Next Article in Journal
Numerical and Experimental Study on Enhancing Performance of the Stand Fan
Previous Article in Journal
Researching a Fuzzy- and Performance-Based Optimization Method for the Life-Cycle Cost of SRHPC Frame Structures
Article Menu
Issue 3 (March) cover image

Export Article

Open AccessArticle
Appl. Sci. 2017, 7(3), 266; doi:10.3390/app7030266

Robust and Agile System against Fault and Anomaly Traffic in Software Defined Networks

1
Department of Computer Science & Engineering, Computer System Institute, Hankyong National University/327, Jungang-ro, Anseong-si, Gyeonggi-do 17579, Korea
2
Computer Engineering Department, San Jose State University, One Washington Square, San Jose, CA 95192, USA
*
Author to whom correspondence should be addressed.
Academic Editor: Christos Bouras
Received: 10 December 2016 / Revised: 1 March 2017 / Accepted: 2 March 2017 / Published: 8 March 2017
View Full-Text   |   Download PDF [2567 KB, uploaded 9 March 2017]   |  

Abstract

The main advantage of software defined networking (SDN) is that it allows intelligent control and management of networking though programmability in real time. It enables efficient utilization of network resources through traffic engineering, and offers potential attack defense methods when abnormalities arise. However, previous studies have only identified individual solutions for respective problems, instead of finding a more global solution in real time that is capable of addressing multiple situations in network status. To cover diverse network conditions, this paper presents a comprehensive reactive system for simultaneously monitoring failures, anomalies, and attacks for high availability and reliability. We design three main modules in the SDN controller for a robust and agile defense (RAD) system against network anomalies: a traffic analyzer, a traffic engineer, and a rule manager. RAD provides reactive flow rule generation to control traffic while detecting network failures, anomalies, high traffic volume (elephant flows), and attacks. The traffic analyzer identifies elephant flows, traffic anomalies, and attacks based on attack signatures and network monitoring. The traffic engineer module measures network utilization and delay in order to determine the best path for multi-dimensional routing and load balancing under any circumstances. Finally, the rule manager generates and installs a flow rule for the selected best path to control traffic. We implement the proposed RAD system based on Floodlight, an open source project for the SDN controller. We evaluate our system using simulation with and without the aforementioned RAD modules. Experimental results show that our approach is both practical and feasible, and can successfully augment an existing SDN controller in terms of agility, robustness, and efficiency, even in the face of link failures, attacks, and elephant flows. View Full-Text
Keywords: software defined networks; network measurement; traffic engineering; intrusion detection system; network attacks; reactive routing software defined networks; network measurement; traffic engineering; intrusion detection system; network attacks; reactive routing
Figures

Figure 1

This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited. (CC BY 4.0).

Scifeed alert for new publications

Never miss any articles matching your research from any publisher
  • Get alerts for new papers matching your research
  • Find out the new papers from selected authors
  • Updated daily for 49'000+ journals and 6000+ publishers
  • Define your Scifeed now

SciFeed Share & Cite This Article

MDPI and ACS Style

Kim, M.; Park, Y.; Kotalwar, R. Robust and Agile System against Fault and Anomaly Traffic in Software Defined Networks. Appl. Sci. 2017, 7, 266.

Show more citation formats Show less citations formats

Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Related Articles

Article Metrics

Article Access Statistics

1

Comments

[Return to top]
Appl. Sci. EISSN 2076-3417 Published by MDPI AG, Basel, Switzerland RSS E-Mail Table of Contents Alert
Back to Top