Rahamatullah Khondoker scite author profile

Software Defined Networking (SDN) is seen as one way to solve some problems of the Internet including security, managing complexity, multi-casting, load balancing, and energy efficiency. SDN is an architectural paradigm that separates the control plane of a networking device (e.g., a switch / router) from its data plane, making it feasible to control, monitor, and manage a network from a centralized node (the SDN controller). However, today there exists many SDN controllers including POX, FloodLight, and OpenDaylight. The question is, which of the controllers is to be selected and used? To find out the answer to this question, a decision making template is proposed in this paper to help researchers choose the SDN controller that best fits their needs. The method works as follows; first, several existing open-source controllers are analyzed to collect their properties. For selecting the suitable controller based on the derived requirements (for example, a "Java" interface must be provided by the controller), a matching mechanism is used to compare the properties of the controllers with the requirements. Additionally, for selecting the best controller based on optional requirements (for example, GUI will be extremely preferred over the age of the controller), a Multi-Criteria Decision Making (MCDM) method named Analytic Hierarchy Process (AHP) has been adapted by a monotonic interpolation / extrapolation mechanism which maps the values of the properties to a value in a pre-defined scale. By using the adapted AHP, the topmost five controllers have been compared and "Ryu" is selected to be the best controller based on our requirements.

show abstract

OrchSec: An orchestrator-based architecture for enhancing network-security using Network Monitoring and SDN Control functions

Zaalouk

Khondoker

Marx

et al. 2014

122

View full text Add to dashboard Cite

The original design of the Internet did not take network security aspects into consideration, instead it aimed to facilitate the process of information exchange between end hosts. Consequently, many protocols that are part of the Internet infrastructure expose a set of vulnerabilities that can be exploited by attackers. To reduce these vulnerabilities, several security approaches were introduced as a form of add-ons to the existing Internet architecture. However, these approaches have their drawbacks (e.g., lack of centralized control, and automation).In this paper, to address these drawbacks, the features provided by Software Defined Networking (SON) such as network-visibility, centralized management and control are considered for develop ing security applications. Although the SON architecture provides features that can aid in the process of network security, it has some deficiencies when it comes to using SON for security. To address these deficiencies, several architectural requirements are derived to adapt the SON architecture for security use cases.For this purpose, OrchSec, an Orchestrator-based architecture that utilizes Network Monitoring and SDN Control functions to develop security applications is proposed. The functionality of the proposed architecture is demonstrated, tested, and validated using a security application.

show abstract

Research Trends in Security and DDoS in SDN

Dayal

Maity

Srivastava

et al. 2016

Security Comm Networks

View full text Add to dashboard Cite

Software‐Defined Networks (SDNs) are emerging as one of the most promising new era network technologies with its centralized and easily programmable nature. Many security issues with legacy networks could easily be resolved using SDNs central management and control; at the same time, security vulnerabilities of this technology are still the biggest concern of researchers and industries for adapting this technology. In this paper, a comprehensive review on security aspects of SDN is presented, considering how researchers are utilizing its features for providing security as well as their concerns about its security. Further, a critical comparison of existing countermeasures against SDN security including distributed denial of service (DDoS) is presented. This analysis includes the research works that have been done since the origin of OpenFlow protocol till 2015, including the contributions made by industries as well as universities towards securing the SDN framework. We have also compared our survey with existing surveys. The motivation behind this survey is to identify security concerns of SDN and ongoing research in this field. We have focused on DDoS in SDN mainly, which has not been much targeted by research surveys. By highlighting the current state of the art in this domain, we could facilitate researchers with a broad overview of advancement of research in SDN security and DDoS. Copyright © 2017 John Wiley & Sons, Ltd.

show abstract

Security of Selected Future Internet Architectures: A Survey

Khondoker

Nugraha

Marx

et al. 2014

View full text Add to dashboard Cite

The Internet faces many challenges in terms of flexibility (so called IP bottleneck) as well as host-centric addressing, mobility, self-configuration, self-monitoring, and security. Several Future Internet (FI) architectures have been proposed to address these challenges including eXpressive Internet Architecture (XIA), MobilityFirst, Named Data Networking (NDN), NEBULA, and Recursive InterNetwork Architecture (RINA). This paper surveys the security solutions of the FI architectures based on literatures, prototypes, and demonstrations. It has been found that none of the architectures can fulfill all of the security goals: confidentiality, authentication, integrity and availability. The results of the survey have been verified by the domain experts

show abstract

An efficient steganographic approach for protecting communication in the Internet of Things (IoT) critical infrastructures

Bairagi

Khondoker

Islam

2016

Information Security Journal: A Global Perspective

View full text Add to dashboard Cite

With the manifestation of the Internet of Things (IoT) and fog computing, the quantity of edge devices is escalating exponentially all over the world, providing better services to the end user with the help of existing and upcoming communication infrastructures. All of these devices are producing and communicating a huge amount of data and control information around this open IoT environment. A large amount of this information contains personal and important information for the user as well as for the organization. The number of attack vectors for malicious users is high due to the openness, distributed nature, and lack of control over the whole IoT environment. For building the IoT as an effective service platform, end users need to trust the system. For this reason, security and privacy of information in the IoT is a great concern in critical infrastructures such as the smart home, smart city, smart healthcare, smart industry, etc

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.