment demonstrate the feasibility and effectiveness of our proposed approach regarding the detection of malicious healthcare devices, i.e., our approach could decrease the trust values of malicious devices faster than similar approaches

Software Defined Networks based Smart Grid Communication: A Comprehensive Survey

The current power grid is no longer a feasible solution due to ever-increasing user demand of electricity, old infrastructure, and reliability issues and thus require transformation to a better grid a.k.a., smart grid (SG). The key features that distinguish SG from the conventional electrical power grid are its capability to perform two-way communication, demand side management, and real time pricing. Despite all these advantages that SG will bring, there are certain issues which are specific to SG communication system. For instance, network management of current SG systems is complex, time consuming, and done manually. Moreover, SG communication (SGC) system is built on different vendor specific devices and protocols. Therefore, the current SG systems are not protocol independent, thus leading to interoperability issue. Software defined network (SDN) has been proposed to monitor and manage the communication networks globally. This article serves as a comprehensive survey on SDN-based SGC. In this article, we first discuss taxonomy of advantages of SDNbased SGC.We then discuss SDN-based SGC architectures, along with case studies. Our article provides an in-depth discussion on routing schemes for SDN-based SGC. We also provide detailed survey of security and privacy schemes applied to SDN-based SGC. We furthermore present challenges, open issues, and future research directions related to SDN-based SGC.Comment: Accepte

GR-342 Integration of Blockchain in Computer Networking: Overview, Applications, and Future Perspectives for Software-defined Networking (SDN), Network Security and Protocols

The rapid advancement and increasing complexity of computer networks have created a need for robust, secure, and scalable solutions to manage and protect network resources. Blockchain, an emerging distributed ledger technology, offers enhanced security, transparency, and privacy preservation, making it a promising solution for addressing networking challenges. This paper presents a comprehensive survey of blockchain integration in computer networking, focusing on its potential applications, benefits, and future perspectives in Software-defined Networking (SDN), network security, and networking protocols. We identify that blockchain\u27s tamper-proof nature could significantly improve network security by mitigating risks associated with centralized control and single points of failure. The integration of blockchain in computer networking has the potential to increase trust and transparency among network participants, as it allows for secure, verifiable, and auditable transactions and communication. Blockchain also can streamline the management of Software-defined Networking (SDN) by enabling decentralized and automated network control, resource allocation, and orchestration. We also find that utilizing blockchain can address network challenges, such as mitigating DDoS attacks, enhancing intrusion detection and prevention, and securing routing protocols. However, we identify potential limitations of blockchain integration in computer networking, such as scalability challenges arising from the growing size of the distributed ledger and increasing network traffic. We emphasize the need for further research in optimizing consensus mechanisms, enhancing scalability and privacy preservation techniques interoperability, and facilitating standardization of networking protocols and practices