Abstract: A number of disadvantages of traditional networks may be attributed to the close relationship that exists between the control plane and the data plane inside proprietary hardware designs, as described above. The problem of security is one of the most difficult to deal with. There are a plethora of network hazards and attacks that might be encountered these days. DDoS attacks are one of the most popular and disruptive attacks on the internet today, and they affect a wide range of organisations. Despite a large number of traditional mitigation solutions now available, the frequency, volume, and intensity of distributed denial-of-service (DDoS) attacks continue to rise. According to the findings of this paper, a new network paradigm is necessary to satisfy the requirements of today’s complex security concerns. It was necessary to develop a software-defined network (SDN) in order to meet the real-time needs of the massive network that was expanding at an exponential rate. Many advantages of SDN exist, including simplicity of administration, scalability, and agility, but one of the most critical is security, which is one of the most important considerations when implementing SDN. SDS may be seen as a paradigm in which the implementation of new security regulations in the computer environment is performed via the use of protected software, which is described further below. The goal is to provide a flexible and extensible architecture for DDoS detection and prevention that is both flexible and extendable; the suggested clustering approach, which is based on the Open Day Light (ODL) Controller, is employed to carry out the experimental findings. In this section, we emphasise DDoS penetration techniques from a range of tools, and we evaluate the vulnerability against various tactics. It is necessary to use a Mininet emulation tool to construct a detection and prevention system against distributed denial of service (DDoS) attacks in order to achieve success. There is a range of other simulation tools that are utilised in conjunction with this research in order to bring it to a conclusion. Integration of industry standards such as SNORT and Flow has been accomplished in a variety of situations and parameter settings. During the creation of a framework capable of detecting and mitigating DDoS attacks at an early stage in both the control and application levels, the implementation of this framework has been shown to be crucial in the development of a framework.

Abstract: The space–air–ground integrated network (SAGIN) is considered to be a significant framework for realizing the vision of “6G intelligent connection of all things.” A typical SAGIN consists of three parts: a space-based network composed of various orbiting satellites, an air-based network composed of aircraft, and a traditional ground-based network. Considering the cost of satellite launch, the network needs to be flexible and controllable. In order to ensure that the ground can handle satellite anomalies in real time by program, it is necessary to introduce in-orbit programmable networks, such as the software-defined network (SDN). In the network management architecture, if the controller plane in the SDN adopts the flat management scheme, the expansion of the control plane is limited due to the low efficiency of data synchronization among controllers. Compared with controller deployments on terrestrial networks, multicontroller deployments in the SAGIN face the following problems: the dynamic change of the satellite network topology, the large-scale network nodes, the increase or decrease in the number of aerial vehicles, and the unbalanced distribution of ground users. Therefore, it is of great significance to study how to optimize the deployment of multiple controllers in the SDN-enabled SAGIN. This article introduces an SDN into the SAGIN and designs a hierarchical domain-based SDN-enabled SAGIN architecture. A multicontroller deployment strategy for the hierarchical domain-based SDN-enabled SAGIN is proposed. First, we divide the SDN control plane into two layers, i.e., the primary controller layer is deployed on the ground network and the secondary on the space-based network. The SDN data plane is composed of space-based, air-based, and ground-based networks. Second, considering the average network delay and the controller load, a multiobjective optimization model is constructed. To determine the number of controllers and the relative positions of switch nodes and controllers, the clustering algorithm based on k -means is adopted to initially divide the data plane. Finally, to improve the global search ability of the algorithm, a multiobjective optimization algorithm based on a genetic algorithm is adopted. The simulation results show that the proposed strategy is effective in reducing the average network delay and improving the controller load balance. Compared to other algorithms, the average network delay is reduced by 13.3% and the controller load is improved by 10.33%.

Abstract: Software Defined Networking (SDN) is an emerging network platform, which facilitates centralised network management. The SDN enables the network operators to manage the overall network consistently and holistically, regardless the complexity of infrastructure devices. The promising features of the SDN enhance network security and facilitate the implementation of threat detection systems through software applications using open APIs. However, the emerging technology creates new security concerns and new threats that do not exist in the current traditional networks. Distributed Denial of Service attacks (DDoS) are one of the most rampant attacks that can interrupt the functionality of the network and make most of the network services unreachable for network users. The efficient identification of DDos attacks on SDN environments in literature is still a challenge because of the number of network features taken into account and the overhead of applying machine learning based anomaly detection techniques. Hence, in this paper, we aim to use two popular feature selection methods, i.e., Information Gain (IG) and Random Forest (RF) in order to analyse the most comprehensive relevant features of DDoS attacks in SDN networks. Using the most relevant features will improve the accuracy of the anomaly detection system and reduce the false alarm rates. Moreover, we propose a Deep Learning (DL) technique based on Long Short Term Memory (LSTM) and Autoencoder to tackle the problem of DDoS attacks in SDNs. We perform our analysis and evaluation on three different datasets, i.e., InSDN, CICIDS2017 and CICIDS2018. We also measure the overhead of the proposed DL model on the SDN controller and test the network performance in terms of network throughput and end-to-end latency. The results validate that the DL approach can efficiently identify DDoS attacks in SDN environments without any significant degradation in the controller performance.

Abstract: Internet of Things (IoT) is characterized as one of the leading actors for the next evolutionary stage in the computing world. IoT-based applications have already produced a plethora of novel services and are improving the living standard by enabling innovative and smart solutions. However, along with its rapid adoption, IoT technology also creates complex challenges regarding the management of IoT networks due to its resource limitations (computational power, energy, and security). Hence, it is urgently needed to refine the IoT-based application’s architectures to robustly manage the overall IoT infrastructure. Software-defined networking (SDN) has emerged as a paradigm that offers software-based controllers to manage hardware infrastructure and traffic flow on a network effectively. SDN architecture has the potential to provide efficient and reliable IoT network management. This research provides a comprehensive survey investigating the published studies on SDN-based frameworks to address IoT management issues in the dimensions of fault tolerance, energy management, scalability, load balancing, and security service provisioning within the IoT networks. We conducted a Systematic Literature Review (SLR) on the research studies (published from 2010 to 2022) focusing on SDN-based IoT management frameworks. We provide an extensive discussion on various aspects of SDN-based IoT solutions and architectures. We elaborate a taxonomy of the existing SDN-based IoT frameworks and solutions by classifying them into categories such as network function virtualization, middleware, OpenFlow adaptation, and blockchain-based management. We present the research gaps by identifying and analyzing the key architectural requirements and management issues in IoT infrastructures. Finally, we highlight various challenges and a range of promising opportunities for future research to provide a roadmap for addressing the weaknesses and identifying the benefits from the potentials offered by SDN-based IoT solutions.

Abstract: Software-defined Networking (SDN) marked the beginning of a new era in the field of networking by decoupling the control and forwarding processes through the OpenFlow protocol. The Next Generation SDN is defined by Open Interfaces and full programmability of the data plane. P4 is a domain-specific language that fulfills these requirements and has known wide adoption over recent years from Academia and Industry. This work is an extensive survey of the P4 language covering domains of application, a detailed overview of the language, and future directions.

Abstract: SDN changes the networking vision with an impressive thought of segregating the networking control from the data management hardware and brings new functionalities such as programmability , elasticity, flexibility, and adoption capability in the network, which are difficult to think of in traditional rigid network architecture . However, a wide range of vulnerable surfaces directly or indirectly affect the SDN-based system’s information security and launch various attacks. The paper begins with a glimpse of the advantages of SDN over the traditional network but, the findings of the research work take off the wraps regarding vulnerabilities and their consequences on information security. Consequently, the threat surfaces are exposed that exist in SDN architecture due to weak information security. In addition, the research findings also disclose other prominent issues irrespective of information security issues. The inclusion intends to ring the bell in the maximum SDN aspects and make researchers or professionals aware of current trends of SDN in the best possible way. The comprehensiveness of this work is retained by detailing every part of SDN, which helps the researchers or professionals to improve SDN structurally or functionally.

Abstract: Distributed Denial of Service (DDoS) attacks represent a major concern in modern Software Defined Networking (SDN), as SDN controllers are sensitive points of failures in the whole SDN architecture. Recently, research on DDoS attacks detection in SDN has focused on investigation of how to leverage data plane programmability, enabled by P4 language, to detect attacks directly in network switches, with marginal involvement of SDN controllers. In order to effectively address cybersecurity management in SDN architectures, we investigate the potential of Artificial Intelligence and Machine Learning (ML) algorithms to perform automated DDoS Attacks Detection (DAD), specifically focusing on Transmission Control Protocol SYN flood attacks. We compare two different DAD architectures, called Standalone and Correlated DAD, where traffic features collection and attack detection are performed locally at network switches or in a single entity (e.g., in SDN controller), respectively. We combine the capability of ML and P4-enabled data planes to implement real-time DAD. Illustrative numerical results show that, for all tested ML algorithms, accuracy, precision, recall and F1-score are above 98% in most cases, and classification time is in the order of few hundreds of $$\upmu \text {s}$$ in the worst case. Considering real-time DAD implementation, significant latency reduction is obtained when features are extracted at the data plane by using P4 language.

Abstract: Software Defined Networking (SDN) is a relatively new networking architecture that has become the most widely discussed networking technology in recent years and the latest development in the field of developing digital networks, which aims to break down the traditional connection in the middle of the control surface and the infrastructure surface. The goal of this separation is to make resources more manageable, secure, and controllable. As a result, many controllers such as Beacon, Floodlight, Ryu, OpenDayLight (ODL), Open Network Operating System (ONOS), NOX, as well as Pox, have been developed. The selection of the finest-fit controller has evolved into an application-specific tool operation due to the large range of SDN applications and controllers. This paper discusses SDN, a new paradigm of networking in which the architecture transitions from a completely distributed form to a more centralized form and evaluates and contrasts the effects of various SDN controllers on SDN. This report examines some SDN controllers or the network’s “brains,” shows how they differ from one another, and compares them to see which is best overall. The presentation of SDN controllers such as Ryu, ODL, and others is compared by utilizing the Mininet simulation environment. In this study, we offer a variety of controllers before introducing the tools used in the paper: Mininet. Then, we run an experiment to show how to use ODL to establish a custom network topology on a Mininet. The experimental results show that the O controller, with its larger bandwidth and reduced latency, outperforms other controllers in all topologies (both the default topology and a custom topology with ODL).

Abstract: It is very important that the network which we use should be fast, secure and reliable. Software-defined networking (SDN) can be used to simplify the network management by using the architecture of controller, data plane and applications. Through centralized control, various tasks like routing, monitoring, load balancing and security can be controlled. SDN is used for wireless sensor networks (WSN) reliability, SDN-based security for Cloud IoT, multi-radio communication,, improving quality of service to get lower packet loss rate and balanced link utilization. SDN is also used to improve quality of service (QoS) for IoT. In this chapter, existing SDN networks are simulated and with the knowledge of the above simulation results, other tasks like measurement of traffic flow on network, improvement in packet loss rate and improvement in bandwidth utilization are presented. In this chapter, a comparative study of the use of SDN for different applications and the results of network simulation using Mininet and Miniedit platforms are presented.

Abstract: Networking technologies are fast evolving to support the request for ubiquitous Internet access that is becoming a fundamental need for the modern and inclusive society, with a dramatic speed-up caused by the COVID-19 emergency. Such evolution needs the development of networks into disaggregated and programmable systems according to the software-defined networking (SDN) paradigm. Wavelength-division multiplexed (WDM) optical transmission and networking is expanding as physical layer technology from core and metro networks to 5G x-hauling and inter- and intra-data-center connections requiring the application of the SDN paradigm at the optical layer based on the WDM optical data transport virtualization. We present the fundamental principles of the open-source project Gaussian Noise in Python (GNPy) for the optical transport virtualization in modeling the WDM optical transmission for open and disaggregated networking. GNPy approximates transparent lightpaths as additive white and Gaussian noise channels and can be used as a vendor-agnostic digital twin for open network planning and management. The quality-of-transmission degradation of each network element is independently modeled to allow disaggregated network management. We describe the GNPy models for fiber propagation, optical amplifiers, and reconfigurable add/drop multiplexers together with modeling of coherent transceivers from the back-to-back characterization. We address the use of GNPy as a vendor-agnostic design and planning tool and as physical layer virtualization in software-defined optical networking.

Abstract: The aims of this survey article are to elaborate on cross-layer optimization, Software-Defined Networking (SDN) and Software-Defined Radio (SDR) as separate domains of wireless network design for which a unified view has not been adequately considered to date and present lessons learned, with a view towards the challenges associated with SDN-SDR interaction that would facilitate benefits in cross-layer optimization of mobile ad hoc networks (MANETs). We focus on MANETs because ( ${i}$ ) they are still at the forefront of technology, and in some scenarios they are the only meaningful option for establishing communication; ( ii ) they expose the full potential and benefits of coexistence and interaction of SDN and SDR, in terms of optimizing key performance indicators. While SDN and SDR are mature technologies, their interaction and joint consideration have been largely overlooked. Current SDN approaches do not span the physical (PHY) and medium-access control (MAC) layers, but they rather concentrate on network-level routing and traffic flow optimization. As a result, PHY- and MAC-layer related parameters which notoriously affect key network performance metrics remain static or at best are adapted based on some heuristic or local approaches. On the other hand, the reach of SDR architectures is restricted to the PHY and MAC layers. We discuss the state of the art of cross-layer optimization, SDN and SDR, and current challenges associated with coexistence and interaction of SDN and SDR. Such an interaction would extend the span of SDN to PHY and MAC layers and lead to realizations of centralized approaches across all layers so as to control and optimize parameters, towards global network objectives. It would also create a bridge between centralized network control that is inherent in SDN and the distributed nature of MANETs, with the add-on features of flexible and fast PHY and MAC layer adaptation offered by SDR, for solid, autonomous and ultimately better network control implementations that span all layers, towards realizing and implementing the holy grail of real cross-layer optimization.

Abstract: Software-Defined networking (SDN) is a networking paradigm to enable dynamic, flexible, and programmatically efficient configuration of networks to revolutionize network control and management via separation of the control plane and data plane. The SDN technology has evolved in response to the demands from large data centers toward all types of networks, from IoT, enterprise, to ISP networks. On the one hand, SDN has provided solutions for high-demand resources, managing unpredictable data traffic patterns, and rapid network reconfiguration. It is further used to enhance network virtualization and security. On the other hand, SDN is still subject to many traditional network security threats. It also introduces new security vulnerabilities, primarily due to its logically centralized control plane infrastructure and functions. In this paper, we conduct a comprehensive survey on the core functionality of SDN from the perspective of secure communication infrastructure at different scales. A specific focus is put forward to address the challenges in securing SDN-based communications, with efforts taken up to address them. We further categorize the appropriate solutions for specific threats at each layer of SDN infrastructures. Lastly, security implications and future research trends are highlighted to provide insights for future research.

Abstract: Decoupled data and control planes in Software Defined Networks (SDN) allow them to handle an increasing number of threats by limiting harmful network links at the switching stage. As storage, high-end servers, and network devices, Network Function Virtualization (NFV) is designed to replace purpose-built network elements with VNFs (Virtualized Network Functions). A Software Defined Network Function Virtualization (SDNFV) network is designed in this paper to boost network performance. Stateful firewall services are deployed as VNFs in the SDN network in this article to offer security and boost network scalability. The SDN controller’s role is to develop a set of guidelines and rules to avoid hazardous network connectivity. Intruder assaults that employ numerous socket addresses cannot be adequately protected by these strategies. Machine learning algorithms are trained using traditional network threat intelligence data to identify potentially malicious linkages and probable attack targets. Based on conventional network data (DT), Bayesian Network (BayesNet), Naive-Bayes, C4.5, and Decision Table (DT) algorithms are used to predict the target host that will be attacked. The experimental results shows that the Bayesian Network algorithm achieved an average prediction accuracy of 92.87%, Native–Bayes Algorithm achieved an average prediction accuracy of 87.81%, C4.5 Algorithm achieved an average prediction accuracy of 84.92%, and the Decision Tree algorithm achieved an average prediction accuracy of 83.18%. There were 451 k login attempts from 178 different countries, with over 70 k source IP addresses and 40 k source port addresses recorded in a large dataset from nine honeypot servers.

Abstract: Consumer expectations and demands for quality of service (QoS) from network service providers have risen as a result of the proliferation of devices, applications, and services. An exceptional study is being conducted by network design and optimization experts. But despite this, the constantly changing network environment continues to provide new issues that today’s networks must be dealt with effectively. Increased capacity and coverage are achieved by joining existing networks. Mobility management, according to the researchers, is now being investigated in order to make the previous paradigm more flexible, user-centered, and service-centric. Additionally, 5G networks provide higher availability, extremely high capacity, increased stability, and improved connection, in addition to quicker speeds and less latency. In addition to being able to fulfil stringent application requirements, the network infrastructure must be more dynamic and adaptive than ever before. Network slicing may be able to meet the present stringent application requirements for network design, if done correctly. The current study makes use of sophisticated fuzzy logic to create algorithms for mobility and traffic management that are as flexible as possible while yet maintaining high performance. Ultimately, the purpose of this research is to improve the quality of service provided by current mobility management systems while also optimizing the use of available network resources. Building SDN (Software-Defined Networking) and NFV (Network Function Virtualization) technologies is essential. Network slicing is an architectural framework for 5G networks that is intended to accommodate a variety of different networks. In order to fully meet the needs of various use cases on the network, network slicing is becoming more important due to the increasing demand for data rates, bandwidth capacity, and low latency.

Abstract: Software-defined networking (SDN) is a new networking paradigm that provides centralized control, programmability, and a global view of topology in the controller. SDN is becoming more popular due to its high audibility, which also raises security and privacy concerns. SDN must be outfitted with the best security scheme to counter the evolving security attacks. A Distributed Denial-of-Service (DDoS) attack is a network attack that floods network links with illegitimate data using high-rate packet transmission. Illegitimate data traffic can overload network links, causing legitimate data to be dropped and network services to be unavailable. Low-rate Distributed Denial-of-Service (LDDoS) is a recent evolution of DDoS attack that has been emerged as one of the most serious vulnerabilities for the Internet, cloud computing platforms, the Internet of Things (IoT), and large data centers. Moreover, LDDoS attacks are more challenging to detect because this attack sends a large amount of illegitimate data that are disguised as legitimate traffic. Thus, traditional security mechanisms such as symmetric/asymmetric detection schemes that have been proposed to protect SDN from DDoS attacks may not be suitable or inefficient for detecting LDDoS attacks. Therefore, more research studies are needed in this domain. There are several survey papers addressing the detection mechanisms of DDoS attacks in SDN, but these studies have focused mainly on high-rate DDoS attacks. Alternatively, in this paper, we present an extensive survey of different detection mechanisms proposed to protect the SDN from LDDoS attacks using machine learning approaches. Our survey describes vulnerability issues in all layers of the SDN architecture that LDDoS attacks can exploit. Current challenges and future directions are also discussed. The survey can be used by researchers to explore and develop innovative and efficient techniques to enhance SDN’s protection against LDDoS attacks.

Abstract: Software-defined network (SDN) becomes a new revolutionary paradigm in networks because it provides more control and network operation over a network infrastructure. The SDN controller is considered as the operating system of the SDN based network infrastructure, and it is responsible for executing the different network applications and maintaining the network services and functionalities. Despite all its tremendous capabilities, the SDN face many security issues due to the complexity of the SDN architecture. Distributed denial of services (DDoS) is a common attack on SDN due to its centralized architecture, especially at the control layer of the SDN that has a network-wide impact. Machine learning is now widely used for fast detection of these attacks. In this paper, some important feature selection methods for machine learning on DDoS detection are evaluated. The selection of optimal features reflects the classification accuracy of the machine learning techniques and the performance of the SDN controller. A comparative analysis of feature selection and machine learning classifiers is also derived to detect SDN attacks. The experimental results show that the Random forest (RF) classifier trains the more accurate model with 99.97% accuracy using features subset by the Recursive feature elimination (RFE) method.

Abstract: Software-Defined Networking (SDN) is an emerging network architecture. The decoupled data and control plane provides programmability for efficient network management. However, the centralized control mode of SDN also exposes unique vulnerabilities. Low-rate Denial of Service (LDoS) has a lower attack rate than ordinary DDoS attacks with the characteristics of periodicity and concealment, which is among one of the severe threats to SDN. In this paper, we propose a lightweight, real-time framework Performance and Features (P&F) to detect and mitigate LDoS attacks with SDN. We implement LDoS attacks in SDN, extract traffic features with OpenFlow, and classify the features into two categories. By analyzing the performance (P) of normal traffic under attack state, P&F determines whether LDoS attacks take effect based on machine learning. Meanwhile, P&F tries to locate attack sources and victims according to flow features (F) of LDoS attacks based on time-frequency analysis. According to detection and locating results, P&F sets corresponding mitigation schemes. Experimental results show that P&F has a high detection rate and low false positive rate for detecting LDoS attacks. P&F can deploy on controllers to achieve real-time attack detection and mitigation with low system cost, which can defend against LDoS attacks effectively.

Abstract: With the growth of the number of Internet of Things (IoT) devices and the emergence of new applications, satisfying distinct QoS in the same physical network becomes more challenging. Recently, with the advance of network functions virtualization and software-defined networking (SDN) technologies, the network slicing technique has emerged as a promising solution. It can divide a physical network into multiple virtual networks, therefore providing different network services. In this article, to meet distinct QoS in industrial IoT, we design a network slicing architecture over the SDN-based long-range wide area network. The SDN controller can dynamically split the network into multiple virtual networks according to different business requirements. On this basis, we proposed a deep deterministic policy gradient (DDPG) based slice optimization algorithm. It enables LoRa gateways to intelligently configure slice parameters (e.g., transmission power and spreading factor) to improve the slice performance in terms of QoS, energy efficiency, and reliability. In addition, to accelerate the training process across multiple LoRa gateways, we leverage the transfer learning framework and design a transfer learning-based multiagent DDPG algorithm.

Abstract: A modern networking structure that employs software-based controllers to control and interact with primary hardware devices for directing the traffic on a network is called software-defined networking (SDN). It differs from the conventional network by creating a centralized control over the routing of data packets. Networks are widely used networks in which spontaneous network connectivity among the nodes is needed for communicating useful information quickly to the target audience. Nodes in ad hoc networks (AHN) down to function in an infrastructure-less environment can form a group among themselves freely and launch wireless multi-hop communication without any centralized access point. Every node can have direct communication among each other and be involved in relying on the data packet. Routing in AHN is difficult and has specific constraints over wireless transmission such as frequently changing topology, self-organizing nature, wireless link fluctuation, and resource constraint nature of nodes. Imposing SDN technology in designing routing protocols for various application needs of upcoming scenarios of AHN is crucial for improved network management and reducing the overall communication cost. SDN-based routing protocols shift the routing choices from basic network elements to the controller. This technique helps to identify the shortest route with minimum latency and to reduce the control packet exchange rapidly. This article first proposes the various network structures that rely on SDN technology for competent message transmission in mobile AHN and then presents a survey on SDN-based network routing protocols from different branches of AHN with the methodology used and advantages and disadvantages of each. This helps the researchers to enhance them further to meet the requirement of various application scenarios.

Abstract: Providing high-speed Internet services using satellite networks have attracted researchers from both academia and industry mainly due to the characteristics of Low Earth Orbit (LEO) satellite networks such as global coverage, scalability, and lower transmission delays. Implementation of Software-Defined Networking (SDN) in Non-Terrestrial Networks (NTNs) can help to achieve the goals set for 5G and beyond networks. Since satellite networks have a specific architecture, some of the legacy protocols no longer remain useful. Therefore, to satisfy the diverse Quality of Service (QoS) requirements for a variety of applications, we propose a novel and centralized QoS-aware routing algorithm, called fybrrLink in which the global view of the network in SDN is utilized. We implement a modified Bresenham’s algorithm and Dijkstra’s algorithm to find the optimal path in a significantly reduced computation time. Also, taking advantage of the deterministic satellite constellation, we propose a flow rule transfer algorithm and a topology monitoring algorithm. Further, fybrrLink is evaluated with multiple NS3 simulations, and results confirm that our approach outperforms other state-of-the-art algorithms.