افزایش امنیت شبکه از طریق شبکه نرمافزاری تعریف شده
Abstract
1- INTRODUCTION
2- PROBLEM STATEMENT
3- HOW NETWORK SECURITY BENEFITS FROM SDN FEATURES?
4- DISCUSSION
5- CONCLUSION
REFERENCES
Abstract
Software Defined Networking (SDN) is an emerging technology that attracts significant attention from both industry and academia recently. By decoupling the control logic from the closed and proprietary implementations of traditional network devices, it enables researchers and practitioners to design new innovative network functions/protocols in a much more flexible, powerful, and easier way. We believe SDN provides new research opportunities to security, and it can greatly impact network security research in many different ways. However, till today, SDN has not been well recognized by the security community yet. In this systematic survey on SDN security, we investigate how the new features provided by SDN can help enhance network security and information security process. By systematically reasoning the opportunities introduced by SDN to network security, we hope to provide new insights for future research in this important area.
INTRODUCTION
Software Defined Networking (SDN) has quickly emerged as a new promising technology for future networks. With the separation of control plane from data plane thus enabling the easy addition of new, creative, powerful network functions/protocols, SDN has attracted significant attention from both academia and industry. In academia, since the publication of OpenFlow [33], which is a key component to realize the SDN concept, many research ideas based on SDN/OpenFlow have been proposed (and still go on) [35] [48] [6] [20] [26]. In industry, SDN is widely considered as the new paradigm for future networks, and many companies are deploying or plan to deploy such technology in order to strengthen their network architectures [24], reduce operational cost [19], and enable new network applications/functions [60]. The reason why many researchers and practitioners have interests in SDN is mainly because by decoupling the control logic from the closed, proprietary implementations of traditional network switch infrastructure, SDN enables us to design and distribute innovative flow handling and network control algorithms easily, and it helps us add much more intelligence and flexibility to the control plane. With the help of SDN, we can dynamically control network flows and monitor network status easily. For example, by employing SDN, we can easily implement a network load balancing function that is not easily and cheaply solved with existing techniques. These powerful and rich functions from SDN enable people to create new and creative network services or architectures. Some researchers propose a network virtualization service for a cloud network or a large-scale enterprise network [47] [37], and it has come into the spotlight due to its efficient resource management [17] [40]. In addition, a new wireless network architecture that can provide more robust wireless network services has been proposed based on SDN technology [38]. Besides these examples, there are many cases of employing SDN for a new service or a new architecture [35] [48] [6], and some have been already applied into real world network environments (e.g., Google data centers [24]).