کشف ارتباط ایمن و کم حجم برای شبکه نرم افزار محور (SDN)
ترجمه نشده

کشف ارتباط ایمن و کم حجم برای شبکه نرم افزار محور (SDN)

عنوان فارسی مقاله: SLDP: پروتکل کشف ارتباط ایمن و کم حجم برای شبکه نرم افزار محور
عنوان انگلیسی مقاله: SLDP: A secure and lightweight link discovery protocol for software defined networking
مجله/کنفرانس: شبکه های کامپیوتری - Computer Networks
رشته های تحصیلی مرتبط: مهندسی کامپیوتر، مهندسی فناوری اطلاعات
گرایش های تحصیلی مرتبط: شبکه های کامپیوتری و سامانه های شبکه ای، مهندسی نرم افزار
کلمات کلیدی فارسی: کشف توپولوژی، پروتکل های کشف لینک، مسمومیت شبکه، حملات سیل، حملات بازپخش، شبکه های نرم افزار محور، پروتکل اوپن فلو
کلمات کلیدی انگلیسی: Topology discovery، Link discovery protocols، Network poisoning، Flooding attacks، Replay attacks، Software defined networks، Openflow protocol
نوع نگارش مقاله: مقاله پژوهشی (Research Article)
نمایه: Scopus - Master Journals List - JCR
شناسه دیجیتال (DOI): https://doi.org/10.1016/j.comnet.2018.12.014
دانشگاه: Malaviya National Institute of Technology, Jaipur, India
صفحات مقاله انگلیسی: 15
ناشر: الزویر - Elsevier
نوع ارائه مقاله: ژورنال
نوع مقاله: ISI
سال انتشار مقاله: 2019
ایمپکت فاکتور: 4/205 در سال 2018
شاخص H_index: 119 در سال 2019
شاخص SJR: 0/592 در سال 2018
شناسه ISSN: 1389-1286
شاخص Quartile (چارک): Q1 در سال 2018
فرمت مقاله انگلیسی: PDF
وضعیت ترجمه: ترجمه نشده است
قیمت مقاله انگلیسی: رایگان
آیا این مقاله بیس است: خیر
کد محصول: E11438
فهرست مطالب (انگلیسی)

Abstract

1- Introduction

2- Background and related work

3- The SLDP protocol

4- Simulation results and discussions

5- Conclusion and future work

References

بخشی از مقاله (انگلیسی)

Abstract

In Software Defined Networks (SDNs), the global view of the underlying network topology is created and maintained at the logically centralized controller. SDN achieves it by decoupling the data plane from the control plane. The up-to-date global view at SDN controller enables the applications (running on top of it) to innovate through dynamic network programmability. To establish a global view, a controller needs to discover a physical topology of the underlying SDN network infrastructure, which is challenging due to various reasons such as the lack of SDN protocols standardization and authentication mechanisms, use of sub-optimal link discovery protocols (e.g., OFDP and LLDP), dynamic topology due to movement of virtualized data centers, switches, and multi-tenant cloud networks, and lack of integration of security schemes for the topology discovery. In this paper, we propose a SDN Link Discovery Protocol (SLDP) for efficient discovery and extraction of topology information in SDN networks. The design of SLDP is motivated from the need of a secure, lightweight, and efficient link discovery protocol in SDN. SLDP aims to prevent, detect, and mitigate various security threats such as poison, replay, and flooding attacks, which are due to lack of source authentication, lack of packet integrity checks, and reuse of static packets. SLDP creates and maintains the global network topology at SDN controller by using smaller size and lower number of SLDP packets during the topology discovery process. Thus, it significantly minimizes the topology discovery overhead in the network. We implemented SLDP on Mininet emulator, and the results show the effectiveness and correctness of SLDP concerning topology discovery time, CPU computational time, and bandwidth overheads, when compared with the traditional OpenFlow Link Discovery Protocol (OFDP). Additionally, SLDP successfully prevent, detect, and mitigate various attacks (e.g., poison, replay, and flooding) in different SDN scenarios.

Introduction

For any data center, the essential requirements are robustness and manageability. Software Defined Network (SDN) offers programmability, flexibility, and openness to ensure these requirements [1,2]. Due to the separation of data plane and control plane, the SDN controller exhibits a global view of the underlying network topology, which enables it to make the optimal decisions for various applications that runs on top of the controller. For instance, applications such as load-balancing and shortest pathfinder, uses the global view to function efficiently. The view construction and maintenance require the discovery of underlying network topology, which consists of switches and links. The existing SDN controllers use OpenFlow Discovery Protocol (OFDP) with Link Layer Discovery Protocol (LLDP) packets for link discovery, which is prone to various security threats. In SDN, the global view is generated by performing the switch discovery, the link discovery, and sometimes the host discovery. Once an OpenFlow-enabled switch connects to the network, it performs a TCP three-way handshake with a pre-stored remote socket residing at the SDN controller. After successful handshaking, both negotiate on the OpenFlow version. Subsequently, the switch is asked for its capabilities and ports status. These steps help controller to discover the switch with available ports. To perform various topology-aware activity, link discovery is mandatory. Most of the SDN controllers use OpenFlow Link Discovery Protocol (OFDP) and Link Layer Discovery Protocol (LLDP) for the discovery process.