Use of Software-defined Networking Model to Improve Security in Mipv6

Abstract

As networks grow in size, they become complex in design, and security. Management also becomes more pronounced. Over the years, such networks have evolved from traditional networks to those that can be smartly controlled through programmability. Traditional networks experience many security threats such as Sniffing and Distributed Denial of Service (DDoS). Specifically, these attacks are common in mobile networks such as Mobile IP version 6 (MIPV6). The study, therefore, sought to find out how Software-Defined Networking (SDN) model could be used to contain the security threats in the MIPV6 environment. In this research three interrelated perspectives were supported in the use of the software-defined networking model to contain the two security threats in MIPV6: the software-defined networking model perspective (which dealt with how wireless networking components are programmed and coordinated to achieve synchronicity in managing network resources); device mobility perspective (which looked at how the wireless network components such as laptops, tablets, iPads, and mobile phones move from one access point to the next as they acquire and re-acquire IP addresses); and traditional network model perspective (which dealt with the fact that the wireless network devices are managed independently without any programmability or central coordinating components). The three perspectives enabled testing of the hypotheses. Lab experimental design was adopted for the research. The results showed that sniffing and DDoS attacks could be contained through the use of a Software-Defined Networking model. It was observed that in traditional models where there were no Software-Defined Networking controllers, such networks were prone to sniffing and DDoS attacks. The finding agreed with the hypothesis that traditional network models could be compromised by both the DDoS and sniffing attacks as in the case of MIPV6. In the event of an attack, the SDN controller could disable the compromised components of the network. Hence saving the network from more negative effects. Further, the use of both the control plane and the data plane to segregate network data routing functions from routing decisions also made the SDN a better model for containing security challenges in MIPV6. The study found out that many of the security issues related to SDN networks were similar to those experienced in traditional networks. The study noted that the use of the SDN model had far-reaching benefits in improving network security as compared to the legacy or traditional models. The SDN approach enabled coordinated monitoring and management of forwarding policies among distributed network components, resulting in a more flexible management process. The study validated that separation of the control and data planes in the software-defined networking model enabled multi-tenancy and programmability in networks and introduced centralized management into the MIPV6 network architecture. The finding of the study would be helpful in the formulation of policies around network security measures not only in wireless topologies, but also in wired and hybrid topologies.