Software Defined Networks and Security
VerifiedAdded on 2020/05/16
|8
|2362
|70
AI Summary
This assignment delves into the topic of Software Defined Networks (SDNs), focusing on their susceptibility to security threats, particularly Denial of Service (DoS) attacks. It explains various types of DoS attacks, such as buffer overflow and flood attacks, and their impact on network performance. The assignment also discusses strategies for mitigating these risks, including rate limiting, packet dropping, and other control plane techniques. Understanding SDN vulnerabilities and security measures is crucial in today's interconnected world.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Running head: OVERVIEW OF NETWORK SECURITY
OVERVIEW OF NETWORK SECURITY
Name of the Student
Name of the University
Authors Note:
OVERVIEW OF NETWORK SECURITY
Name of the Student
Name of the University
Authors Note:
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
1OVERVIEW OF NETWORK SECURITY
` Table of Contents
Part 1..............................................................................................................................................2
Literature Review.......................................................................................................................2
Introduction to SDN................................................................................................................2
Characteristics of SDN network in comparison to traditional network...................................3
Advantages of SDN over traditional network..........................................................................3
Disadvantage of SDN over traditional network.......................................................................4
Part 2..............................................................................................................................................5
Critical analysis...........................................................................................................................5
Security Issue in SDN..............................................................................................................5
References......................................................................................................................................7
` Table of Contents
Part 1..............................................................................................................................................2
Literature Review.......................................................................................................................2
Introduction to SDN................................................................................................................2
Characteristics of SDN network in comparison to traditional network...................................3
Advantages of SDN over traditional network..........................................................................3
Disadvantage of SDN over traditional network.......................................................................4
Part 2..............................................................................................................................................5
Critical analysis...........................................................................................................................5
Security Issue in SDN..............................................................................................................5
References......................................................................................................................................7
2OVERVIEW OF NETWORK SECURITY
Part 1
Literature Review
Introduction to SDN
Software defined networks (SDN) generally empowers various kinds of network operators with
various kinds of flexibility for the Network. With the help of SDN, management of network moves for
analyzing functionality in various kinds of low level device configuration which is used for building and
creating software which will help in management of network and debugging [1]. According to SDN
provides proper way which can be easily used for solving various kinds of problems in networking like
routing. On the other hand, it allows use of security and various kinds of techniques like access control
and multipath. SDN application are nothing but certain number of programs which helps in
communication of behaviors and need various kinds of resources within the SDN controller through the
help of Application Programming Interference (API) [2].
In the coming pages of the report various of the important terms like manipulation of network,
diversion of traffic and denial of service attack has been discussed with respect to software defined
networks. Manipulation of network can be done only with the help of control plane. Diversion of traffic
is nothing but a kind of network plane which is based or depended on data plane. Denial of service is a
well-known type of attack which can be used for affecting the various types or kinds of SDN. Various
kinds of application can easily build abstracted view of the network and this generally works by creating
an abstract view of document which can easily work by proper collection of information from the
controller which is used for various kinds of process related to decision making. This kind of application
is generally inclusive of various kinds of task which is inclusive of management, analytics and various
kinds of business application which can be used for running large data centers [3].
The controller layer of SDN can be considered to be a kind of logical entity which generally
receives various kinds of instruction or requirements from the application layer of SDN which is
generally depends on various kinds of network. The controller mainly helps in extraction of SDN which
generally comes up with an abstract view of the various kinds of networks which is inclusive of statistics
and various kinds of events [1]. The networking of SDN device and control has forwarding and
processing of capabilities for various kinds of networks. This is generally inclusive of processing and
proper forwarding of path of data.
Part 1
Literature Review
Introduction to SDN
Software defined networks (SDN) generally empowers various kinds of network operators with
various kinds of flexibility for the Network. With the help of SDN, management of network moves for
analyzing functionality in various kinds of low level device configuration which is used for building and
creating software which will help in management of network and debugging [1]. According to SDN
provides proper way which can be easily used for solving various kinds of problems in networking like
routing. On the other hand, it allows use of security and various kinds of techniques like access control
and multipath. SDN application are nothing but certain number of programs which helps in
communication of behaviors and need various kinds of resources within the SDN controller through the
help of Application Programming Interference (API) [2].
In the coming pages of the report various of the important terms like manipulation of network,
diversion of traffic and denial of service attack has been discussed with respect to software defined
networks. Manipulation of network can be done only with the help of control plane. Diversion of traffic
is nothing but a kind of network plane which is based or depended on data plane. Denial of service is a
well-known type of attack which can be used for affecting the various types or kinds of SDN. Various
kinds of application can easily build abstracted view of the network and this generally works by creating
an abstract view of document which can easily work by proper collection of information from the
controller which is used for various kinds of process related to decision making. This kind of application
is generally inclusive of various kinds of task which is inclusive of management, analytics and various
kinds of business application which can be used for running large data centers [3].
The controller layer of SDN can be considered to be a kind of logical entity which generally
receives various kinds of instruction or requirements from the application layer of SDN which is
generally depends on various kinds of network. The controller mainly helps in extraction of SDN which
generally comes up with an abstract view of the various kinds of networks which is inclusive of statistics
and various kinds of events [1]. The networking of SDN device and control has forwarding and
processing of capabilities for various kinds of networks. This is generally inclusive of processing and
proper forwarding of path of data.
3OVERVIEW OF NETWORK SECURITY
Overflow is generally considered to be first type of SDN (Software defining Networking)
standard or type [5]. It mainly focusses on the communication protocol in the environment of SDN
which provides the SDN controller so that it can directly interact with the various kinds of network
devices like router and switches. It can both in physical environment which can easily work as per the
need of evolving requirement of business. An SDN controller is generally considered to be brain of SDN
network which provides information to various kinds of switches and routers [6].
Characteristics of SDN network in comparison to traditional network
Traditional configuration is time consuming and more prone to various kinds of error. Various
kinds of steps are generally needed when an IT administrator needs to add or eliminate device which is
present in a traditional kind or type of network [7]. The next procedure is nothing management at
device level tool for updating of various kinds of configuration based setting which is inclusive of various
kinds of parameters like ACL, VLAN and other kind of Quality of service. The multi-vendor generally
requires a high value of expertise. An average organization generally owns variety of equipment at large
number of vendors. For successful completion of a configuration an administrator generally needs or
require extensive type of knowledge which is generally based on various kinds of devices. Traditional
architecture generally complicates the segmentation of network [8]. In the upcoming years various
gadgets like PC and smartphone, alarm system will be connected to the cloud through internet. Various
types of traditional network have many kinds of device working in same zone. By the help of this
platform hackers can easily get various kinds of network components.
On the contrary there are many kinds of benefits associated with SDN that are accuracy,
consistency and benefits. Traditional networking needs configuration which is generally executed on
basis of device by device. A key function of SDN approach is automatic approach which can be easily
used for proper management of network [9]. Apart from upgrading the efficiency and accuracy of
configuration this method or process can be used for improvisation of responsiveness of a network. The
second benefit which is associated with SDN is optimization of flow of data. In spite of having single path
which is for flow of communication to the addressed to destination. The main task of SDN controller is
mainly help in identification of multiple path for flow of data. This particular method or technique of
approach allow the flow of traffic across into various kinds of nodes [10]. Performance of network and
scalability is improvised by proper optimization of the path of network which is generally used flow of
data between source and nodes at the destination.
Overflow is generally considered to be first type of SDN (Software defining Networking)
standard or type [5]. It mainly focusses on the communication protocol in the environment of SDN
which provides the SDN controller so that it can directly interact with the various kinds of network
devices like router and switches. It can both in physical environment which can easily work as per the
need of evolving requirement of business. An SDN controller is generally considered to be brain of SDN
network which provides information to various kinds of switches and routers [6].
Characteristics of SDN network in comparison to traditional network
Traditional configuration is time consuming and more prone to various kinds of error. Various
kinds of steps are generally needed when an IT administrator needs to add or eliminate device which is
present in a traditional kind or type of network [7]. The next procedure is nothing management at
device level tool for updating of various kinds of configuration based setting which is inclusive of various
kinds of parameters like ACL, VLAN and other kind of Quality of service. The multi-vendor generally
requires a high value of expertise. An average organization generally owns variety of equipment at large
number of vendors. For successful completion of a configuration an administrator generally needs or
require extensive type of knowledge which is generally based on various kinds of devices. Traditional
architecture generally complicates the segmentation of network [8]. In the upcoming years various
gadgets like PC and smartphone, alarm system will be connected to the cloud through internet. Various
types of traditional network have many kinds of device working in same zone. By the help of this
platform hackers can easily get various kinds of network components.
On the contrary there are many kinds of benefits associated with SDN that are accuracy,
consistency and benefits. Traditional networking needs configuration which is generally executed on
basis of device by device. A key function of SDN approach is automatic approach which can be easily
used for proper management of network [9]. Apart from upgrading the efficiency and accuracy of
configuration this method or process can be used for improvisation of responsiveness of a network. The
second benefit which is associated with SDN is optimization of flow of data. In spite of having single path
which is for flow of communication to the addressed to destination. The main task of SDN controller is
mainly help in identification of multiple path for flow of data. This particular method or technique of
approach allow the flow of traffic across into various kinds of nodes [10]. Performance of network and
scalability is improvised by proper optimization of the path of network which is generally used flow of
data between source and nodes at the destination.
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
4OVERVIEW OF NETWORK SECURITY
Advantages of SDN over traditional network
There are large number of advantage of SDN (Software Defined Network):
Provisioning of Network in a centralized way: SDN (Software Defined Network) provides the
view in a centralized way so that overview of the network is possible which helps in centralized
management and its provisioning [11]. By making use of control and data planes, SDN can easily
accelerate delivery of various kinds of services and also provides provisioning in both types of virtual and
physical type of networks devices from a particular central based location.
Better Security: One of best advantage of SDN that is attractive to various kinds of IT managers
is the security which is provided by it. With development of virtualization network management has
become more complex and challenging in nature [12]. When complexity such as securing of various
kinds of BYOD device the security problem is checked or analyzed. The controller at SDN provides a
point which can be used for distribution of security and policies of information through various
enterprises.
Lower Operating Cost: Efficiency of administrative, improvisation of utilization of server,
controlling of virtualization and other kinds of benefits generally result in operational kind of savings.
SDN should result in administrative kind of saving.
Disadvantage of SDN over traditional network
Generally, SDN is considered to be beneficial for various kinds of IT solution and providers of
cloud. There are many kinds of challenges which are encountered in SDN that are control placement,
scalability, performance and reliability [5]. The controller of SDN must be configured wisely for
prevention against various manual errors and increase the availability of network. In a centralized
architecture of SDN, a controller is generally in charge of various kinds of networks and if there is failure
in this network then the whole network will collapse.
The second issue which can be encountered is the issue of scalability, because of this kind of
approach works as long as API is connected to it [7]. The centralized view of network generally
accelerates the change which is seen in a control panel.
Advantages of SDN over traditional network
There are large number of advantage of SDN (Software Defined Network):
Provisioning of Network in a centralized way: SDN (Software Defined Network) provides the
view in a centralized way so that overview of the network is possible which helps in centralized
management and its provisioning [11]. By making use of control and data planes, SDN can easily
accelerate delivery of various kinds of services and also provides provisioning in both types of virtual and
physical type of networks devices from a particular central based location.
Better Security: One of best advantage of SDN that is attractive to various kinds of IT managers
is the security which is provided by it. With development of virtualization network management has
become more complex and challenging in nature [12]. When complexity such as securing of various
kinds of BYOD device the security problem is checked or analyzed. The controller at SDN provides a
point which can be used for distribution of security and policies of information through various
enterprises.
Lower Operating Cost: Efficiency of administrative, improvisation of utilization of server,
controlling of virtualization and other kinds of benefits generally result in operational kind of savings.
SDN should result in administrative kind of saving.
Disadvantage of SDN over traditional network
Generally, SDN is considered to be beneficial for various kinds of IT solution and providers of
cloud. There are many kinds of challenges which are encountered in SDN that are control placement,
scalability, performance and reliability [5]. The controller of SDN must be configured wisely for
prevention against various manual errors and increase the availability of network. In a centralized
architecture of SDN, a controller is generally in charge of various kinds of networks and if there is failure
in this network then the whole network will collapse.
The second issue which can be encountered is the issue of scalability, because of this kind of
approach works as long as API is connected to it [7]. The centralized view of network generally
accelerates the change which is seen in a control panel.
5OVERVIEW OF NETWORK SECURITY
Part 2
Critical analysis
Security Issue in SDN
The upgradation or evolution of Networks has ultimately resulted in creation of new kinds of
attacks which have various kinds of unidentified types of risk which is associated with it [9]. There are
mainly nine types of SDN attacks:
Manipulation of networks
Diversion of traffic
DOS (Denial of service) attack
Manipulation of Network: This can be done only with the help of control plane and in this
technique an attacker compromises with the SDN controller and generally produces data of network and
produces or initiates various kinds of attack on then network [3]. In other words, Network manipulation
can be easily defined as any kind of attempt which is needed for web graph and social network which
can easily manipulate various kinds of tools in a much beneficial way to the manipulators. The
modification in a network can be easily defined as a term which is used for altering the structure and its
contents [5]. Each of the network manipulation technique is generally implemented by making use of
structure of various kinds of network components.
Protection: To overcome this attack, SDN controller should have an entity based on redundancy
and channel used for communication should be protected by making use of strong encryption
techniques or methods.
Diversion of traffic: This type of attack generally occurs to the network element which is present
at data plane. This type of attack generally consists of redirecting of traffic flow and it also allows
eavesdropping [3]. Radar system can be easily used for real-time traffic diversion. Radar technology is
generally used for detection and diversification of various kinds of malicious traffic for ensuring safety of
a location. Radar system is generally inclusive of network monitoring and diversion of traffic with
detection of threat [7].
Protection: This can be only achieved with help of elements in a secure network and its
communication channel which comprises of strong kind of encryption.
Part 2
Critical analysis
Security Issue in SDN
The upgradation or evolution of Networks has ultimately resulted in creation of new kinds of
attacks which have various kinds of unidentified types of risk which is associated with it [9]. There are
mainly nine types of SDN attacks:
Manipulation of networks
Diversion of traffic
DOS (Denial of service) attack
Manipulation of Network: This can be done only with the help of control plane and in this
technique an attacker compromises with the SDN controller and generally produces data of network and
produces or initiates various kinds of attack on then network [3]. In other words, Network manipulation
can be easily defined as any kind of attempt which is needed for web graph and social network which
can easily manipulate various kinds of tools in a much beneficial way to the manipulators. The
modification in a network can be easily defined as a term which is used for altering the structure and its
contents [5]. Each of the network manipulation technique is generally implemented by making use of
structure of various kinds of network components.
Protection: To overcome this attack, SDN controller should have an entity based on redundancy
and channel used for communication should be protected by making use of strong encryption
techniques or methods.
Diversion of traffic: This type of attack generally occurs to the network element which is present
at data plane. This type of attack generally consists of redirecting of traffic flow and it also allows
eavesdropping [3]. Radar system can be easily used for real-time traffic diversion. Radar technology is
generally used for detection and diversification of various kinds of malicious traffic for ensuring safety of
a location. Radar system is generally inclusive of network monitoring and diversion of traffic with
detection of threat [7].
Protection: This can be only achieved with help of elements in a secure network and its
communication channel which comprises of strong kind of encryption.
6OVERVIEW OF NETWORK SECURITY
Denial of service attack: This is a well-known type of attack which generally affect the various
parts of an SDN. By making use of DOS attacker can easily reduce or provide complete denial of a service
which is provide various kinds of SDN services [3]. A denial of service attack is a kind of attack which
generally takes place when an attacker takes some kinds of action which prevents the user from
accessing a particular system. There are some guidelines which can be used for determining DOS attack
[1]. There are generally two methods of DOS attack that is flooding service or crashing service. Flood
attacks generally occur when the system receiver have too much of traffic for server to buffer which
ultimately results in slowing down of it [10]. Some popular type of flood attack is butter flow attack,
ICMP flood and lastly SYN flood. Buffer overflow attack is the most well-known type of DOS attack.
Degradation of performance especially when it comes to open of files which are
generally stored on networks or accessing various kinds of website.
Unable to reach a particular website
A much higher number of emails than usual email.
Protection: The issue can be easily overcome by using rate of limitation and techniques of
packet of packet dropping at the control plane.
Denial of service attack: This is a well-known type of attack which generally affect the various
parts of an SDN. By making use of DOS attacker can easily reduce or provide complete denial of a service
which is provide various kinds of SDN services [3]. A denial of service attack is a kind of attack which
generally takes place when an attacker takes some kinds of action which prevents the user from
accessing a particular system. There are some guidelines which can be used for determining DOS attack
[1]. There are generally two methods of DOS attack that is flooding service or crashing service. Flood
attacks generally occur when the system receiver have too much of traffic for server to buffer which
ultimately results in slowing down of it [10]. Some popular type of flood attack is butter flow attack,
ICMP flood and lastly SYN flood. Buffer overflow attack is the most well-known type of DOS attack.
Degradation of performance especially when it comes to open of files which are
generally stored on networks or accessing various kinds of website.
Unable to reach a particular website
A much higher number of emails than usual email.
Protection: The issue can be easily overcome by using rate of limitation and techniques of
packet of packet dropping at the control plane.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7OVERVIEW OF NETWORK SECURITY
References
[1]T. Muciaccia and V. Passaro, "Future Scenarios for Software-Defined Metro and Access Networks and
Software-Defined Photonics", Photonics, vol. 4, no. 1, p. 1, 2017.
[2]K. Benzekki, A. El Fergougui and A. Elbelrhiti Elalaoui, "Software-defined networking (SDN): a
survey", Security and Communication Networks, vol. 9, no. 18, pp. 5803-5833, 2016.
[3]P. Boryło, J. Domżał and R. Wójcik, "Survivable Automatic Hidden Bypasses in Software-Defined
Networks", Computer Networks, 2018.
[4]A. Leon-Garcia, P. Ashwood-Smith and Y. Ganjali, "Software Defined Networks", Computer Networks,
vol. 92, pp. 209-210, 2015.
[5]P. Murali Mohan, T. Truong-Huu and M. Gurusamy, "Fault tolerance in TCAM-limited software
defined networks", Computer Networks, vol. 116, pp. 47-62, 2017.
[6]S. Lin, P. Wang and M. Luo, "Control traffic balancing in software defined networks", Computer
Networks, vol. 106, pp. 260-271, 2016.
[7]M. Channegowda, R. Nejabati and D. Simeonidou, "Software-Defined Optical Networks Technology
and Infrastructure: Enabling Software-Defined Optical Network Operations [Invited]", Journal of
Optical Communications and Networking, vol. 5, no. 10, p. A274, 2013.
[8]"Special Issue on Software-Defined Wireless Networks", The Computer Journal, vol. 60, no. 10, pp.
1415-1416, 2017.
[9]H. Farhady, H. Lee and A. Nakao, "Software-Defined Networking: A survey", Computer Networks, vol.
81, pp. 79-95, 2015.
[10]B. Xiong, X. Peng and J. Zhao, "A Concise Queuing Model for Controller Performance in Software-
Defined Networks", Journal of Computers, vol. 11, no. 3, pp. 232-237, 2016.
References
[1]T. Muciaccia and V. Passaro, "Future Scenarios for Software-Defined Metro and Access Networks and
Software-Defined Photonics", Photonics, vol. 4, no. 1, p. 1, 2017.
[2]K. Benzekki, A. El Fergougui and A. Elbelrhiti Elalaoui, "Software-defined networking (SDN): a
survey", Security and Communication Networks, vol. 9, no. 18, pp. 5803-5833, 2016.
[3]P. Boryło, J. Domżał and R. Wójcik, "Survivable Automatic Hidden Bypasses in Software-Defined
Networks", Computer Networks, 2018.
[4]A. Leon-Garcia, P. Ashwood-Smith and Y. Ganjali, "Software Defined Networks", Computer Networks,
vol. 92, pp. 209-210, 2015.
[5]P. Murali Mohan, T. Truong-Huu and M. Gurusamy, "Fault tolerance in TCAM-limited software
defined networks", Computer Networks, vol. 116, pp. 47-62, 2017.
[6]S. Lin, P. Wang and M. Luo, "Control traffic balancing in software defined networks", Computer
Networks, vol. 106, pp. 260-271, 2016.
[7]M. Channegowda, R. Nejabati and D. Simeonidou, "Software-Defined Optical Networks Technology
and Infrastructure: Enabling Software-Defined Optical Network Operations [Invited]", Journal of
Optical Communications and Networking, vol. 5, no. 10, p. A274, 2013.
[8]"Special Issue on Software-Defined Wireless Networks", The Computer Journal, vol. 60, no. 10, pp.
1415-1416, 2017.
[9]H. Farhady, H. Lee and A. Nakao, "Software-Defined Networking: A survey", Computer Networks, vol.
81, pp. 79-95, 2015.
[10]B. Xiong, X. Peng and J. Zhao, "A Concise Queuing Model for Controller Performance in Software-
Defined Networks", Journal of Computers, vol. 11, no. 3, pp. 232-237, 2016.
1 out of 8
Related Documents
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.