The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
The success of the Internet around the world has produced many benefits, but due to IP protocol stack limitations, the IP addresses exhaustion problem soon arose. Although it has been proposed several solutions to alleviate it, the problem still remains, specially in the emerging countries, which have a reduced pool of public IPv4 addresses. Classless Inter-Domain Routing (CIDR) scheme has partially...
Scanning attack threatens the security of network communication severely. Traditional network communication usually uses static IP address configuration, which provides convenience to scanning attackers. In this paper, an IP Hopping (IPH) communication scheme is proposed based on software-defined network to solve this problem, in which IP addresses can be assigned to the hosts in the network dynamically...
The decoupling of data and control planes of network switches is the main characteristic of Software Defined Networks. The OpenFlow (OF) protocol implements this concept and it is found today in various off-the-shelf equipment. Despite being widely employed in industry and research there is no systematic evaluation of OF data plane performance in the literature. In this paper we evaluate the performance...
Software Defined Networking is an emerging technology that permits computer network infrastructure to be scaled dynamically as needed while enhancing the manageability of the various network devices in heterogeneous environment as opposed to classical networking. These capabilities emerge from the separation of the data plane from the control plane; thus, allowing the network devices to be programmatically...
In this paper, we propose techniques for securing Software Defined Networks(SDN). We describe the design of a security architecture that makes use of security applications on top of the SDN Controller to specify fine granular security policies based on domain wide knowledge of the domain and Security Agents to enforce these policies in the switches in the data plane. We have extended the Open Flow...
Recent research demonstrated that software defined networking (SDN) can be leveraged to enable moving target defense (MTD) to mitigate distributed denial of service (DDoS) attacks. The network states are continuously changed in MTD by effectively collecting information from the network and enforcing certain security measures on the fly in order to deceive the attackers. Being motivated from the success...
In this paper, we propose a policy driven security architecture for securing end to end services across multiple autonomous domain based SDN environment. We develop a language based approach to designing a range of security policies that are relevant for SDN services and communications. The design of a security architecture that enables secure routing of packets based on the specified security policies...
In this paper we describe ACyDS, an adaptive cyber deception system. ACyDS provides a unique virtual network view to each host in an enterprise network. That is, a host's view of its network, including subnet topology and IP address assignments of reachable hosts and servers, does not reflect physical network configurations and is different than the view of any other host in the network. ACyDS generates...
Software Defined Network (SDN) attract much attendance from research and industrial area; reason behind is the open interface, user controlled management and lower operating cost for data/flow handling rules that implements on software module rather than embedding in hardware with greatly improve performance. Network with the high security demanding higher in this generation. New service and products...
The concept of Software Defined Networking (SDN) has been successfully applied to efficiently configure and manage network infrastructure, e.g. in the context of data centres or WANs, and increasingly for ubiquitous communication. In this paper, we explore the idea of pushing SDN to the end-host. In particular, we consider the scenario of load balancing across multiple host network interfaces. We...
Industrial control system (ICS) security has been a topic of research for several years now and the growing interconnectedness with enterprise systems (ES) is exacerbating the existing issues. Research efforts, however, are impeded by the lack of data that integrate both types of systems. This paper presents an empirical analysis of malicious activities aimed at integrated ICS and ES environment using...
The simplicity and high performance-to-cost ratio make Ethernet, the most dominant and widely deployed LAN technology. But, a single Ethernet network cannot scale to large networks such as enterprise, campus, data center and wide area networks because of broadcast based services like Address Resolution Protocol (ARP) and Dynamic Host Configuration Protocol (DHCP). The Software-Defined Networking (SDN)...
Network virtualization introduces two concepts: slice (i.e., virtual network), which consists of virtual nodes and links, and slice developer, which is the third role in networks. Slice developers can introduce new network services by using slices. A method for introducing new types of virtual nodes and links for new services into the slice-definition language and the virtualization infrastructure...
In the paper a programmable management framework for SDN networks is presented. The concept is in-line with SDN philosophy - it can be programmed from scratch. The implemented management functions can be case dependent. The concept introduces a new node in the SDN architecture, namely the SDN manager. In compliance with the latest trends in network management the approach allows for embedded management...
Despite of various benefits such as load balance and energy saving virtual machine (VM) migration promises to provide, its application in realistic data centers is still limited due to the limitation of migration in the LAN environment and the unpredictable performance. Through separation of control plane and data plane, software defined network (SDN) provides the possibility for an alternate solution...
Actual electric network infrastructure is poorly adapted to the new requirements of the society for reliability, efficiency and sustainability. Thus, it must undergo an intense modernization in the next years, becoming smart, also known as Smart Grids. In this Smart Grid context, computer systems will be a key hole in the analysis and monitoring of several devices that are connected to the grid. This...
Most enterprises today run their applications on virtual machines (VMs). VM mobility - both live and offline, can provide enormous flexibility and also bring down OPEX (Operational Expenditure) costs. However, both live and offline migration of VMs is still limited to within a local network because of the complexities associated with cross subnet live and offline migration. These complexities mainly...
Remote Terminal Units (RTUs) are single board, real time remote data acquisition & control systems that are used in Fast Breeder Reactors to acquire analog/digital signals [like voltage, signal inputs from surface thermocouple, leak detector & limit switches], sends digitized data packets over Ethernet to the nearest Local Control Centre (LCC) and generate control outputs in the form of potential...
Combinatorial testing is an important approach to detecting interaction errors for a system with several parameters. Existing research in this area assumes that all parameters of the system under test are always effective. However, in many realistic applications, there may exist some parameters that can disable other parameters in certain conditions. These parameters are called shielding parameters...
This paper mainly describes an application of fieldbus control system (FCS) in a newly built NSP cement plant based on a concept of totally integrated automation (TIA). The system utilizes Prefabs and Ethernet combined with powerful SIEMENS PCS7 and Cemat software to configure a double-layer network, providing a convenient, advanced and flexible solution to cement automatic production. After describing...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.