Recent Trends in Software-Defined Networking: A Bibliometric Review

Software-Defined Networking is referred to as the next big thing in the field of networking. Legacy networks contain various components such as switches, routers, etc. with a variety of complex protocols. A network administrator is responsible for configuring all these various components. Apart from complex network management, network security is also a persistent issue in the field of networking. SDN promises simplicity in network management while also dramatically improving the security of networks. This paper gives an analysis of the current trends in in SDN as well as Security challenges with SDN. A bibliometric review on SDN has also been outlined in this paper. We have also mentioned some of the challenges posed by the SDN architecture and also some of the solutions to combat the

SECURING CENTRALIZED SDN CONTROL WITH DISTRIBUTED BLOCKCHAIN TECHNOLOGY

Software Defined Networks (SDN) advocates segregation of network control logic, forwarding functions and management applications into different planes to achieve network programmability, automated and dynamic flow control in next generation networks. It promotes deployment of novel and augmented network management functions to have flexible, robust, scalable and cost-effective network deployments. All these features introduce new research challenges and require secure communication protocols among the segregated network planes. This manuscript focuses on the security issue of southbound interface which operates between the SDN control and data plane. We have highlighted the security threats associated with an unprotected southbound interface and the issues related with the existing TLS based security solution. A lightweight blockchain based decentralized security solution is proposed for southbound interface to secure the resources of logically centralized SDN controllers and distributed forwarding devices from opponents. The proposed mechanism can operate in multi-domain SDN deployment and can be used with wide range of network controllers and data plane devices. In addition to it, the proposed security solution is analyzed in terms of security features, communication and reauthentication overhead

On the security of software-defined next-generation cellular networks

In the recent years, mobile cellular networks are ndergoing fundamental changes and many established concepts are being revisited. Future 5G network architectures will be designed to employ a wide range of new and emerging technologies such as Software Defined Networking (SDN) and Network Functions Virtualization (NFV). These create new virtual network elements each affecting the logic of the network management and operation, enabling the creation of new generation services with substantially higher data rates and lower delays. However, new security challenges and threats are also introduced. Current Long-Term Evolution (LTE) networks are not able to accommodate these new trends in a secure and reliable way. At the same time, novel 5G systems have proffered invaluable opportunities of developing novel solutions for attack prevention, management, and recovery. In this paper, first we discuss the main security threats and possible attack vectors in cellular networks. Second, driven by the emerging next-generation cellular networks, we discuss the architectural and functional requirements to enable appropriate levels of security

A Dynamic Approach to MIB Polling for Software Defined Monitoring

Technology trends such as Software-Defined Networking (SDN) are transforming networking services in terms of flexibility and faster deployment times. SDN separates the control plane from the data plane with its centralised architecture compared with the distributed approach used in other management systems. However, management systems are still required to adapt the new emerging SDN-like technologies to address various security and complex management issues. Simple Network Management Protocol (SNMP) is the most widespread management protocol implemented in a traditional Network Management System (NMS) but has some limitations with the development of SDNlike services. Hence, many studies have been undertaken to merge the SDN-like services with traditional network management systems. Results show that merging SDN with traditional NMS systems not only increases the average Management Information Base (MIB) polling time but also creates additional overheads on the network. Therefore, this paper proposes a dynamic scheme for MIB polling using an additional MIB controller agent within the SDN controller. Our results show that using the proposed scheme, the average polling time can be significantly reduced (i.e., faster polling of the MIB information) and also requires very low overhead because of the small sized OpenFlow messages used during polling

Verkon tietoturvan kehittäminen ohjelmisto-ohjatuilla verkoilla

Software-defined networking (SDN) is a new technology in computer networks, which enables the management of the network and the development of new network functions in a higher level of abstraction than in traditional networks. In the SDN concept, the management of the network can be centralized to a specific SDN controller instead of managing each network device separately through a vendor-specific interface. This enables new possibilities for designing computer networks and makes the administration easier than before. In this thesis we are considering the security improvements in computer networks achieved by the software-defined networking. The purpose of the research is to find out if the current maturity of the SDN technology allows traditional networks to be replaced by SDN and what kind of security enhancing network functions can be implemented with the SDN technology. We are also discovering existing SDN applications and solutions presented in former research. Based on the research, the solutions providing improved network security can be divided to two categories. First is the SDN security applications and second is the solutions that are providing better network management. Many of the proposed solutions are still under development and they will need more research and development contribution before they are ready for the production use. During the research, it became clear that the SDN technology brings new security threats for consideration because of the centralized network management and the management performed by software. In particular the attacks against the management network and the usage of the third party software are possible security threats. Currently, migration from a traditional network to an SDN based network needs still much resources, but in the future the technology will definitely become more common