Use of Software-defined Networking Model to Improve Security in Mipv6
Abstract
As networks grow in size, they become complex in design, and security. Management also
becomes more pronounced. Over the years, such networks have evolved from traditional
networks to those that can be smartly controlled through programmability. Traditional
networks experience many security threats such as Sniffing and Distributed Denial of Service
(DDoS). Specifically, these attacks are common in mobile networks such as Mobile IP version
6 (MIPV6). The study, therefore, sought to find out how Software-Defined Networking (SDN)
model could be used to contain the security threats in the MIPV6 environment. In this research
three interrelated perspectives were supported in the use of the software-defined networking
model to contain the two security threats in MIPV6: the software-defined networking model
perspective (which dealt with how wireless networking components are programmed and
coordinated to achieve synchronicity in managing network resources); device mobility
perspective (which looked at how the wireless network components such as laptops, tablets,
iPads, and mobile phones move from one access point to the next as they acquire and re-acquire
IP addresses); and traditional network model perspective (which dealt with the fact that the
wireless network devices are managed independently without any programmability or central
coordinating components). The three perspectives enabled testing of the hypotheses. Lab
experimental design was adopted for the research. The results showed that sniffing and DDoS
attacks could be contained through the use of a Software-Defined Networking model. It was
observed that in traditional models where there were no Software-Defined Networking
controllers, such networks were prone to sniffing and DDoS attacks. The finding agreed with
the hypothesis that traditional network models could be compromised by both the DDoS and
sniffing attacks as in the case of MIPV6. In the event of an attack, the SDN controller could
disable the compromised components of the network. Hence saving the network from more
negative effects. Further, the use of both the control plane and the data plane to segregate
network data routing functions from routing decisions also made the SDN a better model for
containing security challenges in MIPV6. The study found out that many of the security issues
related to SDN networks were similar to those experienced in traditional networks. The study
noted that the use of the SDN model had far-reaching benefits in improving network security
as compared to the legacy or traditional models. The SDN approach enabled coordinated
monitoring and management of forwarding policies among distributed network components,
resulting in a more flexible management process. The study validated that separation of the
control and data planes in the software-defined networking model enabled multi-tenancy and
programmability in networks and introduced centralized management into the MIPV6 network
architecture. The finding of the study would be helpful in the formulation of policies around
network security measures not only in wireless topologies, but also in wired and hybrid
topologies.
Publisher
university of nairobi
Rights
Attribution-NonCommercial-NoDerivs 3.0 United StatesUsage Rights
http://creativecommons.org/licenses/by-nc-nd/3.0/us/Collections
The following license files are associated with this item: