Towards Effective Intrusion Detection in OpenFlow-Based SDN Architectures

Authors

  • Dylan Da Costa  Department of Computer Science, New Jersey Institute of Technology, USA
  • Omkar Pradip Naik  Department of Computer Science, New Jersey Institute of Technology, USA
  • Omkar Randeep Pawar  Department of Computer Science, New Jersey Institute of Technology, USA

DOI:

https://doi.org/10.32628/CSEIT2390631

Keywords:

OpenFlow, SDN, IDS, Intrusion Detection System, Software-Defined Networking, IP, TCP, Mininet, RYU

Abstract

This research article develops and assesses a thorough intrusion detection system (IDS) to investigate improvements in security inside Software-Defined Networking (SDN) environments. With an emphasis on packet-level analysis for the detection and mitigation of possible network intrusions, the study explores the integration of IDS features into SDN controllers. The suggested IDS is simulated and empirically assessed in a variety of network circumstances, such as traffic fluctuations, delay changes, and increased iperf scenarios, using a Mininet-based framework. The research advances our understanding of efficient intrusion detection techniques inside the SDN paradigm by providing insights into security issues and possible solutions for upcoming SDN deployments.

References

  1. J. Miguel-Alonso, "A Research Review of OpenFlow for Datacenter Networking," in IEEE Access, vol. 11, pp. 770-786, 2023, doi: 10.1109/ACCESS.2022.3233466.
  2. Porras, P., Shin, S., Yegneswaran, V., Fong, M., Tyson, M., & Gu, G. (2012, August 13). A security enforcement kernel for OpenFlow networks. https://doi.org/10.1145/2342441.2342466
  3. McKeown, N., Anderson, T., Balakrishnan, H., Parulkar, G., Peterson, L. L., Rexford, J., Shenker, S., & Turner, J. S. (2008, March 31). OpenFlow. Computer Communication Review. https://doi.org/10.1145/1355734.1355746
  4. Bhardwaj, S., & Panda, S. N. (2021, August 16). Performance Evaluation Using RYU SDN Controller in Software-Defined Networking Environment. Wireless Personal Communications. https://doi.org/10.1007/s11277-021-08920-3
  5. Gupta, N., Maashi, M., Tanwar, S., Badotra, S., Aljebreen, M., & Bharany, S. (2022, August 29). A Comparative Study of Software Defined Networking Controllers Using Mininet. Electronics. https://doi.org/10.3390/electronics11172715
  6. Bhardwaj, S., & Girdhar, A. (2023, July 30). Network Traffic Analysis in Software-Defined Networking Using RYU Controller. Wireless Personal Communications. https://doi.org/10.1007/s11277-023-10680-1
  7. Alhaj, A. N., & Dutta, N. (2021, December 1). Analysis of Security Attacks in SDN Network: A Comprehensive Survey. Lecture Notes in Networks and Systems. https://doi.org/10.1007/978-981-16-4244-9_3
  8. Gupta, N., Maashi, M., Tanwar, S., Badotra, S., Aljebreen, M., & Bharany, S. (2022, August 29). A Comparative Study of Software Defined Networking Controllers Using Mininet. Electronics. https://doi.org/10.3390/electronics11172715
  9. Dholakiya, D., Kshirsagar, T., & Nayak, A. K. (2020, October 30). Survey of Mininet Challenges, Opportunities, and Application in Software-Defined Network (SDN). Springer eBooks. https://doi.org/10.1007/978-981-15-7062-9_21
  10. Chica, J. C. C., Imbachi, J. C., & Vega, J. F. B. (2020, June 1). Security in SDN: A comprehensive survey. Journal of Network and Computer Applications. https://doi.org/10.1016/j.jnca.2020.102595
  11. Jérôme, F., Dolberg, L., Festor, O., & Engel, T. (2014, October 1). Network security through software defined networking. https://doi.org/10.1145/2670386.2670390
  12. Li, W., Meng, W., & Kwok, L. F. (2016, June 1). A survey on OpenFlow-based Software Defined Networks: Security challenges and countermeasures. Journal of Network and Computer Applications. https://doi.org/10.1016/j.jnca.2016.04.011
  13. G. Meena and R. R. Choudhary, "A review paper on IDS classification using KDD 99 and NSL KDD dataset in WEKA," 2017 International Conference on Computer, Communications and Electronics (Comptelix), Jaipur, India, 2017, pp. 553-558,doi: 10.1109/COMPTELIX.2017.8004032.
  14. Innovation using OpenFlow: A Survey," in IEEE Communications Surveys & Tutorials, vol. 16, no. 1, pp. 493-512, First Quarter 2014, doi: 10.1109/SURV.2013.081313.00105.
  15. L. Stancu, S. Halunga, A. Vulpe, G. Suciu, O. Fratu and E. C. Popovici, "A comparison between several Software Defined Networking controllers," 2015 12th International Conference on Telecommunication in Modern Satellite, Cable and Broadcasting Services (TELSIKS), Nis, Serbia, 2015, pp. 223-226, doi: 10.1109/TELSKS.2015.7357774.
  16. S. Shin, L. Xu, S. Hong and G. Gu, "Enhancing Network Security through Software Defined Networking (SDN)," 2016 25th International Conference on Computer Communication and Networks (ICCCN), Waikoloa, HI, USA, 2016, pp. 1-9, doi: 10.1109/ICCCN.2016.7568520.
  17. R. Khondoker, A. Zaalouk, R. Marx and K. Bayarou, "Feature-based comparison and selection of Software Defined Networking (SDN) controllers," 2014 World Congress on Computer Applications and Information Systems (WCCAIS), Hammamet, Tunisia, 2014, pp. 1-7, doi: 10.1109/WCCAIS.2014.6916572.
  18. A. Abdou, P. C. van Oorschot and T. Wan, "Comparative Analysis of Control Plane Security of SDN and Conventional Networks," in IEEE Communications Surveys & Tutorials, vol. 20, no. 4, pp. 3542-3559, Fourthquarter 2018, doi: 10.1109/COMST.2018.2839348.
  19. C. Prabha, A. Goel and J. Singh, "A Survey on SDN Controller Evolution: A Brief Review," 2022 7th International Conference on Communication and Electronics Systems (ICCES), Coimbatore, India, 2022, pp. 569-575, doi: 10.1109/ICCES54183.2022.9835810.
  20. Mishra, S., & AlShehri, M. A. R. (2017). Software Defined Networking: Research Issues, Challenges and Opportunities. Indian Journal of Science and Technology10(29), 1–9. https://doi.org/10.17485/ijst/2017/v10i29/112447
  21. G. A. Ajaeiya, N. Adalian, I. H. Elhajj, A. Kayssi and A. Chehab, "Flow-based Intrusion Detection System for SDN," 2017 IEEE Symposium on Computers and Communications (ISCC), Heraklion, Greece, 2017, pp. 787-793, doi: 10.1109/ISCC.2017.8024623.
  22. M. A. Sayeed, M. A. Sayeed and S. Saxena, "Intrusion detection system based on Software Defined Network firewall," 2015 1st International Conference on Next Generation Computing Technologies (NGCT), Dehradun, India, 2015, pp. 379-382, doi: 10.1109/NGCT.2015.7375145.

IInternational Journal of Scientific Research in Computer Science, Engineering and Information Technology

Downloads

Published

2023-12-30

Issue

Volume 9, Issue 6, November-December-2023

Section

Research Articles

License

Copyright (c) IJSRCSEIT

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

How to Cite

[1]
Dylan Da Costa, Omkar Pradip Naik, Omkar Randeep Pawar, " Towards Effective Intrusion Detection in OpenFlow-Based SDN Architectures" International Journal of Scientific Research in Computer Science, Engineering and Information Technology(IJSRCSEIT), ISSN : 2456-3307, Volume 9, Issue 6, pp.210-220, November-December-2023. Available at doi : https://doi.org/10.32628/CSEIT2390631