The project uses this SDN technology due to its vast number of applications. The administrator to program the network in any way they want can utilize SDN. It can be used to virtualize the network and divide a single network into many virtual networks, thereby isolating various areas in a single network. These individual virtual networks can then be configured by the administrator for any purpose he feels good. SDN comprises of many more advantages and applications that would be discussed in the rest of the project. The aim of this Master’s project is to find various defense mechanisms that can protect a network against most commonly occurring network attacks. Due to the advantages and features discussed above about the SDN, it would
…show more content…
Network Monitoring Tools: A switch has the capability of forwarding the packets to and fro in a network. It can be used to follow a set of rules, however, it cannot be used to analyze a network behavior. In this project, we are detecting an attack on a network by analyzing the behavior of the network. This has to be done by using a network-monitoring tool.
Network monitoring tools are nothing but the tools that keep a tab on each and every packet flowing through a network. By doing this they build a graph that shows the overall statistics of the network. These tools react accordingly based on the given threshold limits by the administrator. Once any of these limits has been crossed, the analyzer sends an alarm, alerting the administrator of the anomaly. There are quite a few network-monitoring tools that can be used for various applications. For this project sFlow is chosen, as it was the best possible choice.
sFlow is an asynchronous sFlow analytics engine that delivers real-time metrics of traffic flow in an SDN stack. It also enables other performance aware SDN applications such as Load-Balancing and DDoS mitigation …show more content…
The advantages include:
• The usage of sFlow effectively detects the malicious traffic compared to other network monitoring tools. It uses comparatively less amount of system resources.
• sFlow can monitor tens of thousands of switch ports simultaneously.
• Links of up to 10Gbps can be monitored through sFlow.
• The controller can uniformly distribute the flow rules.
C. Mininet – Network Emulator: Mininet [4] is a network emulator that runs a collection of switches, routers and end-systems on a single Linux kernel. This software works as a standalone Operating System just like a real machine. User can SSH into it and run different programs that can send and receive packets like a real Ethernet interface. Mininet allows the user to create network topologies consisting of hosts and switches that can communicate with remote controller, thus making it an SDN environment. A user can easily interact with the network, customize it, share it with others and deploy it on a real hardware.
Some of the advantages of Mininet are:
• Ease of creating a network topology
• Fast and efficient
• Run real programs
• Customize packet forwarding
• Runs on any platform (Virtual or Native
Network Monitoring Tools: A switch has the capability of forwarding the packets to and fro in a network. It can be used to follow a set of rules, however, it cannot be used to analyze a network behavior. In this project, we are detecting an attack on a network by analyzing the behavior of the network. This has to be done by using a network-monitoring tool.
Network monitoring tools are nothing but the tools that keep a tab on each and every packet flowing through a network. By doing this they build a graph that shows the overall statistics of the network. These tools react accordingly based on the given threshold limits by the administrator. Once any of these limits has been crossed, the analyzer sends an alarm, alerting the administrator of the anomaly. There are quite a few network-monitoring tools that can be used for various applications. For this project sFlow is chosen, as it was the best possible choice.
sFlow is an asynchronous sFlow analytics engine that delivers real-time metrics of traffic flow in an SDN stack. It also enables other performance aware SDN applications such as Load-Balancing and DDoS mitigation …show more content…
The advantages include:
• The usage of sFlow effectively detects the malicious traffic compared to other network monitoring tools. It uses comparatively less amount of system resources.
• sFlow can monitor tens of thousands of switch ports simultaneously.
• Links of up to 10Gbps can be monitored through sFlow.
• The controller can uniformly distribute the flow rules.
C. Mininet – Network Emulator: Mininet [4] is a network emulator that runs a collection of switches, routers and end-systems on a single Linux kernel. This software works as a standalone Operating System just like a real machine. User can SSH into it and run different programs that can send and receive packets like a real Ethernet interface. Mininet allows the user to create network topologies consisting of hosts and switches that can communicate with remote controller, thus making it an SDN environment. A user can easily interact with the network, customize it, share it with others and deploy it on a real hardware.
Some of the advantages of Mininet are:
• Ease of creating a network topology
• Fast and efficient
• Run real programs
• Customize packet forwarding
• Runs on any platform (Virtual or Native