Unprecedented Smart Algorithm for Uninterrupted SDN Services During DDoS Attack

In the design and planning of next-generation Internet of Things (IoT), telecommunication, and satellite communication systems, controller placement is crucial in software-defined networking (SDN). The programmability of the SDN controller is sophisticated for the centralized control system of the entire network. Nevertheless, it creates a significant loophole for the manifestation of a distributed denial of service (DDoS) attack straightforwardly. Furthermore, recently a Distributed Reflected Denial of Service (DRDoS) attack, an unusual DDoS attack, has been detected. However, minimal deliberation has given to this forthcoming single point of SDN infrastructure failure problem. Moreover, recently the high frequencies of DDoS attacks have increased dramatically. In this paper, a smart algorithm for planning SDN smart backup controllers under DDoS attack scenarios has proposed. Our proposed smart algorithm can recommend single or multiple smart backup controllers in the event of DDoS occurrence. The obtained simulated results demonstrate that the validation of the proposed algorithm and the performance analysis achieved 99.99% accuracy in placing the smart backup controller under DDoS attacks within 0.125 to 46508.7 s in SDN.     

Sea Turtle Foraging Optimization-Based Controller Placement with Blockchain-Assisted Intrusion Detection in Software-Defined Networks

Software-defined networking (SDN) algorithms are gaining increasing interest and are making networks flexible and agile. The basic idea of SDN is to move the control planes to more than one server’s named controllers and limit the data planes to numerous sending network components, enabling flexible and dynamic network management. A distinctive characteristic of SDN is that it can logically centralize the control plane by utilizing many physical controllers. The deployment of the controller—that is, the controller placement problem (CPP)—becomes a vital model challenge. Through the advancements of blockchain technology, data integrity between nodes can be enhanced with no requirement for a trusted third party. Using the latest developments in blockchain technology, this article designs a novel sea turtle foraging optimization algorithm for the controller placement problem (STFOA-CPP) with blockchain-based intrusion detection in an SDN environment. The major intention of the STFOA-CPP technique is the maximization of lifetime, network connectivity, and load balancing with the minimization of latency. In addition, the STFOA-CPP technique is based on the sea turtles’ food-searching characteristics of tracking the odour path of dimethyl sulphide (DMS) released from food sources. Moreover, the presented STFOA-CPP technique can adapt with the controller’s count mandated and the shift to controller mapping to variable network traffic. Finally, the blockchain can inspect the data integrity, determine significantly malicious input, and improve the robust nature of developing a trust relationship between several nodes in the SDN. To demonstrate the improved performance of the STFOA-CPP algorithm, a wide-ranging experimental analysis was carried out. The extensive comparison study highlighted the improved outcomes of the STFOA-CPP technique over other recent approaches.     

DDoS Detection in SDN using Machine Learning Techniques

Software-defined network (SDN) becomes a new revolutionary paradigm in networks because it provides more control and network operation over a network infrastructure. The SDN controller is considered as the operating system of the SDN based network infrastructure, and it is responsible for executing the different network applications and maintaining the network services and functionalities. Despite all its tremendous capabilities, the SDN face many security issues due to the complexity of the SDN architecture. Distributed denial of services (DDoS) is a common attack on SDN due to its centralized architecture, especially at the control layer of the SDN that has a network-wide impact. Machine learning is now widely used for fast detection of these attacks. In this paper, some important feature selection methods for machine learning on DDoS detection are evaluated. The selection of optimal features reflects the classification accuracy of the machine learning techniques and the performance of the SDN controller. A comparative analysis of feature selection and machine learning classifiers is also derived to detect SDN attacks. The experimental results show that the Random forest (RF) classifier trains the more accurate model with 99.97% accuracy using features subset by the Recursive feature elimination (RFE) method.     

Artificial Intelligence Based Reliable Load Balancing Framework in Software-Defined Networks

Software-defined networking (SDN) plays a critical role in transforming networking from traditional to intelligent networking. The increasing demand for services from cloud users has increased the load on the network. An efficient system must handle various loads and increasing needs representing the relationships and dependence of businesses on automated measurement systems and guarantee the quality of service (QoS). The multiple paths from source to destination give a scope to select an optimal path by maintaining an equilibrium of load using some best algorithms. Moreover, the requests need to be transferred to reliable network elements. To address SDN’s current and future challenges, there is a need to know how artificial intelligence (AI) optimization techniques can efficiently balance the load. This study aims to explore two artificial intelligence optimization techniques, namely Ant Colony Optimization (ACO) and Particle Swarm Optimization (PSO), used for load balancing in SDN. Further, we identified that a modification to the existing optimization technique could improve the performance by using a reliable link and node to form the path to reach the target node and improve load balancing. Finally, we propose a conceptual framework for SDN futurology by evaluating node and link reliability, which can balance the load efficiently and improve QoS in SDN.     

Measuring End-to-End Delay in Low Energy SDN IoT Platform

In this paper, we developed a new customizable low energy Software Defined Networking (SDN) based Internet of Things (IoT) platform that can be reconfigured according to the requirements of the target IoT applications. Technically, the platform consists of a set of low cost and energy efficient single-board computers, which are interconnected within a network with the software defined configuration. The proposed SDN switch is deployed on Raspberry Pi 3 board using Open vSwitch (OvS) software, while the Floodlight controller is deployed on the Orange Pi Prime board. We firstly presented and implemented the method for measuring a delay introduced by each component of the IoT infrastructure, ranging from the sensor, the core of SDN, the IoT broker, to an IoT subscriber. Thus, we presented the approach for estimating energy efficiency for SDN based IoT platform proportional to the traffic. The experiments carried out on a real SDN topology based on single-board computers show that our approach not only saves up to 53.56% of energy at low traffic intensity, but also provides QoS guarantee for IoT applications.     

HDLIDP: A Hybrid Deep Learning Intrusion Detection and Prevention Framework

Distributed denial-of-service (DDoS) attacks are designed to interrupt network services such as email servers and webpages in traditional computer networks. Furthermore, the enormous number of connected devices makes it difficult to operate such a network effectively. Software defined networks (SDN) are networks that are managed through a centralized control system, according to researchers. This controller is the brain of any SDN, composing the forwarding table of all data plane network switches. Despite the advantages of SDN controllers, DDoS attacks are easier to perpetrate than on traditional networks. Because the controller is a single point of failure, if it fails, the entire network will fail. This paper offers a Hybrid Deep Learning Intrusion Detection and Prevention (HDLIDP) framework, which blends signature-based and deep learning neural networks to detect and prevent intrusions. This framework improves detection accuracy while addressing all of the aforementioned problems. To validate the framework, experiments are done on both traditional and SDN datasets; the findings demonstrate a significant improvement in classification accuracy.     

Automated Controller Placement for Software-Defined Networks to Resist DDoS Attacks

In software-defined networks (SDNs), controller placement is a critical factor in the design and planning for the future Internet of Things (IoT), telecommunication, and satellite communication systems. Existing research has concentrated largely on factors such as reliability, latency, controller capacity, propagation delay, and energy consumption. However, SDNs are vulnerable to distributed denial of service (DDoS) attacks that interfere with legitimate use of the network. The ever-increasing frequency of DDoS attacks has made it necessary to consider them in network design, especially in critical applications such as military, health care, and financial services networks requiring high availability. We propose a mathematical model for planning the deployment of SDN smart backup controllers (SBCs) to preserve service in the presence of DDoS attacks. Given a number of input parameters, our model has two distinct capabilities. First, it determines the optimal number of primary controllers to place at specific locations or nodes under normal operating conditions. Second, it recommends an optimal number of smart backup controllers for use with different levels of DDoS attacks. The goal of the model is to improve resistance to DDoS attacks while optimizing the overall cost based on the parameters. Our simulated results demonstrate that the model is useful in planning for SDN reliability in the presence of DDoS attacks while managing the overall cost.     

An IoT Environment Based Framework for Intelligent Intrusion Detection

Software-defined networking (SDN) represents a paradigm shift in network traffic management. It distinguishes between the data and control planes. APIs are then used to communicate between these planes. The controller is central to the management of an SDN network and is subject to security concerns. This research shows how a deep learning algorithm can detect intrusions in SDN-based IoT networks. Overfitting, low accuracy, and efficient feature selection is all discussed. We propose a hybrid machine learning-based approach based on Random Forest and Long Short-Term Memory (LSTM). In this study, a new dataset based specifically on Software Defined Networks is used in SDN. To obtain the best and most relevant features, a feature selection technique is used. Several experiments have revealed that the proposed solution is a superior method for detecting flow-based anomalies. The performance of our proposed model is also measured in terms of accuracy, recall, and precision. F1 rating and detection time Furthermore, a lightweight model for training is proposed, which selects fewer features while maintaining the model’s performance. Experiments show that the adopted methodology outperforms existing models.     

实现PACS持续可用性的思路探讨与实施方案研究

目的解决PACS临床应用中PACS持续可用性的方案探讨。方法构建三重模块冗余配置的持续可用性影像服务器,通过其中的TMR表决器实现服务器核心的失效备援,由具有失效备援功能的SCSI接口分别连接镜像硬盘、RAID控制器和DLT控制器以形成CA影像服务器的完整系统架构,再用CA影像服务器取代PACS中可能的单一故障点（single point of failure,SPOF）组件。结果使整个PACS具有了99．999％的最高系统可用性比率。结论TMR类CA影像服务器的诸多优势,使其非常适宜于大型医学影像网络和数据库的应用。     

Kernel Search-Framework for Dynamic Controller Placement in Software-Defined Network

In software-defined networking (SDN) networks, unlike traditional networks, the control plane is located separately in a device or program. One of the most critical problems in these networks is a controller placement problem, which has a significant impact on the network’s overall performance. This paper attempts to provide a solution to this problem aiming to reduce the operational cost of the network and improve their survivability and load balancing. The researchers have proposed a suitable framework called kernel search introducing integer programming formulations to address the controller placement problem. It demonstrates through careful computational studies that the formulations can design networks with much less installation cost while accepting a general connected topology among controllers and user-defined survivability parameters. The researchers used the proposed framework on six different topologies then analyzed and compared with Iterated Local Search (ILS) and Expansion model for the controller placement problem (EMCPP) along with considering several evaluation criteria. The results show that the proposed framework outperforms the ILS and EMCPP. Thus, the proposed framework has a 38.53% and 38.02% improvement in reducing network implementation costs than EMCPP and ILS, respectively.     

A Safe and Reliable Routing Mechanism of LEO Satellite Based on SDN

Satellite networks have high requirements for security and data processing speed. In order to improve the reliability of the network, software-defined network (SDN) technology is introduced and a central controller is set in the network. Due to the characteristics of global perspective, control data separation, and centralized control of SDN, the idea of SDN is introduced to the design of the satellite network model. As a result, satellite nodes are only responsible for data transmission, while the maintenance of the links and the calculation of routes are implemented by the controller. For the massive LEO satellite network based on SDN, a state evaluation decision routing mechanism is proposed. The designed mechanism monitors the status of the entire network effectively and reduces the on-board load on the satellite network. The best routing decision is made under the comprehensive consideration of the current and historical status of each intersatellite link between Low Earth Orbit (LEO) satellite network nodes. The calculation and storage requirements are controlled within a reasonable range. Based on the curve parameter transmission fuzzy encryption algorithm, a safe and reliable condition assessment decision routing mechanism (CADRM) is designed. It ensures that the personal information of the LEO satellite network can be transmitted safely and effectively. The experimental simulation results show the improvement of network throughput, the reduction of packet loss rate and the enhancing of network reliability.     

Controller Placement in Software Defined Internet of Things Using Optimization Algorithm

The current and future status of the internet is represented by the upcoming Internet of Things (IoT). The internet can connect the huge amount of data, which contains lot of processing operations and efforts to transfer the pieces of information. The emerging IoT technology in which the smart ecosystem is enabled by the physical object fixed with software electronics, sensors and network connectivity. Nowadays, there are two trending technologies that take the platform i.e., Software Defined Network (SDN) and IoT (SD-IoT). The main aim of the IoT network is to connect and organize different objects with the internet, which is managed with the control panel and data panel in the SD network. The main issue and the challenging factors in this network are the increase in the delay and latency problem between the controllers. It is more significant for wide area networks, because of the large packet propagation latency and the controller placement problem is more important in every network. In the proposed work, IoT is implementing with adaptive fuzzy controller placement using the enhanced sunflower optimization (ESFO) algorithm and Pareto Optimal Controller placement tool (POCO) for the placement problem of the controller. In order to prove the efficiency of the proposed system, it is compared with other existing methods like PASIN, hybrid SD and PSO in terms of load balance, reduced number of controllers and average latency and delay. With 2 controllers, the proposed method obtains 400 miles as average latency, which is 22.2% smaller than PSO, 76.9% lesser than hybrid SD and 91.89% lesser than PASIN.     

WiMA: Towards a Multi-Criterion Association in Software Defined Wi-Fi Networks

Despite the planned installation and operations of the traditional IEEE 802.11 networks, they still experience degraded performance due to the number of inefficiencies. One of the main reasons is the received signal strength indicator (RSSI) association problem, in which the user remains connected to the access point (AP) unless the RSSI becomes too weak. In this paper, we propose a multi-criterion association (WiMA) scheme based on software defined networking (SDN) in Wi-Fi networks. An association solution based on multi-criterion such as AP load, RSSI, and channel occupancy is proposed to satisfy the quality of service (QoS). SDN having an overall view of the network takes the association and reassociation decisions making the handoffs smooth in throughput performance. To implement WiMA extensive simulations runs are carried out on Mininet-NS3-Wi-Fi network simulator. The performance evaluation shows that the WiMA significantly reduces the average number of retransmissions by 5%–30% and enhances the throughput by 20%–50%, hence maintaining user fairness and accommodating more wireless devices and traffic load in the network, when compared to traditional client-driven (CD) approach and state of the art Wi-Balance approach.     

网络分析法(ANP)及其在供应商选择中的应用

解释了网络分析法(ANP)的原理,总结、精练出网络分析法的8个操作步骤,指出了网络分析法与层次分析法(AHP)的异同.在合理选择供应商评价准则的基础上,运用ANP方法构建了供应商选择的依存、反馈网络,克服了传统AHP方法中因假设元素间相互独立而偏离实际的缺陷.以本文的评价方法进行供应商选择将更为实际.     

Intelligent Transmission Control for Efficient Operations in SDN

Although the Software-Defined Network (SDN) is a well-controlled and efficient network but the complexity of open flow switches in SDN causes multiple issues. Many solutions have been proposed so far for the prevention of errors and mistakes in it but yet, there is still no smooth transmission of pockets from source to destination specifically when irregular movements follow the destination host in SDN, the errors include packet loss, data compromise etc. The accuracy of packets received at their desired destination is possible if networks for pockets and hosts are monitored instead of analysis of network snapshot statistically for the state, as these approaches with open flow switches, discover bugs after their occurrence. This article proposes a design to achieve the said objective by defining the Intelligent Transmission Control Layer (ITCL) layer. It monitors all the connections of end hosts at their specific locations and performs necessary settlements when the connection state changes for one or multiple hosts. The layer informs the controller regarding any state change at one period and controller collects information of end nodes reported via ITCL. Then, updates flow tables accordingly to accommodate a location-change scenario with a route-change policy. ICTL is organized on prototype-based implementation using the popular POX platform. In this paper, it has been discovered that ITCL produces efficient performance in the trafficking of packets and controlling different states of SDN for errors and packet loss.     

空调系统神经模糊控制器-仿真和优化

以恒温空调系统为控制对象，对神经模糊控制器、常规模糊控制器和PID控制器进行了数字仿真，并用单纯形法对控制比例因子进行了参数寻优，获得了最优参数和动态响应曲线；通过对神经模糊控制器的优化学习，大大提高了神经模糊控制器的控制精度和稳定性，其性能优于最优化的PID控制器和最优化的常规模糊控制器，能有效地满足温度控制要求，并具有较好的鲁棒性；由于神经模糊控制器具有模糊控制和神经网络的智能，经过优化学习后，它具有艮好的控制性能和自适应能力。     

Probe Attack Detection Using an Improved Intrusion Detection System

The novel Software Defined Networking (SDN) architecture potentially resolves specific challenges arising from rapid internet growth of and the static nature of conventional networks to manage organizational business requirements with distinctive features. Nevertheless, such benefits lead to a more adverse environment entailing network breakdown, systems paralysis, and online banking fraudulence and robbery. As one of the most common and dangerous threats in SDN, probe attack occurs when the attacker scans SDN devices to collect the necessary knowledge on system susceptibilities, which is then manipulated to undermine the entire system. Precision, high performance, and real-time systems prove pivotal in successful goal attainment through feature selection to minimize computation time, optimize prediction performance, and provide a holistic understanding of machine learning data. As the extension of astute machine learning algorithms into an Intrusion Detection System (IDS) through SDN has garnered much scholarly attention within the past decade, this study recommended an effective IDS under the Grey-wolf optimizer (GWO) and Light Gradient Boosting Machine (LightGBM) classifier for probe attack identification. The InSDN dataset was employed to train and test the proposed IDS, which is deemed to be a novel benchmarking dataset in SDN. The proposed IDS assessment demonstrated an optimized performance against that of peer IDSs in probe attack detection within SDN. The results revealed that the proposed IDS outperforms the state-of-the-art IDSs, as it achieved 99.8% accuracy, 99.7% recall, 99.99% precision, and 99.8% F-measure.     

Energy Efficient Ambience Awake Routing with OpenFlow Approach

A major problem in networking has always been energy consumption. Battery life is one parameter which could help improve Energy Efficiency. Existing research on wireless networking stresses on reducing signaling messages or time required for data transfer for addressing energy consumption issues. Routing or Forwarding packets in a network between the network elements like routers, switches, wireless access points, etc., is complex in conventional networks. With the advent of Software Defined Networking (SDN) for 5G network architectures, the distributed networking has embarked onto centralized networking, wherein the SDN Controller is responsible for decision making. The controller pushes its decision onto the network elements with the help of a control plane protocol termed OpenFlow. Decentralized networks have been largely in use because of their ease in physical and logically setting the administrative hierarchies. The centralized controller deals with the policy funding and the protocols used for routing procedures are designated by the decentralized controller. Ambience Awake is a location centered routing protocol deployed in the 5G network architecture with OpenFlow model. The Ambience Awake mechanism relies on the power consumption of the network elements during the packet transmission for unicast and multicast scenarios. The signalling load and the routing overhead witnessed an improvement of 30% during the routing procedure. The proposed routing mechanism run on the top of the decentralized SDN controller proves to be 19.59% more efficient than the existing routing solutions.     

A Multivariate EWMA Controller for Linear Dynamic Processes

Most research of run-to-run process control has been based on single-input and single-output processes with static input–output relationships. In practice, many complicated semiconductor manufacturing processes have multiple-input and multiple-output (MIMO) variables. In addition, the effects of previous process input recipes and output responses on the current outputs might be carried over for several process periods. Under these circumstances, using conventional controllers usually results in unsatisfactory performance. To overcome this, a complicated process could be viewed as dynamic MIMO systems with added general process disturbance and this article proposes a dynamic-process multivariate exponentially weighted moving average (MEWMA) controller to adjust those processes. The long-term stability conditions of the proposed controller are derived analytically. Furthermore, by minimizing the total mean square error (TMSE) of the process outputs, the optimal discount matrix of the proposed controller under vector IMA(1,?1) disturbance is derived. Finally, to highlight the contribution of the proposed controller, we also conduct a comprehensive simulation study to compare the control performance of the proposed controller with that of the single MEWMA and self-tuning controllers. On average, the results demonstrate that the proposed controller outperforms the other two controllers with a TMSE reduction about 32% and 43%, respectively.     

支持QoS管理的下一代互联网网络管理流程

根据下一代互联网IP业务的灵活、动态管理和新业务扩展的需求,深入剖析了支持QoS管理的下一代互联网网络管理流程,给出了一个描述业务管理、网络管理与实际物理网络之间关系的分层透视模型,在此基础上提出了一套可行的IP业务QoS管理流程,并以IP-VPN业务的客户投诉应用场景为例分析了网络管理流程的实现.分析结果表明,该分层的QoS管理流程能够实现下一代互联网IP业务的业务流程自动化、业务管理灵活性和动态性,能够适应新业务的可扩展性和对业务的有效管理.