Abstract: This article proposes a software defined spaceair- ground integrated network architecture for supporting diverse vehicular services in a seamless, efficient, and cost-effective manner. First, the motivations and challenges for integration of space-air-ground networks are reviewed. Second, a software defined network architecture with a layered structure is presented. To protect the legacy services in the satellite, aerial, and terrestrial segments, resources in each segment are sliced through network slicing to achieve service isolation. Then available resources are put into a common and dynamic space-air-ground resource pool, which is managed by hierarchical controllers to accommodate vehicular services. Finally, a case study is carried out, followed by discussion on some open research topics.

Abstract: Software defined networking (SDN) brings about innovation, simplicity in network management, and configuration in network computing. Traditional networks often lack the flexibility to bring into effect instant changes because of the rigidity of the network and also the over dependence on proprietary services. SDN decouples the control plane from the data plane, thus moving the control logic from the node to a central controller. A wireless sensor network (WSN) is a great platform for low-rate wireless personal area networks with little resources and short communication ranges. However, as the scale of WSN expands, it faces several challenges, such as network management and heterogeneous-node networks. The SDN approach to WSNs seeks to alleviate most of the challenges and ultimately foster efficiency and sustainability in WSNs. The fusion of these two models gives rise to a new paradigm: Software defined wireless sensor networks (SDWSN). The SDWSN model is also envisioned to play a critical role in the looming Internet of Things paradigm. This paper presents a comprehensive review of the SDWSN literature. Moreover, it delves into some of the challenges facing this paradigm, as well as the major SDWSN design requirements that need to be considered to address these challenges.

Abstract: The rapid increase in the number and diversity of smart devices connected to the Internet has raised the issues of flexibility, efficiency, availability, security, and scalability within the current IoT network. These issues are caused by key mechanisms being distributed to the IoT network on a large scale, which is why a distributed secure SDN architecture for IoT using the blockchain technique (DistBlockNet) is proposed in this research. It follows the principles required for designing a secure, scalable, and efficient network architecture. The DistBlockNet model of IoT architecture combines the advantages of two emerging technologies: SDN and blockchains technology. In a verifiable manner, blockchains allow us to have a distributed peer-to-peer network where non-confident members can interact with each other without a trusted intermediary. A new scheme for updating a flow rule table using a blockchains technique is proposed to securely verify a version of the flow rule table, validate the flow rule table, and download the latest flow rules table for the IoT forwarding devices. In our proposed architecture, security must automatically adapt to the threat landscape, without administrator needs to review and apply thousands of recommendations and opinions manually. We have evaluated the performance of our proposed model architecture and compared it to the existing model with respect to various metrics. The results of our evaluation show that DistBlockNet is capable of detecting attacks in the IoT network in real time with low performance overheads and satisfying the design principles required for the future IoT network.

Abstract: Recent advances in networking, caching, and computing have significant impacts on the developments of smart cities. Nevertheless, these important enabling technologies have traditionally been studied separately in the existing works on smart cities. In this article, we propose an integrated framework that can enable dynamic orchestration of networking, caching, and computing resources to improve the performance of applications for smart cities. Then we present a novel big data deep reinforcement learning approach. Simulation results with different system parameters are presented to show the effectiveness of the proposed scheme.

Abstract: The research community has considered in the past the application of Artificial Intelligence (AI) techniques to control and operate networks A notable example is the Knowledge Plane proposed by DClark et al However, such techniques have not been extensively prototyped or deployed in the field yet In this paper, we explore the reasons for the lack of adoption and posit that the rise of two recent paradigms: Software-Defined Networking (SDN) and Network Analytics (NA), will facilitate the adoption of AI techniques in the context of network operation and control We describe a new paradigm that accommodates and exploits SDN, NA and AI, and provide use-cases that illustrate its applicability and benefits We also present simple experimental results that support, for some relevant use-cases, its feasibility We refer to this new paradigm as Knowledge-Defined Networking (KDN)

Abstract: Internet of things (IoT) facilitates billions of devices to be enabled with network connectivity to collect and exchange real-time information for providing intelligent services. Thus, IoT allows connected devices to be controlled and accessed remotely in the presence of adequate network infrastructure. Unfortunately, traditional network technologies such as enterprise networks and classic timeout-based transport protocols are not capable of handling such requirements of IoT in an efficient, scalable, seamless, and cost-effective manner. Besides, the advent of software-defined networking (SDN) introduces features that allow the network operators and users to control and access the network devices remotely, while leveraging the global view of the network. In this respect, we provide a comprehensive survey of different SDN-based technologies, which are useful to fulfill the requirements of IoT, from different networking aspects— edge , access , core , and data center networking. In these areas, the utility of SDN-based technologies is discussed, while presenting different challenges and requirements of the same in the context of IoT applications. We present a synthesized overview of the current state of IoT development. We also highlight some of the future research directions and open research issues based on the limitations of the existing SDN-based technologies.

Abstract: Software-defined networking (SDN) is an emerging paradigm, which breaks the vertical integration in traditional networks to provide the flexibility to program the network through (logical) centralized network control. SDN has the capability to adapt its network parameters on the fly based on its operating environment. The decoupled structure of SDN serves as a solution for managing the network with more flexibility and ease. In SDN, the centralized cost effective architecture provides network visibility which helps to achieve efficient resource utilization and high performance. Due to the increasingly pervasive existence of smart programmable devices in the network, SDN provides security, energy efficiency, and network virtualization for enhancing the overall network performance. We present various security threats that are resolved by SDN and new threats that arise as a result of SDN implementation. The recent security attacks and countermeasures in SDN are also summarized in the form of tables. We also provide a survey on the different strategies that are implemented to achieve energy efficiency and network security through SDN implementation. In an effort to anticipate the future evolution of this new paradigm, we discuss the main ongoing research efforts, challenges, and research trends in this area. With this paper, readers can have a more thorough understanding of SDN architecture, different security attacks and countermeasures, and energy efficiency.

Abstract: Distributed denial-of-service (DDoS) attacks have become a weapon of choice for hackers, cyber extortionists, and cyber terrorists. These attacks can swiftly incapacitate a victim, causing huge revenue losses. Despite the large number of traditional mitigation solutions that exists today, DDoS attacks continue to grow in frequency, volume, and severity. This calls for a new network paradigm to address the requirements of today’s challenging security threats. Software-defined networking (SDN) is an emerging network paradigm which has gained significant traction by many researchers to address the requirement of today’s data centers. Inspired by the capabilities of SDN, we present a comprehensive survey of existing SDN-based DDoS attack detection and mitigation solutions. We classify solutions based on DDoS attack detection techniques and identify requirements of an effective solution. Based on our findings, we propose a novel framework for detection and mitigation of DDoS attacks in a large-scale network which comprises a smart city built on SDN infrastructure. Our proposed framework is capable of meeting application-specific DDoS attack detection and mitigation requirements. The primary contribution of this paper is twofold. First, we provide an in-depth survey and discussion of SDN-based DDoS attack detection and mitigation mechanisms, and we classify them with respect to the detection techniques. Second, leveraging the characteristics of SDN for network security, we propose and present an SDN-based proactive DDoS Defense Framework (ProDefense). We show how this framework can be utilized to secure applications built for smart cities. Moreover, the paper highlights open research challenges, future research directions, and recommendations related to SDN-based DDoS detection and mitigation.

Abstract: The emergence of two new technologies, namely, software defined networking (SDN) and network function virtualization (NFV), have radically changed the development of network functions and the evolution of network architectures. These two technologies bring to mobile operators the promises of reducing costs, enhancing network flexibility and scalability, and shortening the time-to-market of new applications and services. With the advent of SDN and NFV and their offered benefits, the mobile operators are gradually changing the way how they architect their mobile networks to cope with ever-increasing growth of data traffic, massive number of new devices and network accesses, and to pave the way toward the upcoming fifth generation networking. This survey aims at providing a comprehensive survey of state-of-the-art research work, which leverages SDN and NFV into the most recent mobile packet core network architecture, evolved packet core. The research work is categorized into smaller groups according to a proposed four-dimensional taxonomy reflecting the: 1) architectural approach, 2) technology adoption, 3) functional implementation, and 4) deployment strategy. Thereafter, the research work is exhaustively compared based on the proposed taxonomy and some added attributes and criteria. Finally, this survey identifies and discusses some major challenges and open issues, such as scalability and reliability, optimal resource scheduling and allocation, management and orchestration, and network sharing and slicing that raise from the taxonomy and comparison tables that need to be further investigated and explored.

Abstract: Network slicing for 5G provides Network-as-a-Service (NaaS) for different use cases, allowing network operators to build multiple virtual networks on a shared infrastructure. With network slicing, service providers can deploy their applications and services flexibly and quickly to accommodate diverse services’ specific requirements. As an emerging technology with a number of advantages, network slicing has raised many issues for the industry and academia alike. Here, the authors discuss this technology’s background and propose a framework. They also discuss remaining challenges and future research directions.

Abstract: Communication networks are undergoing their next evolutionary step toward 5G. The 5G networks are envisioned to provide a flexible, scalable, agile, and programmable network platform over which different services with varying requirements can be deployed and managed within strict performance bounds. In order to address these challenges, a paradigm shift is taking place in the technologies that drive the networks, and thus their architecture. Innovative concepts and techniques are being developed to power the next generation mobile networks. At the heart of this development lie Network Function Virtualization and Software Defined Networking technologies, which are now recognized as being two of the key technology enablers for realizing 5G networks, and which have introduced a major change in the way network services are deployed and operated. For interested readers that are new to the field of SDN and NFV, this paper provides an overview of both these technologies with reference to the 5G networks. Most importantly, it describes how the two technologies complement each other and how they are expected to drive the networks of near future.

Abstract: Having gained momentum from its promise of centralized control over distributed network architectures at bargain costs, software-defined Networking (SDN) is an ever-increasing topic of research. SDN offers a simplified means to dynamically control multiple simple switches via a single controller program, which contrasts with current network infrastructures where individual network operators manage network devices individually. Already, SDN has realized some extraordinary use cases outside of academia with companies, such as Google, AT&T, Microsoft, and many others. However, SDN still presents many research and operational challenges for government, industry, and campus networks. Because of these challenges, many SDN solutions have developed in an ad hoc manner that are not easily adopted by other organizations. Hence, this paper seeks to identify some of the many challenges where new and current researchers can still contribute to the advancement of SDN and further hasten its broadening adoption by network operators.

Abstract: Distributed Denial of Service (DDoS) is one of the most prevalent attacks that an organizational network infrastructure comes across nowadays. We propose a deep learning based multi-vector DDoS detection system in a software-defined network (SDN) environment. SDN provides flexibility to program network devices for different objectives and eliminates the need for third-party vendor-specific hardware. We implement our system as a network application on top of an SDN controller. We use deep learning for feature reduction of a large set of features derived from network traffic headers. We evaluate our system based on different performance metrics by applying it on traffic traces collected from different scenarios. We observe high accuracy with a low false-positive for attack detection in our proposed system.

Abstract: In this paper we design and evaluate a Deep-Reinforcement Learning agent that optimizes routing. Our agent adapts automatically to current traffic conditions and proposes tailored configurations that attempt to minimize the network delay. Experiments show very promising performance. Moreover, this approach provides important operational advantages with respect to traditional optimization algorithms.

Abstract: Wireless sensor networks (WSNs) are becoming increasingly popular with the advent of the Internet of things (IoT). Various real-world applications of WSNs such as in smart grids, smart farming and smart health would require a potential deployment of thousands or maybe hundreds of thousands of sensor nodes/actuators. To ensure proper working order and network efficiency of such a network of sensor nodes, an effective WSN management system has to be integrated. However, the inherent challenges of WSNs such as sensor/actuator heterogeneity, application dependency and resource constraints have led to challenges in implementing effective traditional WSN management. This difficulty in management increases as the WSN becomes larger. Software Defined Networking (SDN) provides a promising solution in flexible management WSNs by allowing the separation of the control logic from the sensor nodes/actuators. The advantage with this SDN-based management in WSNs is that it enables centralized control of the entire WSN making it simpler to deploy network-wide management protocols and applications on demand. This paper highlights some of the recent work on traditional WSN management in brief and reviews SDN-based management techniques for WSNs in greater detail while drawing attention to the advantages that SDN brings to traditional WSN management. This paper also investigates open research challenges in coming up with mechanisms for flexible and easier SDN-based WSN configuration and management.

Abstract: Since the appearance of OpenFlow back in 2008, software-defined networking (SDN) has gained momentum. Although there are some discrepancies between the standards developing organizations working with SDN about what SDN is and how it is defined, they all outline traffic engineering (TE) as a key application. One of the most common objectives of TE is the congestion minimization, where techniques such as traffic splitting among multiple paths or advanced reservation systems are used. In such a scenario, this manuscript surveys the role of a comprehensive list of SDN protocols in TE solutions, in order to assess how these protocols can benefit TE. The SDN protocols have been categorized using the SDN architecture proposed by the open networking foundation, which differentiates among data-controller plane interfaces, application-controller plane interfaces, and management interfaces, in order to state how the interface type in which they operate influences TE. In addition, the impact of the SDN protocols on TE has been evaluated by comparing them with the path computation element (PCE)-based architecture. The PCE-based architecture has been selected to measure the impact of SDN on TE because it is the most novel TE architecture until the date, and because it already defines a set of metrics to measure the performance of TE solutions. We conclude that using the three types of interfaces simultaneously will result in more powerful and enhanced TE solutions, since they benefit TE in complementary ways.

Abstract: 5G will provide broadband access everywhere, entertain higher user mobility, and enable connectivity of massive number of devices (e.g. Internet of Things (IoT)) in an ultrareliable and affordable way. The main technological enablers such as cloud computing, Software Defined Networking (SDN) and Network Function Virtualization (NFV) are maturing towards their use in 5G. However, there are pressing security challenges in these technologies besides the growing concerns for user privacy. In this paper, we provide an overview of the security challenges in these technologies and the issues of privacy in 5G. Furthermore, we present security solutions to these challenges and future directions for secure 5G systems.

Abstract: With the advent of smart devices and lowering prices of sensing devices, adoption of Internet of Things (IoT) is gaining momentum. These IoT devices come with greater threat of being attacked or compromised that could lead to Denial of Service (DoS) and Distributed Denial of Service (DDoS). The high volume of IoT devices with high level of heterogeneity, magnify the possibility of security threats. So far, there is no protocol to guarantee the security of IoT devices. But to enable resilience, continuous monitoring is required along with adaptive decision making. These challenges can be addressed with the help of Software Defined Networking (SDN) which can effectively handle the security threats to the IoT devices in dynamic and adaptive manner without any burden on the IoT devices. In this paper, we propose an SDN-based secure IoT framework called SoftThings to detect abnormal behaviors and attacks as early as possible and mitigate as appropriate. Machine Learning is used at the SDN controller to monitor and learn the behavior of IoT devices over time. We have conducted experiments on Mininet emulator. Initial results show that this framework is capable to detect attacks on IoT with around 98% precision.

Abstract: Recently, a variety of solutions have been proposed to tackle the controller placement problem in SDN. The objectives include minimizing the latency between controllers and their associated switches, enhancing reliability and resilience of the network, and minimizing deployment cost and energy consumption. In this article, we first survey the state-of-the-art solutions and draw a taxonomy based on their objectives, and then propose a new approach to minimize the packet propagation latency between controllers and switches. In order to encourage future research, we also identify the ongoing research challenges and open issues relevant to this problem.

Abstract: To meet the ever increasing demand of mobile data traffic, 5G enabling technologies are proposed in vehicular networks. Network densification is one of the key 5G technologies for large user throughput and traffic capacity, but there is a great challenge to serve numerous vehicular neighbors. According to observations from a real dataset of vehicles, we discover vehicular neighbor groups (VNGs) consisting of groups of vehicular neighbors. VNGs are crucial to enrich and enhance various services in 5G networks through efficient management. Therefore, we propose 5G-enabled software defined vehicular networks (5G-SDVNs), where software defined networking is exploited to dynamically manage VNGs in 5G and vehicular environment. Furthermore, we leverage mobile edge computing to strengthen network control of 5G-SDVN. By combining software defined networking with mobile edge computing, a programmable, flexible, and controllable network architecture is introduced for 5G-SDVN. The architecture simplifies network management, improves resource utilization, and achieves sustainable network development. We use the universal plug-andplay standard to enable scalable VNG networking. A case study of vehicular cloud computing highlights the advantages of 5G-SDVN. Finally, we also identify and discuss open issues in 5G-SDVN.

Abstract: The fundamental role of the software defined networks (SDNs) is to decouple the data plane from the control plane, thus providing a logically centralized visibility of the entire network to the controller. This enables the applications to innovate through network programmability. To establish a centralized visibility, a controller is required to discover a network topology of the entire SDN infrastructure. However, discovering a network topology is challenging due to: 1) the frequent migration of the virtual machines in the data centers; 2) lack of authentication mechanisms; 3) scarcity of the SDN standards; and 4) integration of security mechanisms for the topology discovery. To this end, in this paper, we present a comprehensive survey of the topology discovery and the associated security implications in SDNs. This survey provides discussions related to the possible threats relevant to each layer of the SDN architecture, highlights the role of the topology discovery in the traditional network and SDN, presents a thematic taxonomy of topology discovery in SDN, and provides insights into the potential threats to the topology discovery along with its state-of-the-art solutions in SDN. Finally, this survey also presents future challenges and research directions in the field of SDN topology discovery.

Abstract: This article proposes a software defined space-air-ground integrated network architecture for supporting diverse vehicular services in a seamless, efficient, and cost-effective manner. Firstly, the motivations and challenges for integration of space-air-ground networks are reviewed. Secondly, a software defined network architecture with a layered structure is presented. To protect the legacy services in satellite, aerial, and territorial segments, resources in each segment are sliced through network slicing to achieve service isolation. Then, available resources are put into a common and dynamic space-air-ground resource pool, which is managed by hierarchical controllers to accommodate vehicular services. Finally, a case study is carried out, followed by discussion on some open research topics.

Abstract: Distributed cloud networking builds on network functions virtualization (NFV) and software defined networking (SDN) to enable the deployment of network services in the form of elastic virtual network functions (VNFs) instantiated over general purpose servers at distributed cloud locations. We address the design of fast approximation algorithms for the NFV service distribution problem (NSDP), whose goal is to determine the placement of VNFs, the routing of service flows, and the associated allocation of cloud and network resources that satisfy client demands with minimum cost. We show that in the case of load-proportional costs, the resulting fractional NSDP can be formulated as a multi-commodity-chain flow problem on a cloud-augmented graph, and design a queue-length based algorithm, named QNSD, that provides an O(e) approximation in time O (1/e). We then address the case in which resource costs are a function of the integer number of allocated resources and design a variation of QNSD that effectively pushes for flow consolidation into a limited number of active resources to minimize overall cloud network cost.

Abstract: The successful realization of smart energy management relies on ubiquitous and reliable information exchange among millions of sensors and actuators deployed in the field with little or no human intervention. This motivates us to propose a unified communication framework for smart energy management by exploring the integration of software-defined networking with machine-to-machine communication. In this article, first we provide a comprehensive review of the state-of-the-art contributions from the perspective of software defined networking and machineto- machine integration. Second, the overall design of the proposed software-defined machine-to-machine (SD-M2M) framework is presented, with an emphasis on its technical contributions to cost reduction, fine granularity resource allocation, and end-to-end quality of service guarantee. Then a case study is conducted for an electric vehicle energy management system to validate the proposed SD-M2M framework. Finally, we identify several open issues and present key research opportunities.

Abstract: Software defined networking is increasingly prevalent in data center networks for it enables centralized network configuration and management. However, since switches are statically assigned to controllers and controllers are statically provisioned, traffic dynamics may cause long response time and incur high maintenance cost. To address these issues, we formulate the dynamic controller assignment problem (DCAP) as an online optimization to minimize the total cost caused by response time and maintenance on the cluster of controllers. By applying the randomized fixed horizon control framework, we decompose DCAP into a series of stable matching problems with transfers, guaranteeing a small loss in competitive ratio. Since the matching problem is NP-hard, we propose a hierarchical two-phase algorithm that integrates key concepts from both matching theory and coalitional games to solve it efficiently. Theoretical analysis proves that our algorithm converges to a near-optimal Nash stable solution within tens of iterations. Extensive simulations show that our online approach reduces total cost by about 46%, and achieves better load balancing among controllers compared with static assignment.

Abstract: We propose a novel network architecture by leveraging the cloudlet concept, the software defined networking technology, and the cellular network infrastructure to bring the computing resource to the mobile edge. In order to minimize the average response time for mobile users (MUs) in offloading their application workloads to the geographically distributed cloudlets, we propose the latency-aware workload offloading (LEAD) strategy to allocate MUs’ application workloads into suitable cloudlets. Simulation results demonstrate that LEAD incurs the lowest average response time as compared with two other existing strategies.

Abstract: Software-Defined Networks (SDN) is an emerging area that promises to change the way we design, build, and operate network architecture. It tends to shift from traditional network architecture of proprietary based to open and programmable network architecture. However, this new innovative and improved technology also brings another security burden into the network architecture, with existing and emerging security threats. The network vulnerability has become more open to intruders: the focus is now shifted to a single point of failure where the central controller is a prime target. Therefore, integration of intrusion detection system (IDS) into the SDN architecture is essential to provide a network with attack countermeasure. The work designed and developed a virtual testbed that simulates the processes of the real network environment, where a star topology is created with hosts and servers connected to the OpenFlow OVS-switch. Signature-based Snort IDS is deployed for traffic monitoring and attack detection, by mirroring the traffic destine to the servers. The vulnerability assessment shows possible attacks threat exist in the network architecture and effectively contain by Snort IDS except for the few which the suggestion is made for possible mitigation. In order to provide scalable threat detection in the architecture, a flow-based IDS model is developed. A flow-based anomaly detection is implemented with machine learning to overcome the limitation of signature-based IDS. The results show positive improvement for detection of almost all the possible attacks in SDN environment with our pattern recognition of neural network for machine learning using our trained model with over 97% accuracy.