Browsing by Subject "OpenFlow"

Now showing 1 - 2 of 2
  • Thumbnail Image
    Item
    Leveraging proxy mobile IPv6 with SDN
    (IEEE, 2016-09) Raza, Syed M.; Kim, Dongsoo S.; Shin, DongRyeol; Choo, Hyunseung; Department of Electrical and Computer Engineering, School of Engineering and Technology
    The existing Proxy Mobile IPv6 suffers from a long handover latency which in turn causes significant packet loss that is unacceptable for seamless realtime services such as multimedia streaming. This paper proposes an OpenFlow-enabled proxy mobile IPv6 (OF-PMIPv6) in which the control of access gateways is centralized at an OpenFlow controller of a foreign network. The proposed OF-PMIPv6 separates the control path from the data path by performing the mobility control at the controller, whereas the data path remains direct between a mobile access gateway and a local mobility anchor in an IP tunnel form. A group of simple OpenFlow-enabled access gateways performs link-layer control and monitoring activities to support a comprehensive mobility of mobile nodes, and communicates with the controller through the standard OpenFlow protocol. The controller performs networklayer mobility control on behalf of mobile access gateways and communicates with the local mobility anchor in the Proxy Mobile IPv6 domain. Benefiting from the centralized view and information, the controller caches the authentication and configuration information and reuses it to significantly reduce the handover latency. An analytical analysis of the proposed OF-PMIPv6 reactive and proactive handover schemes shows 43% and 121% reduction in the handover latency, respectively, for highly utilized network. The results gathered from the OF-PMIPv6 testbed suggest similar performance improvements.
  • Thumbnail Image
    Item
    Network AIS-based DDoS attack detection in SDN environments with NS-3
    (2017-07-21) Jevtic, Stefan G.; Kim, Dongsoo; King, Brian; Luo, Xiao
    With the ever increasing connectivity of and dependency on modern computing systems, our civilization is becoming ever more susceptible to cyberattack. To combat this, identifying and disrupting malicious traffic without human intervention becomes essential to protecting our most important systems. To accomplish this, three main tasks for an effective intrusion detection system have been identified: monitor network traffic, categorize and identify anomalous behavior in near real time, and take appropriate action against the identified threat. This system leverages distributed SDN architecture and the principles of Artificial Immune Systems and Self-Organizing Maps to build a network-based intrusion detection system capable of detecting and terminating DDoS attacks in progress.