Proposed Protocol and Architecture of SDN Data Center System
Added on 2019-09-27
6 Pages1048 Words84 Views
|
|
|
Chapter Three: Methodology
3.1IntroductionIn this chapter, the proposed protocol and architecture of the SDN data center system, and the forensic details will be explained. Theforensic algorithm builds in main concepts as following:- SDN architecture - Centralized architecture - Preserved the packet source IP address and Data section- Decision making by centralized - Detection functions implemented through two ways: firstdetection node connected to the head controller, second utilization theSDN programmability of head controller and embedded the detectionalgorithm within. - Backward flow once the attacks detected The detection will be examined once the controller is not domaincontroller. However, the chapter further evaluated the proposed systemadopting Mininet environment to stimulate the datacenter protocolstructure and various parameters will be determined such aspreservation of evidence, action, absolute speed, accuracy, delay,throughput, CPU utilization for the controllers. 3.2Proposed Architecture of the SDN network The proposed architecture of the data center will beaccommodate the SDN architecture, where the controller of the systemwill be divided in two three level called respectively the sourcecontroller, head controller and domain controller.
The source controller is the controller which the message orinformation induced from.The Head controller has the same concept of centralizedcontroller, or in other words; it is the controller which only response isto forward the packets of data to the next controller. The controller willbe head controller if it is not a source and not the destination. The destination controller, which is the last controller in thescheme and the target of packet to reside in. These controllers exchange packet in term of proposed protocol,where the extra or addition node embedded informed the headcontroller of attacks through deploying various detection system oralgorithm such as the proposed Niyaz et al. study [28] which detectsthe DDos attacks that consider the common attacks that datacentreexposure. Additional algorithm will be used the Tang et al. [29], whichdetect the IDS attacks. The main idea of the detection algorithmimplementation in the architecture gained based the programmabilityfeature of the SDN controllers or Node, which the detection node canbe added as extra node in the architecture or as embedded in thecontroller functions. In the last case, many parameters have to beconcerned as CPU utilization, storage, processing time, andthroughputs. The main parameter must be guarantee in both detectionimplementation cases; the processing time must be less than the time ofdata center's switches forwarding packets, where decision must betaken before the packets reach the destination SDN network. Theprocessing time can be adjust based the detection algorithm chosen.Further, the trade off between detection accuracy and time processingmust be achieved.
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents