Double layer controller for distributed software defined network in mitigating cyber attacks

Many traditional network encryption models are ill-suited for integration within Software Defined Networks (SDNs) due to their detachment from the control plane and their distinct programmable attributes. An SDN, functioning as a software component on a server, furnishes essential resources and inte...

Full description

Bibliographic Details
Published in:AIP Conference Proceedings
Main Author: Wong M.Y.; Yaakob N.; Beson M.R.C.; Ahmad R.B.; Md Enzai N.I.
Format: Conference paper
Language:English
Published: American Institute of Physics Inc. 2024
Online Access:https://www.scopus.com/inward/record.uri?eid=2-s2.0-85185794814&doi=10.1063%2f5.0194611&partnerID=40&md5=e18882887b10cfdd5322179e919f7242
id 2-s2.0-85185794814
spelling 2-s2.0-85185794814
Wong M.Y.; Yaakob N.; Beson M.R.C.; Ahmad R.B.; Md Enzai N.I.
Double layer controller for distributed software defined network in mitigating cyber attacks
2024
AIP Conference Proceedings
2898
1
10.1063/5.0194611
https://www.scopus.com/inward/record.uri?eid=2-s2.0-85185794814&doi=10.1063%2f5.0194611&partnerID=40&md5=e18882887b10cfdd5322179e919f7242
Many traditional network encryption models are ill-suited for integration within Software Defined Networks (SDNs) due to their detachment from the control plane and their distinct programmable attributes. An SDN, functioning as a software component on a server, furnishes essential resources and intelligence for managing data plane programming within a network context. However, the adoption of SDNs brings forth challenges, such as concerns regarding scalability and reliability within centralized architectures. To counter these, the control plane's physical decentralization is contemplated, though this approach introduces its own set of complexities. This paper introduces a novel solution in the form of a double layer controller aimed at enhancing SDN security. The approach encompasses performance assessment metrics like packet loss, latency, bit rate, and network congestion. Notably, vulnerabilities arise from the potential remote manipulation of switch configurations to connect with an OpenFlow-capable controller. Acknowledging the limitations of existing methods, especially their inability to accommodate large-scale networks, the proposed technique leverages a double layer controller and employs multi-flow state dynamics to gather core network status information before conveying it to users. This approach not only enhances resilience and dependability compared to prior methodologies but also triggers alerts in response to unhealthy network metrics, thereby elevating accuracy and fortifying network security. © 2024 Author(s).
American Institute of Physics Inc.
0094243X
English
Conference paper
All Open Access; Bronze Open Access
author Wong M.Y.; Yaakob N.; Beson M.R.C.; Ahmad R.B.; Md Enzai N.I.
spellingShingle Wong M.Y.; Yaakob N.; Beson M.R.C.; Ahmad R.B.; Md Enzai N.I.
Double layer controller for distributed software defined network in mitigating cyber attacks
author_facet Wong M.Y.; Yaakob N.; Beson M.R.C.; Ahmad R.B.; Md Enzai N.I.
author_sort Wong M.Y.; Yaakob N.; Beson M.R.C.; Ahmad R.B.; Md Enzai N.I.
title Double layer controller for distributed software defined network in mitigating cyber attacks
title_short Double layer controller for distributed software defined network in mitigating cyber attacks
title_full Double layer controller for distributed software defined network in mitigating cyber attacks
title_fullStr Double layer controller for distributed software defined network in mitigating cyber attacks
title_full_unstemmed Double layer controller for distributed software defined network in mitigating cyber attacks
title_sort Double layer controller for distributed software defined network in mitigating cyber attacks
publishDate 2024
container_title AIP Conference Proceedings
container_volume 2898
container_issue 1
doi_str_mv 10.1063/5.0194611
url https://www.scopus.com/inward/record.uri?eid=2-s2.0-85185794814&doi=10.1063%2f5.0194611&partnerID=40&md5=e18882887b10cfdd5322179e919f7242
description Many traditional network encryption models are ill-suited for integration within Software Defined Networks (SDNs) due to their detachment from the control plane and their distinct programmable attributes. An SDN, functioning as a software component on a server, furnishes essential resources and intelligence for managing data plane programming within a network context. However, the adoption of SDNs brings forth challenges, such as concerns regarding scalability and reliability within centralized architectures. To counter these, the control plane's physical decentralization is contemplated, though this approach introduces its own set of complexities. This paper introduces a novel solution in the form of a double layer controller aimed at enhancing SDN security. The approach encompasses performance assessment metrics like packet loss, latency, bit rate, and network congestion. Notably, vulnerabilities arise from the potential remote manipulation of switch configurations to connect with an OpenFlow-capable controller. Acknowledging the limitations of existing methods, especially their inability to accommodate large-scale networks, the proposed technique leverages a double layer controller and employs multi-flow state dynamics to gather core network status information before conveying it to users. This approach not only enhances resilience and dependability compared to prior methodologies but also triggers alerts in response to unhealthy network metrics, thereby elevating accuracy and fortifying network security. © 2024 Author(s).
publisher American Institute of Physics Inc.
issn 0094243X
language English
format Conference paper
accesstype All Open Access; Bronze Open Access
record_format scopus
collection Scopus
_version_ 1809677883619147776