List of Articles Software Defined Networks

• Open Access Article
  • Abstract Page
  • Full-Text
  
  1 - A New Set Covering Controller Placement Problem Model for Large Scale SDNs
  احمد جلیلی رضا اکبری منیژه  کشتگری
  10.7508/jist.2018.21.004
  Software Defined Network (SDN) is an emerging architecture that can overcome the challenges facing traditional networks. SDN enables administrator/operator to build a simpler and manageable network. New SDN paradigms are encouraged to deploy multiple (rather than centra More

  Software Defined Network (SDN) is an emerging architecture that can overcome the challenges facing traditional networks. SDN enables administrator/operator to build a simpler and manageable network. New SDN paradigms are encouraged to deploy multiple (rather than centralized) controllers to monitor the entire system. The Controller Placement Problem (CPP) is one of the key issues in SDN that affects every aspect of it such as scalability, convergence time, fault tolerance and node to controller latency. This problem has been investigated in diverse papers with their major attention paid on optimizing the location of an arbitrary number of controllers. The related works in this area get less attention to two following important issues. i) Bidirectional end-to-end latency between switch and its controller instead of propagation latency, ii) finding the minimal number of controllers that even is a prerequisite for locating them. In this paper, a Set Covering Controller Placement Problem Model (SCCPPM) to find the least number of required controllers with regard to carrier grade latency requirement is proposed. The new model is carried out on a set of 124 graphs from the Internet Topology Zoo and solve them with IBM ILOG CPLEX Optimization package. As expected, our results indicate that the number of required controllers for high resiliency is dependent on topology and network size. As well, in order to achieve carrier grade requirement, 86 percent of topologies must have more than one controller. Manuscript profile
• Open Access Article
  • Abstract Page
  • Full-Text
  
  2 - A New Parallel Method to Verify the Packets Forwarding in SDN Networks
  Rozbeh Beglari Hakem Beitollahi
  The rise of Software-Defined Networking (SDN) has revolutionized network management, offering greater flexibility and programmability. However, ensuring the accuracy of packet forwarding remains paramount for maintaining network reliability and security in SDN environme More

  The rise of Software-Defined Networking (SDN) has revolutionized network management, offering greater flexibility and programmability. However, ensuring the accuracy of packet forwarding remains paramount for maintaining network reliability and security in SDN environments. Unlike traditional IP networks, SDN separates the control plane from the data plane, creating new challenges for securing data transmission. Existing verification methods designed for IP networks often cannot be directly applied to SDN due to this architectural difference. To address the limitations of existing verification methods in SDN networks, new approaches are necessary. This research proposes a novel parallel method for verifying packet forwarding, building upon concepts from DYNAPFV. The proposed approach aims to overcome specific limitations of existing methods (including DYNAPFV), such as scalability issues, slow verification times. Simulations demonstrate significant improvements compared to DYNAPFV. The proposed parallel method achieves a 92% reduction in time required to identify malicious nodes within the network. The results also reveal a trade-off between security and verification time. As the probability of packet integrity confirmation increases from 0.8 to 0.99, system security strengthens, but the time to detect malicious switches also increases. Manuscript profile
• Open Access Article
  • Abstract Page
  • Full-Text
  
  3 - Proposing a Detection and Mitigation Approach for DDoS Attacks on SDN-Based IoT Networks
  fatemeh MotieShirazi Seyedakbar Mostafavi
  Internet of Things (IoT) is a network of objects on which objects can communicate with other objects. The Internet of Things is currently constantly under numerous attacks due to technical, legal and human problems. One of the most important of these attacks is the Deni More

  Internet of Things (IoT) is a network of objects on which objects can communicate with other objects. The Internet of Things is currently constantly under numerous attacks due to technical, legal and human problems. One of the most important of these attacks is the Denial of Service (DoS) attack, in which normal network services are out of service and it is impossible for objects and users to access the server and other resources. Existing security solutions have not been able to effectively prevent interruption attacks in Internet of Things services. Software-oriented network (SDN) is a new architecture in the network based on the separation of the control and data plane of the network. Programmability and network management capability by SDN can be used in IoT services because some IoT devices send data periodically and in certain time intervals. SDN can help reduce or prevent the data flood caused by IoT if properly deployed in the data center. In this article, a method to detect DDoS attacks in Internet of Things based on SDN is presented and then an algorithm to reduce DDoS attacks is presented. The proposed method is based on the entropy criterion, which is one of the most important concepts in information theory and is calculated based on the characteristics of the flow. In this method, by using two new components on the controller to receive incoming packets and considering the time window and calculating entropy and flow rate, a possible attack is detected in the network, and then based on the statistics of the flow received from the switches, the certainty of the attack is determined. Compared to the existing methods, the proposed method has improved 12% in terms of attack detection time and 26% in terms of false positives/negatives. Manuscript profile