SDN-based security framework for the IoT in distributed grid

Software-defined networking (SDN), is evolving as a new paradigm for the next generation of network architecture. The separation of control plane and data plane within SDN, brings the flexibility to manage, configure, secure, and optimize network resources using dynamic software programs. From a security point of view SDN has the ability to collect information from the network devices and allow applications to program the forwarding devices, which unleashes a powerful technology for proactive and smart security policy. These functions enable the integration of security tools that can be used in distributed scenarios, unlike the traditional security solutions based on a static firewall programmed by an administrator such as Intrusion Detection and Prevention System (IDS/IPS). This network programmability may be integrated to create a new communication platform for the Internet of Things (IoT). In this paper, we present our preliminary study that is focused on the understanding of an effective approach to build a cluster network using SDN. By using network virtualization and OpenFlow technologies to generate virtual nodes, we simulate a prototype system of over 500 devices controlled by SDN, and it represents a cluster. The results show that the network devices are only able to forward the packets by predefined rules on the controller. For this reason, we propose a method to control the IP header at the application-level to overcome this problem using Opflex within SDN architecture.

[1]  Sébastien Tixeuil,et al.  Self-stabilization in self-organized multihop wireless networks , 2005, 25th IEEE International Conference on Distributed Computing Systems Workshops.

[2]  Kpatcha M. Bayarou,et al.  OrchSec: An orchestrator-based architecture for enhancing network-security using Network Monitoring and SDN Control functions , 2014, 2014 IEEE Network Operations and Management Symposium (NOMS).

[3]  Luiz Angelo Steffenel,et al.  Grid of Security: A New Approach of the Network Security , 2009, 2009 Third International Conference on Network and System Security.

[4]  Hwee Pink Tan,et al.  Sensor OpenFlow: Enabling Software-Defined Wireless Sensor Networks , 2012, IEEE Communications Letters.

[5]  Flauzac Olivier,et al.  SDN Based Architecture for Clustered WSN , 2015, 2015 9th International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing.

[6]  Mabry Tyson,et al.  FRESCO: Modular Composable Security Services for Software-Defined Networks , 2013, NDSS.

[7]  Kuang-Ching Wang,et al.  OpenFlow-based load balancing for wireless mesh infrastructure , 2014, 2014 IEEE 11th Consumer Communications and Networking Conference (CCNC).

[8]  Xu Li,et al.  Zoning for hierarchical network optimization in software defined networks , 2014, 2014 IEEE Network Operations and Management Symposium (NOMS).

[9]  Nathalie Mitton,et al.  Self-organization in large scale ad hoc networks , 2004 .

[10]  Ajoy Kumar Datta,et al.  A self-stabilizing k-clustering algorithm for weighted graphs , 2010, J. Parallel Distributed Comput..

[11]  Mohamed Ibnkahla,et al.  Software-defined wireless network architectures for the Internet-of-Things , 2015, 2015 IEEE 40th Local Computer Networks Conference Workshops (LCN Workshops).

[12]  Colette Johnen,et al.  Robust self-stabilizing weight-based clustering algorithm , 2009, Theor. Comput. Sci..

[13]  Dave Evans,et al.  How the Next Evolution of the Internet Is Changing Everything , 2011 .

[14]  A. F. Adams,et al.  The Survey , 2021, Dyslexia in Higher Education.

[15]  Sakir Sezer,et al.  Sdn Security: A Survey , 2013, 2013 IEEE SDN for Future Networks and Services (SDN4FNS).

[16]  Fernando M. V. Ramos,et al.  Towards secure and dependable software-defined networks , 2013, HotSDN '13.

[17]  Baek-Young Choi,et al.  NEOD: Network Embedded On-line Disaster management framework for Software Defined Networking , 2013, 2013 IFIP/IEEE International Symposium on Integrated Network Management (IM 2013).

[18]  Tariq Javid,et al.  A layer2 firewall for software defined network , 2014, 2014 Conference on Information Assurance and Cyber Security (CIACS).

[19]  William Emmanuel Yu,et al.  Development of a distributed firewall using software defined networking technology , 2014, 2014 4th IEEE International Conference on Information Science and Technology.

[20]  Yashar Ganjali,et al.  HyperFlow: A Distributed Control Plane for OpenFlow , 2010, INM/WREN.

[21]  Luis Paulo Reis,et al.  Internet of Things: A system's architecture proposal , 2014, 2014 9th Iberian Conference on Information Systems and Technologies (CISTI).

[22]  Olivier Flauzac,et al.  Self-stabilizing k-hops clustering algorithm for wireless ad hoc networks , 2013, ICUIMC '13.

[23]  Song Guo,et al.  Evolution of Software-Defined Sensor Networks , 2013, 2013 IEEE 9th International Conference on Mobile Ad-hoc and Sensor Networks.

[24]  Ashraf Matrawy,et al.  Smart wireless sensor network management based on software-defined networking , 2014, 2014 27th Biennial Symposium on Communications (QBSC).

[25]  Sunhee Yang,et al.  Building firewall over the software-defined network controller , 2014, 16th International Conference on Advanced Communication Technology.

[26]  Song Guo,et al.  Energy-Efficient Cooperative Communications for Multimedia Applications in Multi-Channel Wireless Networks , 2015, IEEE Transactions on Computers.

[27]  Vidushi Sharma,et al.  Cluster Head Selection in Wireless Sensor Networks under Fuzzy Environment , 2013 .

[28]  Olivier Flauzac,et al.  SDN Based Architecture for IoT and Improvement of the Security , 2015, 2015 IEEE 29th International Conference on Advanced Information Networking and Applications Workshops.

[29]  Sharad Malik,et al.  An Adaptable Rule Placement for Software-Defined Networks , 2014, 2014 44th Annual IEEE/IFIP International Conference on Dependable Systems and Networks.

[30]  Colette Johnen,et al.  Self-stabilizing clustering algorithm for ad hoc networks , 2006 .

[31]  Hongke Zhang,et al.  Scalable area-based hierarchical control plane for software defined information centric networking , 2014, 2014 23rd International Conference on Computer Communication and Networks (ICCCN).

[32]  Andrei Vladyko,et al.  A fuzzy logic-based information security management for software-defined networks , 2014, 16th International Conference on Advanced Communication Technology.