Although OpenFlow network protocol is a promising network approach with many advantages compared to traditional network approaches, it still suffers from network attacks. In this paper, we propose a novel architecture for an OpenFlow-based switch with associated multiple network security techniques, so-called Secured-OFS. The proposed Secured-OFS can not only function as a switch following the OpenFlow protocol but also help protect a network against many attack types. We implement the first FPGA-based prototype version of our proposed Secured-OFS using a Xilinx Virtex 5 xc5vtx240t device. In this first prototype version, we integrate two different DDoS defense techniques, Hop-Count Filtering and Port Ingress/Egress Filtering. The experimental results show that the switch not only fulfills the OpenFlow protocol but also be able to defense against DDoS attacks. The system achieves a maximum throughput at 19.729 Gbps while a 100% DDoS attack detection rate is obtained.
CITATION STYLE
Ho, B., Nguyen, Q., Pham-Quoc, C., & Thinh, T. N. (2017). Secured-OFS: A novel OpenFlow switch architecture with integrated security functions. In Advances in Intelligent Systems and Computing (Vol. 538 AISC, pp. 530–540). Springer Verlag. https://doi.org/10.1007/978-3-319-49073-1_57
Mendeley helps you to discover research relevant for your work.