Secure Network Monitoring using Software Defined Networking (SDN) with Ryu Controller

  • Elizabeth A Amusan Department of Cyber Security Science, Ladoke Akintola University of Technology
  • Oluwaseun Alade
  • John Alabi
Keywords: Cybersecurity, Network Monitoring, Ryu Controller, Software Defined Networking (SDN)

Abstract

Secure network monitoring is critical for detecting and combating threats in real-time especially in today's fast changing cybersecurity terrain. Software defined network (SDN) is an approach to network management that provides visibility, programmability and flexibility.  In this work, the implementation of secure network monitoring using the Ryu Controller within a simulated environment created with Mininet on Ubuntu was investigated. Specifically, Mininet was used to set-up a star topology which consists of 8 hosts (h1–h8), including 3 server hosts (h1–h3) and 5 client hosts (h4–h8), along with 1 switch (s1) and a controller. A stateful firewall security measure was implemented leveraging the Ryu Controller's centralized control and programmability. The proposed firewall was evaluated using functional testing such as traffic blocking, malicious packet detection and NAT handling. This work significantly improves resilience against volumetric Denial-of-Service (DoS) attacks through even distribution of traffic across network hosts and disallowing unauthorized communications. Experimental results show the effectiveness of SDN-based monitoring in sustaining network availability and continued service. By adopting SDN technologies, the cybersecurity posture of institutions and organizations can be enhanced by improving their threat detection and incidence response capabilities thereby mitigating the risks associated with modern cyber threats and network vulnerabilities. This approach offers valuable insights for future network monitoring and management and future work may explore the integration of advanced machine learning (CTI Analysis) to further enhance network performance.

References

Ahmad A.A., Boukari S., Bello A.M., Madu M. and Gimba S. (2021): A Review on Software Defined Network (SDN) Based Network Security Enhancements. Journal of Software Engineering and Simulation Volume 7, Issue 9 (2021) pp: 01-08.

Aladaileh, M.A.; Anbar, M.; Hasbullah, I.H.; Chong, Y.W.; Sanjalawe, Y.K. (2020): Detection Techniques of Distributed Denial of Service Attacks on Software-Defined Networking Controller—A Review. IEEE Access 2020, 8, 143985–143995.

Alaoui R.M., Claver N.P., Aissata C., Samake M. and Bahnasse A. (2021): Use cases of SDN for network security. Turkish Online Journal of Qualitative Inquiry (TOJQI) Volume 12, Issue 7, July 2021 : 7589 – 7594.

Bhardwaj, S. and Panda, S.N. (2022): Performance Evaluation Using RYU SDN Controller in Software-Defined Networking Environment. Wireless Personal Comm. 122, 701–723 (2022). https://doi.org/10.1007/s11277-021-08920-3

Benzaïd, C.; Boukhalfa, M.; Taleb, T. Robust Self-Protection Against Application-Layer (D)DoS Attacks in SDN Environment (2020): In Proceedings of the 2020 IEEE Wireless Communications and Networking Conference (WCNC), Seoul, Korea, 25–28 May 2020; IEEE: Piscataway, NJ, USA, 2020; pp. 1–6.

Celesova, B.; Val’ko, J.; Grezo, R.; Helebrandt, P. Enhancing security of SDN focusing on control plane and data plane. In Proceedings of the 2019 7th International Symposium on Digital Forensics and Security (ISDFS), Barcelos, Portugal, 10–12 June 2019; IEEE: Piscataway, NJ, USA, 2019; pp. 1–6.

Deepa, V.; Sudar, K.M.; Deepalakshmi, P. (2018): Detection of DDoS attack on SDN control plane using Hybrid Machine Learning Techniques. In Proceedings of the 2018 International Conference on Smart Systems and Inventive Technology (ICSSIT), Tirunelveli, India, 13–14 December 2018; IEEE: Piscataway, NJ, USA, 2018; pp. 299–303.

Hameed, S.; Ahmed Khan, H. SDN based collaborative scheme for mitigation of DDoS attacks. Future Internet 2018, 10, 23.

Iqbal M., Iqbal F., Mohsin F., Rizwan M. and Ahmad F. (2019): Security Issues in Software Defined Networking (SDN): Risks, Challenges and Potential Solutions. International Journal of Advanced Computer Science and Applications (IJACSA), Vol. 10, No. 10, pp. 298-303.

Mininet: An Instant Virtual Network on Your Laptop (or Other PC)—Mininet. Available online: http://mininet.org/ (last accessed on 20 February, 2024).

Omran M. A. Alssaheli, Z. Zainal Abidin, N. A. Zakaria, Z. Abal Abas (2021): Implementation of Network Traffic Monitoring using Software Defined Networking Ryu Controller. WSEAS TRANSACTIONS on SYSTEMS and CONTROL DOI: 10.37394/23203.2021.16.23

Queiroz W., Capretz M. and Dantas M. (2019): An approach for SDN traffic monitoring based on big data techniques. Journal of Network and Computer Applications 131 (2019), pp. 28-39.

Novaes, M.P.; Carvalho, L.F.; Lloret, J.; Proença, M.L.(2021): Adversarial Deep Learning approach detection and defense against DDoS attacks in SDN environments. Future Gener. Comput. Syst. 2021, 125, 156–167.

Priya, P.M.; Manjula, K.R. (2019): Cog-SDN: Mitigation Mechanism for Distributed Denial of Service Attacks in Software Defined Networks. In Proceedings of the International Conference on Applications and Techniques in Information Security, Tamil Nadu, India, 22–24 November 2019; Springer: Singapore, 2019; pp. 202–215.

Rahouti M., Xiong K. and Xin Y. (2021): Secure Software-Defined Networking Communication Systems for Smart Cities: Current Status, Challenges, and Trends. IEEE Access. Digital Object Identifier 10.1109/ACCESS.2020.3047996. Vol. 9, 2021, pp. 12083-12113.

Suartana M. and Putra R.E. (2022): Software-Defined Networking (SDN) Traffic Analysis Using Big Data Analytic Approach.

Urrea C. and Benítez D. (2021): Software-Defined Networking Solutions, Architecture and Controllers for the Industrial Internet of Things: A Review. Sensors 2021, 21(19), 6585; https://doi.org/10.3390/s21196585.

Xabier Etxezarreta, Iñaki Garitano, Mikel Iturbe and Urko Zurutuza (2023): Software-Defined Networking approaches for intrusion response in Industrial Control Systems: A survey. International Journal of Critical Infrastructure Protection 42(2023), 100615, pp. 1-17.

Published
2024-07-01