nach oben

Erschienen in:

2019 | OriginalPaper | Buchkapitel

CloudSDN: Enabling SDN Framework for Security and Threat Analytics in Cloud Networks

verfasst von : Prabhakar Krishnan, Krishnashree Achuthan

Erschienen in: Ubiquitous Communications and Network Computing

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

The “Software-Defined Networking (SDN), Network Function Virtualization (NFV)” are recent network paradigms and “OpenStack”, a widely deployed Cloud management platform. The goal of this presented research work is to integrate the SDN, NFV into OpenStack based Cloud platform, draw practical insights in their inter-play, to solve the problems in the Cloud network orchestration and applications security. We review key prior works in this intersection of SDN, NFV and Cloud computing domain. The OpenStack based Cloud deployment integrates SDN through its Neutron module, which has major practical limitations with respect to scalability, security and resiliency. Aiming at some critical problems and overall Cloud security, we postulate certain SDN scheme that can distribute its own Network Function (NF) agents across the dataplane and deploy applications across the control plane that centralizes the network management and orchestration. A novel security scheme for Cloud Networks “CloudSDN”, enabling SDN framework for Cloud security is proposed and implemented, addressing some well-known security issues in Cloud networks. We demonstrate the efficacy of the attack detection and mitigation system, under Distributed Denial of Service (DDoS) attacks on the Cloud infrastructure and on to downstream servers as well. We also present a comparative study with legacy security approaches and with classical SDN implementations. We also share our future perspectives on exploiting the myriad of features of SDN such as global view, distributed control, network abstractions, programmability and mitigating its security issues.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel A Comparative Study on Load Balancing Algorithms in Software Defined Networking

Nächstes Kapitel NB-FTBM Model for Entity Trust Evaluation in Vehicular Ad Hoc Network Security

Rubio-Loyola, J., et al.: Scalable service deployment on software-defined networks. IEEE Commun. Mag. 49(12), 84–93 (2011)CrossRef

Hu, F., Hao, Q., Bao, K.: A survey on software defined networking (SDN) and openflow: from concept to implementation. IEEE Commun. Surv. Tutorials 16(4), 2181–2206 (2014). vol. PP, no. 99, p. 1

Han, B., et al.: Network function virtualization: challenges and opportunities for innovations. IEEE Commun. Mag. 53(2), 90–97 (2015)CrossRef

Singh, A., Chatterjee, K.: Cloud security issues and challenges: a survey. J. Netw. Comput. Appl. 79, 88–115 (2017). https://doi.org/10.1016/j.jnca.2016.11.027

Singh, S., et al.: A survey on cloud computing security: issues, threats, and solutions. J. Netw. Comput. Appl. 75, 200–222 (2016)CrossRef

Kanagasabapathi, K., Deepak, S., Prakash, P.: A study on security issues in cloud computing. In: Suresh, L.P., Panigrahi, B.K. (eds.) Proceedings of the International Conference on Soft Computing Systems. AISC, vol. 398, pp. 167–175. Springer, New Delhi (2016). https://doi.org/10.1007/978-81-322-2674-1_17CrossRef

Scott-Hayward, S., O’Callaghan, G., Sezer, S.: SDN security: a survey. In: 2013 IEEE SDN for Future Networks and Services (SDN4FNS), pp. 1–7, November 2013

OpenStack. https://www.openstack.org/

Open Virtual Network Project. https://www.openvswitch.org/

10.

Son, J., Buyya, R.: A taxonomy of Software-Defined Networking (SDN)-enabled cloud computing. ACM Comput. Surv. (CSUR) 51(3) (2017). Article. 59, 36 Pages. https://doi.org/10.1145/3190617

11.

Banikazemi, M., et al.: Meridian: an SDN platform for cloud network services. IEEE Commun. Mag. 51(2), 120–127 (2013)CrossRef

12.

Du, X., Lv, Z., Wu, J., Wu, C., Chen, S.: PDSDN: a policy-driven SDN controller improving scheme for multi-tenant cloud datacenter environments. In: IEEE International Conference on Services Computing, pp. 387–394 (2016)

13.

Mayoral, A., et al.: SDN orchestration architectures and their integration with Cloud Computing applications. Opt. Switching Netw. 26, 2–13 (2017)CrossRef

14.

Giotis, K., et al.: Combining OpenFlow and sFlow for an effective and scalable anomaly detection and mitigation mechanism on SDN environments. Comput. Netw. 62(5), 122–136 (2014)

15.

Kumar, S., Kumar, T., Singh, G., Nehra, M.S.: Open flow switch with intrusion detection system. Int. J. Sci. Res. Eng. Technol. 1(7), 1–4 (2012)

16.

Jafarian, J.H., Al-Shaer, E., Duan, Q.: Openflow random host mutation: transparent moving target defense using software defined networking. In: The Workshop on Hot Topics in Software Defined Networks, pp. 127–132. ACM (2012)

17.

Zanna, P., O’Neill, B., Radcliffe, P., et al.: Adaptive threat management through the integration of IDS into software defined networks. In: Network of the Future, pp. 1–5. IEEE (2014)

18.

Xing, T., Xiong, Z., Huang, D., et al.: SDNIPS: enabling software-defined networking based intrusion prevention system in clouds. In: International Conference on Network and Service Management, pp. 308–311. IEEE (2014)

19.

Chi, Y., et al.: Design and implementation of cloud platform intrusion prevention system based on SDN. In: IEEE International Conference on Big Data Analysis, pp. 847–852 (2017)

20.

Shin, S., Gu, G.: Cloudwatcher: network security monitoring using openflow in dynamic cloud networks. In: 20th IEEE International Conference on Network Protocols, pp. 1–6 (2012)

21.

Yan, Q., et al.: Software-defined networking (SDN) and distributed denial of service (DDoS) attacks in cloud computing environments: a survey, some research issues, and challenges. IEEE Commun. Surv. Tutorials 18(1), 602–622 (2016)CrossRef

22.

Chowdhary, A., et al.: Dynamic game based security framework in SDN-enabled cloud networking environments. In: ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization (SDN-NFVSec 2017)

23.

Foresta, F., et al.: Improving OpenStack networking: advantages and performance of native SDN integration. In: 2018 IEEE International Conference on Communications (ICC) (2018)

24.

Yang, C.-T., et al.: Implementation of a real-time network traffic monitoring service with network functions virtualization. Future Gener. Comput. Syst. 93, 687–701 (2018). https://doi.org/10.1016/j.future.2018.08.050

25.

Krishnan, P., Najeem, J.S., Achuthan, K.: SDN framework for securing IoT networks. In: Kumar, N., Thakre, A. (eds.) UBICNET 2017. LNICST, vol. 218, pp. 116–129. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-73423-1_11CrossRef

Titel: CloudSDN: Enabling SDN Framework for Security and Threat Analytics in Cloud Networks
verfasst von: Prabhakar Krishnan
Krishnashree Achuthan
Verlag: Springer International Publishing
Buch: Ubiquitous Communications and Network Computing
Print ISBN: 978-3-030-20614-7

Electronic ISBN: 978-3-030-20615-4

Copyright-Jahr: 2019
DOI: https://doi.org/10.1007/978-3-030-20615-4_12

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner