A centralized secure plan for detecting and mitigation incidents in hybrid SDN

The information technology sector has experienced phenomenal growth during recent years. To follow this development many new technologies have emerged to satisfy the expectations of businesses and customers, such as Cloud Computing, mobility, virtualization, Internet of things and big data. Traditional network cannot longer support this growth and suffers more and more in terms of misconfiguration, management and configurations complexity. Software defined network (SDN) architectures can be considered as a big revolution in the field of computer networks, because they offer a centralized control on infrastructure, services and the applications deployed which facilitate configuration and management on the network. The implementation of this type of architecture is not obvious and requires great expertise and good handling and management of network equipment. To remedy this problem the SDN architectures have evolved towards distributed and hybrid architectures. Despites the advantages of using SDN, security issues remain a real obstacle in front of the deployment of this type of architecture. The centralized architecture of this type of networks makes it vulnerable to several types of attacks and intrusions, and the implementation of security equipment generally causes a decrease in performance and increase latency.

[1]  Ghizlane Orhanou,et al.  A Modular Secure Framework Based on SDMN for Mobile Core Cloud , 2016, MSPN.

[2]  Ali Ghaffari,et al.  Software defined networks: A survey , 2016, J. Netw. Comput. Appl..

[3]  Ken Gray,et al.  SDN: Software Defined Networks , 2013 .

[4]  Fouad Benamrane,et al.  New method for controller-to-controller communication in distributed SDN architecture , 2017, Int. J. Commun. Networks Distributed Syst..

[5]  Chen Sun,et al.  SFA: Stateful Forwarding Abstraction in SDN Data Plane , 2014, ONS.

[6]  Sandhya,et al.  A survey: Hybrid SDN , 2017, J. Netw. Comput. Appl..

[7]  Vinod Yegneswaran,et al.  AVANT-GUARD: scalable and vigilant switch flow management in software-defined networks , 2013, CCS.

[8]  Byrav Ramamurthy,et al.  OpenSec: A framework for implementing security policies using OpenFlow , 2014, 2014 IEEE Global Communications Conference.

[9]  Kim-Kwang Raymond Choo,et al.  Security, Privacy, and Anonymity in Computation, Communication, and Storage , 2017, Lecture Notes in Computer Science.

[10]  Kai Zhang,et al.  Global Flow Table: A convincing mechanism for security operations in SDN , 2017, Comput. Networks.

[11]  Kornchawal Chaipah,et al.  A Security Analysis of a Hybrid Mechanism to Defend DDoS Attacks in SDN , 2016 .

[12]  Yashar Ganjali,et al.  HyperFlow: A Distributed Control Plane for OpenFlow , 2010, INM/WREN.

[13]  Dave Evans,et al.  How the Next Evolution of the Internet Is Changing Everything , 2011 .

[14]  Raimo Kantola,et al.  Security for Future Software Defined Mobile Networks , 2015, 2015 9th International Conference on Next Generation Mobile Applications, Services and Technologies.

[15]  Mouad Ben Mamoun,et al.  An Overview on SDN Architectures with Multiple Controllers , 2016, J. Comput. Networks Commun..

[16]  Christopher Krügel,et al.  Service specific anomaly detection for network intrusion detection , 2002, SAC '02.

[17]  Zonghua Zhang,et al.  Enabling security functions with SDN: A feasibility study , 2015, Comput. Networks.

[18]  Andrei V. Gurtov,et al.  Security in Software Defined Networks: A Survey , 2015, IEEE Communications Surveys & Tutorials.