Validating User Flows to Protect Software Defined Network Environments
Software Defined Network is a promising network paradigm which has led to several security threats in SDN applications that involve user flows, switches, and controllers in the network. Threats as spoofing, tampering, information disclosure, Denial of Service, flow table overloading, and so on have...
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Hindawi-Wiley
2018-01-01
|
| Series: | Security and Communication Networks |
| Online Access: | http://dx.doi.org/10.1155/2018/1308678 |
| id |
doaj-e5d61112ec0446f7975d6265f99d0ef7 |
|---|---|
| record_format |
Article |
| spelling |
doaj-e5d61112ec0446f7975d6265f99d0ef72020-11-25T02:37:33ZengHindawi-WileySecurity and Communication Networks1939-01141939-01222018-01-01201810.1155/2018/13086781308678Validating User Flows to Protect Software Defined Network EnvironmentsIhsan H. Abdulqadder0Deqing Zou1Israa T. Aziz2Bin Yuan3School of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan 430074, ChinaSchool of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan 430074, ChinaSchool of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan 430074, ChinaSchool of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan 430074, ChinaSoftware Defined Network is a promising network paradigm which has led to several security threats in SDN applications that involve user flows, switches, and controllers in the network. Threats as spoofing, tampering, information disclosure, Denial of Service, flow table overloading, and so on have been addressed by many researchers. In this paper, we present novel SDN design to solve three security threats: flow table overloading is solved by constructing a star topology-based architecture, unsupervised hashing method mitigates link spoofing attack, and fuzzy classifier combined with L1-ELM running on a neural network for isolating anomaly packets from normal packets. For effective flow migration Discrete-Time Finite-State Markov Chain model is applied. Extensive simulations using OMNeT++ demonstrate the performance of our proposed approach, which is better at preserving holding time than are other state-of-the-art works from the literature.http://dx.doi.org/10.1155/2018/1308678 |
| collection |
DOAJ |
| language |
English |
| format |
Article |
| sources |
DOAJ |
| author |
Ihsan H. Abdulqadder Deqing Zou Israa T. Aziz Bin Yuan |
| spellingShingle |
Ihsan H. Abdulqadder Deqing Zou Israa T. Aziz Bin Yuan Validating User Flows to Protect Software Defined Network Environments Security and Communication Networks |
| author_facet |
Ihsan H. Abdulqadder Deqing Zou Israa T. Aziz Bin Yuan |
| author_sort |
Ihsan H. Abdulqadder |
| title |
Validating User Flows to Protect Software Defined Network Environments |
| title_short |
Validating User Flows to Protect Software Defined Network Environments |
| title_full |
Validating User Flows to Protect Software Defined Network Environments |
| title_fullStr |
Validating User Flows to Protect Software Defined Network Environments |
| title_full_unstemmed |
Validating User Flows to Protect Software Defined Network Environments |
| title_sort |
validating user flows to protect software defined network environments |
| publisher |
Hindawi-Wiley |
| series |
Security and Communication Networks |
| issn |
1939-0114 1939-0122 |
| publishDate |
2018-01-01 |
| description |
Software Defined Network is a promising network paradigm which has led to several security threats in SDN applications that involve user flows, switches, and controllers in the network. Threats as spoofing, tampering, information disclosure, Denial of Service, flow table overloading, and so on have been addressed by many researchers. In this paper, we present novel SDN design to solve three security threats: flow table overloading is solved by constructing a star topology-based architecture, unsupervised hashing method mitigates link spoofing attack, and fuzzy classifier combined with L1-ELM running on a neural network for isolating anomaly packets from normal packets. For effective flow migration Discrete-Time Finite-State Markov Chain model is applied. Extensive simulations using OMNeT++ demonstrate the performance of our proposed approach, which is better at preserving holding time than are other state-of-the-art works from the literature. |
| url |
http://dx.doi.org/10.1155/2018/1308678 |
| work_keys_str_mv |
AT ihsanhabdulqadder validatinguserflowstoprotectsoftwaredefinednetworkenvironments AT deqingzou validatinguserflowstoprotectsoftwaredefinednetworkenvironments AT israataziz validatinguserflowstoprotectsoftwaredefinednetworkenvironments AT binyuan validatinguserflowstoprotectsoftwaredefinednetworkenvironments |
| _version_ |
1724794790921371648 |