Fig 4 - uploaded by Vandana cp
Content may be subject to copyright.
SDN Segment and security mechanism Each controller of each segment exchanges their security rules. SDN controllers now behave as security guards on the edge of the network segment. An SDN controller provisions safety connections between segments and accepts only authorized traffic. When a node wants to communicate with another node of another segment, the flow has to be forwarded to the SDN Controller, also called the Gateway Controller. The Gateway controller sends request to each of its neighbor Gateway controller to check if it knows the destination address of this data. Only services authorized by controller can be used for endpoint devices. For example, a File Transfer channel has to be established by one device to another. So device will request its SDN
Source publication
Context in source publication
Similar publications
Citations
... They investigated and equated various existing solutions on SDN based on the IoT. Another secure SDN-based IoT structure is depicted in 133 proposed the Middlebox arrangement and flow table capacity constraints for SDN. They also manifested the experimental results that the suggested M-G model can improve the overall IoT network safety and perceptual constancy. ...
As an emerging technology, Blockchain (BC) has been playing a promising role in today's Software Defined-Networking (SDN)-enabled Internet of Things (IoT) applications. Because of the salient feature of the Network Function Virtualization (NFV) techniques, SDN can ensure an IoT system runs efficiently and smoothly in a cloud-driven ecosystem. When cloud-enabled systems encounter immense security and operational challenges caused mainly by third-party dependency, large-scale data communication, and maintenance, BC offers effective and robust data transfer solutions without incorporating intermediaries over the distributed network. With the increased SDN-BC convergence in the IoT domain, the underlying challenges and perspectives deserve proper attention methodically and structurally. From the motivation of addressing such issues, this study provides necessary insights to combine those for successful plug-and-play. Therefore, the study includes purposefully investigating current state-of-the-art to extract the research trends, future directions, and perspectives in this domain. This study provides a comprehensive survey of IoT, SDN, NFV, and BC-enabled emerging technologies. More importantly, the authors intelligently integrated the four different technologies-IoT, SDN, BC, and NFV based on characteristics, scopes, challenges, taxonomies, and tables in numerous areas. Initially , the authors introduce the SDN-IoT ecosystem in brief and address the features and applications. We took a close look at the SDN's overall taxonomy based on security , environment, scopes, and challenges. We also briefly describe the integration of SDN-IoT with the NFV ecosystems. Moreover, we review the prospect of BC technology from security perspectives, its extent, challenges of practical implementation, and the possible integration of IoT regarding smart applications. Finally, this study highlights several future directions based on these technologies.
... Software-defined networking (SDN) is an interesting paradigm that can be used to enhance and manage various security aspects in modern networks such as Internet of Things (IoTs) environments. For instance, to provide better system security, it is necessary to permit the use of resources only among authorized users [4]. This limits the possibility that third-party users get control over the system and lowers the frequency of attacks [5]. ...
Blockchain (BC) and Software-Defined Networking (SDN) are leading technologies which have recently found applications in several network-related scenarios and have consequently experienced a growing interest in the research community. Indeed, current networks connect a massive number of objects over the Internet and in this complex scenario , to ensure security, privacy, confidentiality, and programmability, the utilization of BC and SDN have been successfully proposed. In this work, we provide a comprehensive survey regarding these two recent research trends and review the related state-of-the-art literature. We first describe the main features of each technology and discuss their most common and used variants. Furthermore, we envision the integration of such technologies to jointly take advantage of these latter efficiently. Indeed , we consider their group-wise utilization-named BC-SDN-based on the need for stronger security and privacy. Additionally, we cover the application fields of these technologies both individually and combined. Finally, we discuss the open issues of reviewed research and describe potential directions for future avenues regarding the integration of BC and SDN. To summarize, the contribution of the present survey spans from an overview of the literature background on BC and SDN to the discussion of the benefits and limitations of BC-SDN integration in different fields, which also raises open challenges and possible future avenues examined herein. To the best of our knowledge, compared to existing surveys, this is the first work that analyzes the aforementioned aspects in light of a broad BC-SDN integration, with a specific focus on security and privacy issues in actual utilization scenarios.
... Software-Defined Networking is an interesting paradigm that can be used to enhance and manage various security aspects in modern networks such as Internet of Things (IoT) environments. For instance, to provide better system security, it is necessary to permit the use of resources only among authorized users [4]. This limits the possibility that third-party users get control over the system and lowers the frequency of attacks [5]. ...
Blockchain (BC) and Software-Defined Networking (SDN) are leading technologies which have recently found applications in several network-related scenarios and have consequently experienced a growing interest in the research community. Indeed, current networks connect a massive number of objects over the Internet and in this complex scenario, to ensure security, privacy, confidentiality, and programmability, the utilization of BC and SDN have been successfully proposed. In this work, we provide a comprehensive survey regarding these two recent research trends and review the related state-of-the-art literature. We first describe the main features of each technology and discuss their most common and used variants. Furthermore, we envision the integration of such technologies to jointly take advantage of these latter efficiently. Indeed, we consider their group-wise utilization -- named BC-SDN -- based on the need for stronger security and privacy. Additionally, we cover the application fields of these technologies both individually and combined. Finally, we discuss the open issues of reviewed research and describe potential directions for future avenues regarding the integration of BC and SDN. To summarize, the contribution of the present survey spans from an overview of the literature background on BC and SDN to the discussion of the benefits and limitations of BC-SDN integration in different fields, which also raises open challenges and possible future avenues examined herein. To the best of our knowledge, compared to existing surveys, this is the first work that analyzes the aforementioned aspects in light of a broad BC-SDN integration, with a specific focus on security and privacy issues in actual utilization scenarios.
... The review [15] discusses the current situation of IoT with the assurance challenges like identification of object, protection and respectability, verification and approval and malware in IoT. Software defined network idea along with IoT design is examined. ...
IoT Security is that the realm of endeavor concerned with safeguarding connected devices and networks with within the internet of things (IoT). IoT is a forthcoming innovation that produces utilization of web to control/screen electronic, mechanical gadgets, automobiles and other physical gadgets associated by means of networking. Reliability of such intricate diversified networks and their access protocols is additionally a real challenge which leads to security risk. Combination of Software Defined Networking with IoT can lead the way for better security and access control mechanisms. SDN could even be an intelligent networking paradigm which reveals vast opportunities to manage and secure IoT. The SDN approach focuses on the programmability for all network elements. Thus SDN based IoT architecture is often employed to workout security framework.
... But, these architectures are designed without security arrangements. To facilitate secure data communication, the authors [50] presented software-defined networking (SDN)-based centarlized architecture of Internet of Things (IoT). However, the centralized architecture suffers from single point of failure. ...
... The authors [33] presented SDN-based data transfer security model middle box-guard (M-G) to manage the data flow with defined security policies. The authors [19] improved [50] by presenting distributed architecture as Black SDN-IoT for smart city. The architecture integrates the network function virtualization (NFV) for monitoring the traffic data flow. ...
... The architecture integrates the network function virtualization (NFV) for monitoring the traffic data flow. However, the main focus in [3,19,31,33,50] was on the network layer and traffic security. To detect the intrusion into the system, the authors [16,25,32,38,56] presented the intrusion detection system-based CPS security frameworks. ...
In this work, we propose a multi-tier architectural model to separate functionality and security concerns for distributed cyber-physical systems. On the line of distributed computing, such systems require the identification of leaders for distribution of work, aggregation of results, etc. Further, we propose a fault-tolerant leader election algorithm that can independently elect the functionality and security leaders. The proposed election algorithm identifies a list of potential leader capable nodes to reduce the leader election overhead. It keeps identifying the highest potential node as the leader, whenever needed, including the situation when one has failed. We also explain the proposed architecture and its management method through a case study. Further, we perform several experiments to evaluate the system performance. The experimental results show that the proposed architectural model improves the system performance in terms of latency, average response time, and the number of real-time tasks completed within the deadline.
... Authors of the paper "Security improvement in IoT based on Software Defined Networking (SDN)" [14] in the service of improving security, and due to the fact that not all IoT sensors can be SDN eligible, introduces the term IoT agents and IoT controllers who need to connect SDN-incompatible resources with IoT devices that they did. ...
... They have analyzed and compared various existing solutions on SDN.ned Networking (SDN) based on Internet of Things (IoT). The authors have been concentrated on developing an architecture to admit several types of networks like wired, wireless, sensor networks and also enhancing their security while all these domains are interrelated.Another secure SDN based IoT structure have depicted in[87]. Vandan et al. have aimed at a security-based framework for IoT ecosystem applying SDN. ...
While Internet of Things (IoT) sensors are running for services to transfer and maintain the data, they faced some challenges due to the rise of security, privacy, and transparency. In this regard, the distributed ledger or Blockchain can help by transparently bridging two or multiple untrusted parties. In this research, an architecture for a smart building, including a control system and automatic approaches (smart fan, lighting, switches, etc.), has been proposed. An efficient cluster head selection algorithm proposed to select the desired cluster head with the consideration of low energy consumption and fast head selection. An excellent combination of IoT forwarding devices and Software Defined Networking (SDN) technology has been provided along with it. The main contribution of the paper is to propose a "DistBlockBuilding" architecture to maintain the data transfer from one surface to another surface securely and safely. Besides, the Blockchain technology performed for transferring data within the smart building. Finally, the performances of IoT-SDN based secured networks have been evaluated.
... Each node sends the request to the local controller, which forwards the destination gateway controller's request to check the requested node's flow. If it knows the node's destination address, then two different segments' endpoint devices communicate with the other [25]. ...
The Internet of things (IoT) introduces emerging applications (i.e., smart homes, smart cities, smart health, and smart gird) that assist the traditional infrastructure environments to be connected with smart objects. Things are connected with the Internet and numerous new IoT devices are developing at a rapid pace. As these smart objects are connected and able to communicate with each other in unprotected environments; therefore, the whole communication ecosystem requires security solutions at different levels. IoT technology possesses unique characteristics with various resource constraints and heterogeneous network protocol requirements, unlike traditional networks. The attacker exploits numerous security vulnerabilities of an IoT infrastructure, to generate a DDoS attack. The increase in DDoS attacks has made it important to address the consequences which imply in the IoT industry. This research proposes an SD-IoT based framework that provides security services to the IoT network. We developed a C-DAD (Counter-based DDoS Attack Detection) application that is based on counter values of different network parameters, which helps to detect DDoS attack successfully. C-DAD is a dynamic and programmable solution, and is deeply tested with different network parameters. The algorithm demonstrates a good performance with better results through SDN. Moreover, the proposed framework detects the attack efficiently in a minimum amount of time and with lesser consumption of CPU and memory resources.
... ings can also be virtual objects like objects in object-oriented programming, processes, database, and other related entities found in the computer science world [1]. ...
Internet of Things (IoT) can simply be defined as an extension of the current Internet system. It extends the human to human interconnection and intercommunication scenario of the Internet by including things, to bring anytime, anywhere, and anything communication. A discipline in networking evolving in parallel with IoT is Software Defined Networking (SDN). It is an important technology that is aimed to solve the different problems existing in the traditional network systems. It provides a new convenient home to address the different challenges existing in different network-based systems including IoT. One important security challenge prevailing in such SDN-based IoT (SDIoT) systems is guarantying service availability. The ever-increasing denial of service (DoS) attacks are responsible for such service denials. A centralized signature-based intrusion detection system (IDS) is proposed and developed in this work. Random Forest (RF) classifier is used for training the model. A very popular and recent benchmark dataset, CICIDS2017, has been used for training and validating the machine learning (ML) models. An accuracy result of 99.968% has been achieved by using only 12 features on Wednesday’s release of the dataset. This result is higher than the achieved accuracy results of related works considering the original CICIDS2017 dataset. A maximum cross-validated accuracy result of 99.713% has been achieved on the same release of the dataset. These developed models meet the basic requirement of a supervised IDS system developed for smart environments and can effectively be used in different IoT service scenarios.
... Thirdly, the visibility of network resources and management of the network is simplified based on user, device, and application-specific requirements; therefore, the visibility for network resources and simplification concerning these aspects can be done with the indication of SDN in IoT. Lastly, intelligent traffic pattern analysis and coordinated decisions are done with the help of SDN IoT [12]. In SDN technology, more intelligence is proved in the network and improves the efficiency of the network. ...
Since the worldwide Internet of Things (IoT) in smart cities is becoming increasingly popular among consumers and the business community, network traffic management is a crucial issue for optimizing the IoT ’s performance in smart cities. Multiple controllers on a immense scale implement in Software Defined Networks (SDN) in integration with Internet of Things (IoT) as an emerging paradigm enhances the scalability, security, privacy, and flexibility of the centralized control plane for smart city applications. The distributed multiple controller implementation model in SDN-IoT cannot conform to the dramatic developments in network traffic which results in a load disparity between controllers, leading to higher packet drop rate, high response time, and other problems with network performance deterioration. This paper lays the foundation on the multiple distributed controller load balancing (MDCLB) algorithm on an immense-scale SDN-IoT for smart cities. A smart city is a residential street that uses information and communication technology (ICT) and the Internet of Things (IoT) to improve its citizens’ quality of living. Researchers then propose the algorithm on the unbalancing of the load using the multiple controllers based on the parameter CPU Utilization in centralized control plane. The experimental results analysis is performed on the emulator named as mininet and validated the results in ryu controller over dynamic load balancing based on Nash bargaining, efficient switch migration load balancing algorithm, efficiency aware load balancing algorithm, and proposed algorithm (MDCLB) algorithm are executed and analyzed based on the parameter CPU Utilization which ensures that the Utilization of CPU with load balancing is 20% better than the Utilization of CPU without load balancing.
