SlideShare a Scribd company logo

An Analysis on Software Defined Wireless Network using Stride Model

IRJET Journal
IRJET Journal

This document analyzes the security of two software defined wireless network monitoring tools, sFlow and FlowVisor, using the STRIDE threat model. It finds that sFlow requires secure external deployment and storage of flow data to ensure security, while FlowVisor has built-in access control but isolated flows still require additional security. A comparison shows sFlow is open-source while FlowVisor provides network virtualization, and both could benefit from further vulnerability mitigation. The STRIDE analysis identifies threats including spoofing, tampering, denial of service, and privilege escalation that must be addressed for these tools to securely monitor software defined wireless networks.

1 of 6

Download presentation

Your download has started
Download to read offline
1
International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 04 Issue: 08 | Aug -2017 www.irjet.net p-ISSN: 2395-0072 © 2017, IRJET | Impact Factor value: 5.181 | ISO 9001:2008 Certified Journal | Page 1008 An Analysis on Software Defined Wireless Network Using STRIDE Model Arockia Panimalar.S 1, Nishanth.R2, Sathish.G3, Manikandan.G4 1 Assistant Professor, Department of BCA & M.Sc SS, Sri Krishna Arts and Science College, Coimbatore, India 2,3,4 III BCA, Department of BCA & M.Sc SS, Sri Krishna Arts and Science College, Coimbatore, India ---------------------------------------------------------------------***--------------------------------------------------------------------- Abstract - The present mobile and remote system are becoming quicker in size and complex to quantify the administrations. Security is a standout amongst the most essential angles for such complex system and should be checked appropriately to give early identification of security ruptures and Denial of Service assault. Tools that measure such detection of network threats and monitors network services requires interior security in their own particular component. This paper examines two of such checking and estimation apparatuses: sFlow and FlowVisor for hidden Software Defined Wireless Networking (SDWN) condition by applying STRIDE threat model. This analytical study represents that, sFlow requires an externalsecure deployment environment to ensure security in data flow and datastorefor SDWN. FlowVisor accompanies secured get to control in information store wherein separated stream cut requires instrument that enhance its security. Key Words: Software Defined Wireless Networking (SDWN), STRIDE, OpenFlow, sFlow, FlowVisor 1. INTRODUCTION Wireless Networking turns into the most versatile innovation for adaptability and portability inhumanlife. For the most recent couple of years, Software Defined Wireless Networking (SDWN), a branch of Software DefinedNetwork (SDN) has been a key research innovation to dissect and legitimate administration of the thickly populated cellular network [1] [2]. Programming DefinedWirelessNetworking (SDWN) guarantees straightforward and adaptable system design and successful portability administration of the IP networks. The Software Defined Wireless Networking (SDWN) automatically concentrates and isolates the control plane (otherwise knownas. Network OS)fromthedata plane (otherwise known as Forwarding plane). A regular engineering of SDN is delineated in Fig. 1. The southbound interface is a medium between the control plane and data plane while northbound is layer between application plane and control plane. The southbound interface prepares the controllers to gather data about Mobile Nodes (MNs) and transmits and gets bundles to and from MNs utilizing SDWN components [3]. To guarantee qulaity of service in SDWN and persistent network services, operators need to monitor the network and do legitimate service measurements from time to time. Such observing will help in in analyzing network parameters,i.e.throughput,roundtriptransmission time, data transfer capacity in the remote connection, mobility frequency and preparing a real-time view of the network service standard on industry level. For such analysis, observing and estimation, different open source and business innovation and instruments are accessible for SDWN including sFlow [4], FlowVisor [5], BigSwitch [6], BigTap [7], SevOne [8] and so on. These tools provide the operator with capabilities to perform troublesome network activities and even monitor, detect and indicate security attack in progress on a certain network entity. Fig 1: SDN Architecture with Control and Data Plane Beforehand a few research works isperformedondissecting the security of OpenFlow-based SDN environment. Analysis on 4D, PCE and SANE-based SDN architectures is performed in paper [9], security use of SDN is completely investigated and assessed in [10]. First, sFlow was represented as an effective andscalablevulnerabilitymitigationmechanismfor SDN [11]. FlowVisor turned a better solution for network virtualization [12] and powerlessness answer for flow isolation is proposed and assessed nearby [13]. Among the tools that screen and measure the SDN, a comparative study between sFlow (Open-Source) and BigTap (commercial) is illustrated in paper [14]. Be that as it may,a securityandrisk
2
International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 04 Issue: 08 | Aug -2017 www.irjet.net p-ISSN: 2395-0072 © 2017, IRJET | Impact Factor value: 5.181 | ISO 9001:2008 Certified Journal | Page 1009 characterized ponder in SDWN monitoring and measurement tools, thosefocusesonOpen-Flowflow entries and communication among multiple controllers in wireless platform, is the primary goal of this perspective study. Consequently, sFlow and FlowVisor are decided for above stream conditions. The structure of this paper is as per the following. In Section II, the STRIDE and Data Flow approach is portrayed. In Section III and IV, security and threat risks of sFlow and FlowVisor are broke down. Segment V represents a comparative report between the two monitoring tools and along these lines closing the paper in Section VI with future prospects of this study outcome. 2. METHODS FOR IMPLEMENTING SDN Several approaches are available for implementing SDN concept including OpenFlow that separates the control and forwarding plane in the network architecture. SDN approaches were generalized using a concept of OpenFlow and were introduced in mid-1990s. A. OpenFlow According to OpenFlow specification in [15], any OpenFlow switch holds flow entries that contain incoming packet header information, packet handling action for matched packet entries in the list and statistics of number of bytes, packets in a particular flow and time since last pass. Packets as arrive at any OpenFlow switches, it executes the packet header information and try matching the existing flow entries. When the information does not match any of the flow tables, switch then pass the packet to the controller to take action and update the flow entries accordingly with required information of the packet. Whenit’sa match switch performs and forwards the packet to its next destination on the basis of routing flow table information in it. B. Software Defined Wireless Network As SDN brings more advantage in connecting into the internet, Software Defined Wireless Network (SDWN) has got much importance and emerging research field with attention. SDWN isorientedtowardsthemobileand wireless network devices and aims at the research and study of crucial technologies for the future mobile and wireless network. This SDWN architecture is composed of both North-South and East-West network dimensionwhereEast- West operates for wireless and mobile devices using intercontroller protocols such as Border Gateway Protocol (BGP) [16]. Hence, security of the underlying network depends on the secured flow information and control plane. Tools that monitor and measure and flows between SDWN entities, therefore, requires security from external access and service oriented attacks. This study is concerned about sFlow and FlowVisor as one of these tools. C. Threat Modelling and STRIDE Threat Modelling used to refer to analyzing any software or system or organizational network. Threat Modeling encompasses a wide variety of activities in the elicitations and analysis of securitymechanismsindeployeddesigns and network [17]. Some of the mostly applied models include DREAD [18], Octave [19], STRIDE [20], Generic Risk Model, Guerilla Threat Modelling, Process forAttack Simulationand Threat Analysis (PASTA), Trike etc [21]. DREAD provides threat identification rate as SQL injections and provides the subjective assessments by the threat reporter.Octave model is best suited for complex and larger system where STRIDE focuses on network based application and systems. Trike helps security auditing process with distinct risk-based implementation than others, however, is yet in experimentation stage and lacks proper documentationand support. PASTA includes risk management steps in the final stage of the process and is not limited to a specific risk calculation formula [22]. Thereby, introduced by Microsoft, STRIDE model method is used to identify and evaluate the security threats on OpenFlow based SDWN network measurement and monitoring tools: sFlow and FlowVisor. STRIDE threat model reveals if a system or software in concern is vulnerable to Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service (DoS) and Elevation of Privilege threat [20]. EachoftheSTRIDE threats can be mapped to one security property as shownin Table 1. and described in the following: a)Spoofing: In spoofing malicious user or program masquerades gain illegal access in privileged data by falsifying user information. b)Tampering: Data tampering involves malicious modification of information and resources i.e. alteration of data as it streams between two PCs over an open network called the Internet. c)Repudiation: Repudiation threats are associated with malicious users and masquerades who performs an action and deny without other parties having any way to prove otherwise—for example, an attacker controller performs an illegal operation in a SDN that lacks the ability to trace the prohibited operations. d)Information Disclosure: Thistreatmeanstheillegitimate availability of resourceinformationofthe systemornetwork or software to malicious and unauthorized users or programs. e) Denial of Service: This treat causesserviceunavailability to the authorized legitimate users or programs. f)Elevation of Privilege: In this type of threat, an unprivileged user gains privileged access and thereby has sufficient access tocompromiseordestroytheentiresystem.
3
International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 04 Issue: 08 | Aug -2017 www.irjet.net p-ISSN: 2395-0072 © 2017, IRJET | Impact Factor value: 5.181 | ISO 9001:2008 Certified Journal | Page 1010 This treat can cause penetration of all system or network defense and declares it a trusted system. Table 1 presents the STRIDE threat categorization model, based on the above definitions, which includes the corresponding security property and default controls associated with the threat type. TABLE 1: Threat Categorization, Security Properties and Controls [17] Threat Property Controls Spoofing Authentication Authentication Stores, Strong Authentication mechanisms Tampering Integrity/ Access Controls Crypto Hash, Digital watermark/ isolation and access checks Repudiation Non Repudiation Logging infrastructure, full packet-capture Information Disclosure Confidentiality Encryption or Isolation Denial of Service Availability Redundancy, failover, QoS, Bandwidth throttle Elevation of Privilege Authorization /Least Privilege RBAC, DACL, MAC, Sudo, UAC, Privileged account protections Data Flow Diagrams (DFD) are used to graphically represent any system [17]. DFDs use a standard set of symbols consisting of four elements: data flows, data stores, processes, and interactors [17]. In Table2,DFD elements are identified as a means of eliciting information which can be used to drive STRIDE threat analysis. As illustrated in Table 3, each DFD elements can be vulnerable to one or many STRIDE threats. TABLE 2. DFD elements and their representation [17] Name Representation Definition Data Flow Directed Arrow Data sent among network elements Data Store Parallel Lines Stable Data Process Circle Programs or applications that configures the system Interactors Rectangular Box Endpoints out of system scope to control Trust Boundaries Dotted Line Separation between trusted and untrusted elements of the system TABLE 3. STRIDE Threats per DFD element [17] Threat Data Flow Data Store Process Interactors Spoofing Yes Yes Tampering Yes Yes Yes Repudiation Yes Yes Yes Information Disclosure Yes Yes Yes Denial of Service Yes Yes Yes Elevation of Privilege Yes 3. sFLOW sFlow is an open source sampling technology and traffic measurement and monitoring tool for OpenFlow network [4]. It is a traffic monitoring solution embedded with switch and router of any possible OpenFlow based SDWN. Primary elements of sFlow system consists sFlow agents and sFlow collector, illustrated in Fig. 2. Agent is the software process that is remotely configuredusinga Management Information Base (MIB) within the device. Consolidating the interface counters and flow tests into sFlow datagrams, these datagrams are sent to the sFlow collector installed in the checking host through the SDWN environment utilizing Simple Network Management Protocol (SNMP) [23]. Including sFlow’s own collector sets: sFlow-RT, sFlow- Trend, sflowtool, this sampling tool also support the third party collectors: VitalSuit, Peakflow, Kentik Detect and FlowTraq - those handle more details of sFlow datagrams [4]. Illustration in Fig. 2 represents the Data Flow Diagram (DFD) of sFlow that uncovers the crucial security risk.sFlow doesn’t provide any security mechanism fordata flowrather depends on secure third partymanagement environmentfor sFlow agents. Fig. 2: sFlow Data Flow Diagram
4
International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 04 Issue: 08 | Aug -2017 www.irjet.net p-ISSN: 2395-0072 © 2017, IRJET | Impact Factor value: 5.181 | ISO 9001:2008 Certified Journal | Page 1011 A. Data Flows Data flows are vulnerable to Tampering, Information Disclosure and DoS attack in absence of proper security mechanism. A physical interface of switch, routers is potential data sources in the underlying SDWN. These provides sampled data packet to sFlow agents for measurement. sFlow agents combine packet flow sampling and counter sampling to sFlow datagrams. The sFlow Datagrams are used to immediately forward the sampled traffic statistics being unencrypted to a sFlow Collector for analysis [24]. As collectors can be vendor provided, security of the received datagrams depends on vendor’s will of deployment and how they process the data. Hence, sFlow doesn’t provide any security mechanism. For security reasons SNMPv3 should be used to configureandcontrol the sFlow agents to encrypt and authenticate the datagrams before transmitting to the collector [24]. B. Data Stores According to Table 1 data store are prone to Tampering, Information Disclosure and DoS attack vulnerabilities alike data flows. MIB contains information about sFlow agents, collector ports and even IP addresses. Using SNMP, sFlow agents can be configured through a local Command Line Interface (CLI) or SNMP commands. In order to decline any anonymous actions, switches and routers in the network should have some Access Control (AC) mechanisms, i.e. Discretionary Access Control (DAC), Role-Based Access Control (RBAC) to ensure the interface’s security [14]. In inverse case, if CLI is available from unapproved client, MIB in sFlow is powerless against data Tampering, traffic Information Disclosure and even DoS assault, holds the MIB flow enteries and authority subtle elements open for unapproved get to and considerably aggressor can alter the information. If there should be an occurrence of SNMPv1, SNMPv2 communication with collector is at comparable dangers. C. Interactors sFlow agents performs one-way communication with the sFlow collectors and sends the combination of packet based and time-based sampled traffic data [24].According to Table 1. they are not considered as interactors. D. Processes sFlow agent processes are not accessible through interfaces, therefore the STRIDE method is not applied. The collector should check the time-based counter number of the sFlow datagrams to provide a securitymechanismagainst spoofing attacks [24]. E. Summary Above analysis clarifies that sFlow requires a third party deployment environment for security needs. However, ensuring the Transport Layer Security (TLS) among sFlow agents and collector, sFlow itself can emerge as a secured SDWN monitoring and measurement tool for wireless and Table 4 shows the probable vulnerabilities of sFlow agents. Adapting an access control mechanism can eliminate the security risks to a certain level of tampering and MIB information disclosure. TABLE 4. sFlow Vulnerabilities Threat Data Flow Data Store Solution Tampering Yes Yes ACL/RBAC/DAC for CLI, NPMv3, TLS Information Disclosure Yes Yes TLS Denial of Services(DoS) Yes Yes AC in CLI for MIB Security, TLS 4. FLOWVISOR FlowVisor is an OpenFlow controller works as a proxy in between the OpenFlow switches and several multiple OpenFlow controllers, allowing visualization of OpenFlow physical infrastructure into different virtual networks [5]. Using OpenFlow protocol, FlowVisor controls underlying network, dividing the resources into slices isolated from each other. And delegates control of each slice to a different controller [5]. FlowVisor provides isolationfortopology and addressing space. FlowVisor is architecturally a neutral transparent proxy and makes no assumption about the functions and operations of the switches and controllers. FlowVisor sits between each of the controllers and switches making sure that the guest controller has full accessibility of the switches maintaining the flows that define the corresponding slice. The DFD in Fig. 3 represents data flow between OpenFlow enabled switches and controllerswhere messages are intercepted through FlowVisor. Fig. 3: FlowVisor Data Flow Diagram
5
International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 04 Issue: 08 | Aug -2017 www.irjet.net p-ISSN: 2395-0072 © 2017, IRJET | Impact Factor value: 5.181 | ISO 9001:2008 Certified Journal | Page 1012 FlowVisor partitions the base transmission transfer speed for each slice doling out particular data rate to a set of flows from that slice. FlowVisor screens each flow-entry for each guest controller and portions the flow table among the switches. Switches are arranged by the resource allocation and directing approaches cuts of the FlowVisor controller. Slices are isolated and have their own ‘flowspace’ or set of region of data flows. These isolated slices can be broken allowing different attacks. A. Data Flows FlowVisor adopts slicing policies for each guest controller. Activity sent from the production network and guest controllers if matches the sending enteries in the FlowVisor are sliced for relevant switches as per 'flowspace'. Diverse slices having adaptable and distinctive flow policies are emphatically separated. Any traffic that does not coordinate the current sending enteries are sent to the production controller for inclusion. Production controller subsequently revises the relevant slice. Assault on slice policy reworks from assaulting entity can make vulnerabilities such system with FlowVisor. Assuming, in this manner, data is sent from an aggressor, the controller can't identifyasa resultofpolicy revise and causes altering of flow rules and the system data and even DoS dangers. B. Data Stores The switch arrangement is put away in the flow enteries of the cuts by the respective guest controllers. This permits data movement validation to flow between the controllers and switches inside the wireless OpenFlow network even under portability circumstances. This mechanism ensures that data is secured against Tampering, Information Disclosure and Spoofing threats. C. Interactors FlowVisor’s Command Line Interface (CLI) provides control access to users for data and slice configuration. CLI uses user-authentication in terms of username, host name and port number on accessing the interface and slices and therefore securefromSpoofing,Tampering,Repudiation and Elevation of Privilege threats. D. Processes Slice processes are owned by the admin and groups of the network operators and thereby Spoofing, Repudiation, DoS and tampering threats are unable to make the network vulnerable in FlowVisor’s process. E. Summary FlowVisor is open source to access controller’s processes, data flow and action support forslices.Althoughthistool has separate production controllerandisolated slicestoperform the flow independently against any attacking entity, FlowVisor is vulnerable to different threats at different flow status described in Table 5. TABLE 5: FlowVisor Vulnerabilities Threat Data Flow Solution Tampering Yes TLS Information Disclosure Yes TLS Denial of Services (DoS) Yes Access Control in CLI for policy rewrite, TLS Adjusting Transport Layer Security can safeguard the arrangement revise production controller for unmatched packets where virtual controllercan'tchangetheMACandIP address for the packets uninhibitedly. 5. COMPARISON BETWEEN sFLOW AND FLOWVISOR sFlow and FlowVisor both provide different network monitoring and measurement functionalities. The comparative threat model analysis of them is illustrated in Table 6. Above investigation holds sFlow giving no security in data flow and data store in DFD wherein FlowVisor acquires security threat vulnerabilities in disengaged cuts. This makes FlowVisor defenseless against Spoofing, Tampering and Information disclosure, even postponement and Denial of Service dangers in data flow. However, FlowVisor guarantees security of switch information put away in its own controller where sFlow relies upon external secure environment to guarantee security in MIB data storage and flow entry information. This makes sFlow helpless against spoofing, DoS and information divulgence risk as switching operators send decoded datagrams to the collector. Utilizing Transport LayerSecurity(TLS)insending the datagrams to the collectors can take out information exposure threatswhereintamperingcanbehandledutilizing access control mechanism in CLI, agent arranging SNMPv3 protocols. FlowVisor includes access control in CLI for slice information whichprotectsitfromspoofing,repudiation and elevation of privilege attacks fromanykindof malicioususer or masquerades. TABLE 6: Comparison of FlowVisor and sFlow tools Threat Data Flow Data Store Tampering FlowVisor, sFlow sFlow Information Disclosure FlowVisor, sFlow sFlow Denial of Services (DoS) FlowVisor, sFlow sFlow
6
International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 04 Issue: 08 | Aug -2017 www.irjet.net p-ISSN: 2395-0072 © 2017, IRJET | Impact Factor value: 5.181 | ISO 9001:2008 Certified Journal | Page 1013 6. CONCLUSION In this paper, an analysis on wireless SDN monitoring tools, sFlow and FlowVisor, in terms of STRIDE security threat model where both has different functionalities and vulnerabilities in handling data traffic flows and network entities. This analysis will provide suggestions in handling the above mentioned security threats in SDWN using existing well-to-do mechanisms. These study fall in the category of security-centric SDWN and will be viable in doing research on OrchSec wireless architecture [25]. 7. FUTURE ENHANCEMENT The future prospects of this SDWN securityanalysis will lead to persistent research on assessment of SDWN appliance in data center, cognitive networks and mobile communication. As future work, the researchers would plan to study FlowVisor topology isolation mechanism and queue-based bandwidth isolation mechanism in securing the underlying SDWN network. Prototyping the network in real timeSDWN network devices and environment will be interesting and a big challenge ahead. 8. REFERENCES [1] Bernardos et al., "An architecture for software defined wireless networking". [2] M. R. Sama, L. M. Contreras, J. Kaippallimalil, I. Akiyoshi, H. Qian, and H. Ni, "Software-defined control of the virtualized mobile packet core," IEEE Communications Magazine, vol. 53, no. 2, pp. 107–115, Feb. 2015. [3] Y. Wang, J. Bi, and K. Zhang, "Design and implementation of a software-defined mobility architectureforIPnetworks," Mobile Networks and Applications. [4]sFlow, "Making the network visible," 2003. [Online]. Available: http://www.sflow.org/. [5]"FlowVisor,".[Online].Available:https://openflow.stanford . edu/display/DOCS/Flowvisor. [6]T. Turner, "Big switch networks, Inc," Big Switch Networks,2014.http://www.bigswitch. com/ [7]BigSwitch Networks, "Big tap monitoring fabric," Big Switch Networks, 2014. [Online]. Available: http://www. bigswitch .com/topics/big-tap-monitoring-fabric. [8] S. Inc, "SevOne: The digital infrastructure management company". [Online]. Available: https://www.sevone.com/. [9]P. Dauer, R. Khondoker, R.Marx,andK.Bayarou,"Security analysis of software defined networking applications for monitoring and measurement. [10]N. A. Jagadeesan and B. Krishnamachari, "Software- defined networking paradigms in wireless networks: A survey. [11]A. Shostack, "ExperiencesThreatModelingatMicrosoft", [Online]. http://ceur-ws.org/Vol-413/ paper12. pdf. [12]Shawn Hernan and Scott Lambert and Tomasz Ostwald and Adam Shostack, Uncover Security Design Flaws Using The STRIDE Approach. [13]sFlow.org, sFlow Version 5 Specification, [Online]. Available: http://www.sflow.org/sflow_version_5.txt. [14]A. Zaalouk and R. Khondoker and R. Marx and K Bayarou, “OrchSec: An Orchestrator-Based Architecture for Enhancing Network-Security UsingNetwork Monitoringand SDN Control Functions”
International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 04 Issue: 08 | Aug -2017 www.irjet.net p-ISSN: 2395-0072 © 2017, IRJET | Impact Factor value: 5.181 | ISO 9001:2008 Certified Journal | Page 1008 An Analysis on Software Defined Wireless Network Using STRIDE Model Arockia Panimalar.S 1, Nishanth.R2, Sathish.G3, Manikandan.G4 1 Assistant Professor, Department of BCA & M.Sc SS, Sri Krishna Arts and Science College, Coimbatore, India 2,3,4 III BCA, Department of BCA & M.Sc SS, Sri Krishna Arts and Science College, Coimbatore, India ---------------------------------------------------------------------***--------------------------------------------------------------------- Abstract - The present mobile and remote system are becoming quicker in size and complex to quantify the administrations. Security is a standout amongst the most essential angles for such complex system and should be checked appropriately to give early identification of security ruptures and Denial of Service assault. Tools that measure such detection of network threats and monitors network services requires interior security in their own particular component. This paper examines two of such checking and estimation apparatuses: sFlow and FlowVisor for hidden Software Defined Wireless Networking (SDWN) condition by applying STRIDE threat model. This analytical study represents that, sFlow requires an externalsecure deployment environment to ensure security in data flow and datastorefor SDWN. FlowVisor accompanies secured get to control in information store wherein separated stream cut requires instrument that enhance its security. Key Words: Software Defined Wireless Networking (SDWN), STRIDE, OpenFlow, sFlow, FlowVisor 1. INTRODUCTION Wireless Networking turns into the most versatile innovation for adaptability and portability inhumanlife. For the most recent couple of years, Software Defined Wireless Networking (SDWN), a branch of Software DefinedNetwork (SDN) has been a key research innovation to dissect and legitimate administration of the thickly populated cellular network [1] [2]. Programming DefinedWirelessNetworking (SDWN) guarantees straightforward and adaptable system design and successful portability administration of the IP networks. The Software Defined Wireless Networking (SDWN) automatically concentrates and isolates the control plane (otherwise knownas. Network OS)fromthedata plane (otherwise known as Forwarding plane). A regular engineering of SDN is delineated in Fig. 1. The southbound interface is a medium between the control plane and data plane while northbound is layer between application plane and control plane. The southbound interface prepares the controllers to gather data about Mobile Nodes (MNs) and transmits and gets bundles to and from MNs utilizing SDWN components [3]. To guarantee qulaity of service in SDWN and persistent network services, operators need to monitor the network and do legitimate service measurements from time to time. Such observing will help in in analyzing network parameters,i.e.throughput,roundtriptransmission time, data transfer capacity in the remote connection, mobility frequency and preparing a real-time view of the network service standard on industry level. For such analysis, observing and estimation, different open source and business innovation and instruments are accessible for SDWN including sFlow [4], FlowVisor [5], BigSwitch [6], BigTap [7], SevOne [8] and so on. These tools provide the operator with capabilities to perform troublesome network activities and even monitor, detect and indicate security attack in progress on a certain network entity. Fig 1: SDN Architecture with Control and Data Plane Beforehand a few research works isperformedondissecting the security of OpenFlow-based SDN environment. Analysis on 4D, PCE and SANE-based SDN architectures is performed in paper [9], security use of SDN is completely investigated and assessed in [10]. First, sFlow was represented as an effective andscalablevulnerabilitymitigationmechanismfor SDN [11]. FlowVisor turned a better solution for network virtualization [12] and powerlessness answer for flow isolation is proposed and assessed nearby [13]. Among the tools that screen and measure the SDN, a comparative study between sFlow (Open-Source) and BigTap (commercial) is illustrated in paper [14]. Be that as it may,a securityandrisk
International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 04 Issue: 08 | Aug -2017 www.irjet.net p-ISSN: 2395-0072 © 2017, IRJET | Impact Factor value: 5.181 | ISO 9001:2008 Certified Journal | Page 1009 characterized ponder in SDWN monitoring and measurement tools, thosefocusesonOpen-Flowflow entries and communication among multiple controllers in wireless platform, is the primary goal of this perspective study. Consequently, sFlow and FlowVisor are decided for above stream conditions. The structure of this paper is as per the following. In Section II, the STRIDE and Data Flow approach is portrayed. In Section III and IV, security and threat risks of sFlow and FlowVisor are broke down. Segment V represents a comparative report between the two monitoring tools and along these lines closing the paper in Section VI with future prospects of this study outcome. 2. METHODS FOR IMPLEMENTING SDN Several approaches are available for implementing SDN concept including OpenFlow that separates the control and forwarding plane in the network architecture. SDN approaches were generalized using a concept of OpenFlow and were introduced in mid-1990s. A. OpenFlow According to OpenFlow specification in [15], any OpenFlow switch holds flow entries that contain incoming packet header information, packet handling action for matched packet entries in the list and statistics of number of bytes, packets in a particular flow and time since last pass. Packets as arrive at any OpenFlow switches, it executes the packet header information and try matching the existing flow entries. When the information does not match any of the flow tables, switch then pass the packet to the controller to take action and update the flow entries accordingly with required information of the packet. Whenit’sa match switch performs and forwards the packet to its next destination on the basis of routing flow table information in it. B. Software Defined Wireless Network As SDN brings more advantage in connecting into the internet, Software Defined Wireless Network (SDWN) has got much importance and emerging research field with attention. SDWN isorientedtowardsthemobileand wireless network devices and aims at the research and study of crucial technologies for the future mobile and wireless network. This SDWN architecture is composed of both North-South and East-West network dimensionwhereEast- West operates for wireless and mobile devices using intercontroller protocols such as Border Gateway Protocol (BGP) [16]. Hence, security of the underlying network depends on the secured flow information and control plane. Tools that monitor and measure and flows between SDWN entities, therefore, requires security from external access and service oriented attacks. This study is concerned about sFlow and FlowVisor as one of these tools. C. Threat Modelling and STRIDE Threat Modelling used to refer to analyzing any software or system or organizational network. Threat Modeling encompasses a wide variety of activities in the elicitations and analysis of securitymechanismsindeployeddesigns and network [17]. Some of the mostly applied models include DREAD [18], Octave [19], STRIDE [20], Generic Risk Model, Guerilla Threat Modelling, Process forAttack Simulationand Threat Analysis (PASTA), Trike etc [21]. DREAD provides threat identification rate as SQL injections and provides the subjective assessments by the threat reporter.Octave model is best suited for complex and larger system where STRIDE focuses on network based application and systems. Trike helps security auditing process with distinct risk-based implementation than others, however, is yet in experimentation stage and lacks proper documentationand support. PASTA includes risk management steps in the final stage of the process and is not limited to a specific risk calculation formula [22]. Thereby, introduced by Microsoft, STRIDE model method is used to identify and evaluate the security threats on OpenFlow based SDWN network measurement and monitoring tools: sFlow and FlowVisor. STRIDE threat model reveals if a system or software in concern is vulnerable to Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service (DoS) and Elevation of Privilege threat [20]. EachoftheSTRIDE threats can be mapped to one security property as shownin Table 1. and described in the following: a)Spoofing: In spoofing malicious user or program masquerades gain illegal access in privileged data by falsifying user information. b)Tampering: Data tampering involves malicious modification of information and resources i.e. alteration of data as it streams between two PCs over an open network called the Internet. c)Repudiation: Repudiation threats are associated with malicious users and masquerades who performs an action and deny without other parties having any way to prove otherwise—for example, an attacker controller performs an illegal operation in a SDN that lacks the ability to trace the prohibited operations. d)Information Disclosure: Thistreatmeanstheillegitimate availability of resourceinformationofthe systemornetwork or software to malicious and unauthorized users or programs. e) Denial of Service: This treat causesserviceunavailability to the authorized legitimate users or programs. f)Elevation of Privilege: In this type of threat, an unprivileged user gains privileged access and thereby has sufficient access tocompromiseordestroytheentiresystem.
International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 04 Issue: 08 | Aug -2017 www.irjet.net p-ISSN: 2395-0072 © 2017, IRJET | Impact Factor value: 5.181 | ISO 9001:2008 Certified Journal | Page 1010 This treat can cause penetration of all system or network defense and declares it a trusted system. Table 1 presents the STRIDE threat categorization model, based on the above definitions, which includes the corresponding security property and default controls associated with the threat type. TABLE 1: Threat Categorization, Security Properties and Controls [17] Threat Property Controls Spoofing Authentication Authentication Stores, Strong Authentication mechanisms Tampering Integrity/ Access Controls Crypto Hash, Digital watermark/ isolation and access checks Repudiation Non Repudiation Logging infrastructure, full packet-capture Information Disclosure Confidentiality Encryption or Isolation Denial of Service Availability Redundancy, failover, QoS, Bandwidth throttle Elevation of Privilege Authorization /Least Privilege RBAC, DACL, MAC, Sudo, UAC, Privileged account protections Data Flow Diagrams (DFD) are used to graphically represent any system [17]. DFDs use a standard set of symbols consisting of four elements: data flows, data stores, processes, and interactors [17]. In Table2,DFD elements are identified as a means of eliciting information which can be used to drive STRIDE threat analysis. As illustrated in Table 3, each DFD elements can be vulnerable to one or many STRIDE threats. TABLE 2. DFD elements and their representation [17] Name Representation Definition Data Flow Directed Arrow Data sent among network elements Data Store Parallel Lines Stable Data Process Circle Programs or applications that configures the system Interactors Rectangular Box Endpoints out of system scope to control Trust Boundaries Dotted Line Separation between trusted and untrusted elements of the system TABLE 3. STRIDE Threats per DFD element [17] Threat Data Flow Data Store Process Interactors Spoofing Yes Yes Tampering Yes Yes Yes Repudiation Yes Yes Yes Information Disclosure Yes Yes Yes Denial of Service Yes Yes Yes Elevation of Privilege Yes 3. sFLOW sFlow is an open source sampling technology and traffic measurement and monitoring tool for OpenFlow network [4]. It is a traffic monitoring solution embedded with switch and router of any possible OpenFlow based SDWN. Primary elements of sFlow system consists sFlow agents and sFlow collector, illustrated in Fig. 2. Agent is the software process that is remotely configuredusinga Management Information Base (MIB) within the device. Consolidating the interface counters and flow tests into sFlow datagrams, these datagrams are sent to the sFlow collector installed in the checking host through the SDWN environment utilizing Simple Network Management Protocol (SNMP) [23]. Including sFlow’s own collector sets: sFlow-RT, sFlow- Trend, sflowtool, this sampling tool also support the third party collectors: VitalSuit, Peakflow, Kentik Detect and FlowTraq - those handle more details of sFlow datagrams [4]. Illustration in Fig. 2 represents the Data Flow Diagram (DFD) of sFlow that uncovers the crucial security risk.sFlow doesn’t provide any security mechanism fordata flowrather depends on secure third partymanagement environmentfor sFlow agents. Fig. 2: sFlow Data Flow Diagram
International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 04 Issue: 08 | Aug -2017 www.irjet.net p-ISSN: 2395-0072 © 2017, IRJET | Impact Factor value: 5.181 | ISO 9001:2008 Certified Journal | Page 1011 A. Data Flows Data flows are vulnerable to Tampering, Information Disclosure and DoS attack in absence of proper security mechanism. A physical interface of switch, routers is potential data sources in the underlying SDWN. These provides sampled data packet to sFlow agents for measurement. sFlow agents combine packet flow sampling and counter sampling to sFlow datagrams. The sFlow Datagrams are used to immediately forward the sampled traffic statistics being unencrypted to a sFlow Collector for analysis [24]. As collectors can be vendor provided, security of the received datagrams depends on vendor’s will of deployment and how they process the data. Hence, sFlow doesn’t provide any security mechanism. For security reasons SNMPv3 should be used to configureandcontrol the sFlow agents to encrypt and authenticate the datagrams before transmitting to the collector [24]. B. Data Stores According to Table 1 data store are prone to Tampering, Information Disclosure and DoS attack vulnerabilities alike data flows. MIB contains information about sFlow agents, collector ports and even IP addresses. Using SNMP, sFlow agents can be configured through a local Command Line Interface (CLI) or SNMP commands. In order to decline any anonymous actions, switches and routers in the network should have some Access Control (AC) mechanisms, i.e. Discretionary Access Control (DAC), Role-Based Access Control (RBAC) to ensure the interface’s security [14]. In inverse case, if CLI is available from unapproved client, MIB in sFlow is powerless against data Tampering, traffic Information Disclosure and even DoS assault, holds the MIB flow enteries and authority subtle elements open for unapproved get to and considerably aggressor can alter the information. If there should be an occurrence of SNMPv1, SNMPv2 communication with collector is at comparable dangers. C. Interactors sFlow agents performs one-way communication with the sFlow collectors and sends the combination of packet based and time-based sampled traffic data [24].According to Table 1. they are not considered as interactors. D. Processes sFlow agent processes are not accessible through interfaces, therefore the STRIDE method is not applied. The collector should check the time-based counter number of the sFlow datagrams to provide a securitymechanismagainst spoofing attacks [24]. E. Summary Above analysis clarifies that sFlow requires a third party deployment environment for security needs. However, ensuring the Transport Layer Security (TLS) among sFlow agents and collector, sFlow itself can emerge as a secured SDWN monitoring and measurement tool for wireless and Table 4 shows the probable vulnerabilities of sFlow agents. Adapting an access control mechanism can eliminate the security risks to a certain level of tampering and MIB information disclosure. TABLE 4. sFlow Vulnerabilities Threat Data Flow Data Store Solution Tampering Yes Yes ACL/RBAC/DAC for CLI, NPMv3, TLS Information Disclosure Yes Yes TLS Denial of Services(DoS) Yes Yes AC in CLI for MIB Security, TLS 4. FLOWVISOR FlowVisor is an OpenFlow controller works as a proxy in between the OpenFlow switches and several multiple OpenFlow controllers, allowing visualization of OpenFlow physical infrastructure into different virtual networks [5]. Using OpenFlow protocol, FlowVisor controls underlying network, dividing the resources into slices isolated from each other. And delegates control of each slice to a different controller [5]. FlowVisor provides isolationfortopology and addressing space. FlowVisor is architecturally a neutral transparent proxy and makes no assumption about the functions and operations of the switches and controllers. FlowVisor sits between each of the controllers and switches making sure that the guest controller has full accessibility of the switches maintaining the flows that define the corresponding slice. The DFD in Fig. 3 represents data flow between OpenFlow enabled switches and controllerswhere messages are intercepted through FlowVisor. Fig. 3: FlowVisor Data Flow Diagram
International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 04 Issue: 08 | Aug -2017 www.irjet.net p-ISSN: 2395-0072 © 2017, IRJET | Impact Factor value: 5.181 | ISO 9001:2008 Certified Journal | Page 1012 FlowVisor partitions the base transmission transfer speed for each slice doling out particular data rate to a set of flows from that slice. FlowVisor screens each flow-entry for each guest controller and portions the flow table among the switches. Switches are arranged by the resource allocation and directing approaches cuts of the FlowVisor controller. Slices are isolated and have their own ‘flowspace’ or set of region of data flows. These isolated slices can be broken allowing different attacks. A. Data Flows FlowVisor adopts slicing policies for each guest controller. Activity sent from the production network and guest controllers if matches the sending enteries in the FlowVisor are sliced for relevant switches as per 'flowspace'. Diverse slices having adaptable and distinctive flow policies are emphatically separated. Any traffic that does not coordinate the current sending enteries are sent to the production controller for inclusion. Production controller subsequently revises the relevant slice. Assault on slice policy reworks from assaulting entity can make vulnerabilities such system with FlowVisor. Assuming, in this manner, data is sent from an aggressor, the controller can't identifyasa resultofpolicy revise and causes altering of flow rules and the system data and even DoS dangers. B. Data Stores The switch arrangement is put away in the flow enteries of the cuts by the respective guest controllers. This permits data movement validation to flow between the controllers and switches inside the wireless OpenFlow network even under portability circumstances. This mechanism ensures that data is secured against Tampering, Information Disclosure and Spoofing threats. C. Interactors FlowVisor’s Command Line Interface (CLI) provides control access to users for data and slice configuration. CLI uses user-authentication in terms of username, host name and port number on accessing the interface and slices and therefore securefromSpoofing,Tampering,Repudiation and Elevation of Privilege threats. D. Processes Slice processes are owned by the admin and groups of the network operators and thereby Spoofing, Repudiation, DoS and tampering threats are unable to make the network vulnerable in FlowVisor’s process. E. Summary FlowVisor is open source to access controller’s processes, data flow and action support forslices.Althoughthistool has separate production controllerandisolated slicestoperform the flow independently against any attacking entity, FlowVisor is vulnerable to different threats at different flow status described in Table 5. TABLE 5: FlowVisor Vulnerabilities Threat Data Flow Solution Tampering Yes TLS Information Disclosure Yes TLS Denial of Services (DoS) Yes Access Control in CLI for policy rewrite, TLS Adjusting Transport Layer Security can safeguard the arrangement revise production controller for unmatched packets where virtual controllercan'tchangetheMACandIP address for the packets uninhibitedly. 5. COMPARISON BETWEEN sFLOW AND FLOWVISOR sFlow and FlowVisor both provide different network monitoring and measurement functionalities. The comparative threat model analysis of them is illustrated in Table 6. Above investigation holds sFlow giving no security in data flow and data store in DFD wherein FlowVisor acquires security threat vulnerabilities in disengaged cuts. This makes FlowVisor defenseless against Spoofing, Tampering and Information disclosure, even postponement and Denial of Service dangers in data flow. However, FlowVisor guarantees security of switch information put away in its own controller where sFlow relies upon external secure environment to guarantee security in MIB data storage and flow entry information. This makes sFlow helpless against spoofing, DoS and information divulgence risk as switching operators send decoded datagrams to the collector. Utilizing Transport LayerSecurity(TLS)insending the datagrams to the collectors can take out information exposure threatswhereintamperingcanbehandledutilizing access control mechanism in CLI, agent arranging SNMPv3 protocols. FlowVisor includes access control in CLI for slice information whichprotectsitfromspoofing,repudiation and elevation of privilege attacks fromanykindof malicioususer or masquerades. TABLE 6: Comparison of FlowVisor and sFlow tools Threat Data Flow Data Store Tampering FlowVisor, sFlow sFlow Information Disclosure FlowVisor, sFlow sFlow Denial of Services (DoS) FlowVisor, sFlow sFlow
International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 04 Issue: 08 | Aug -2017 www.irjet.net p-ISSN: 2395-0072 © 2017, IRJET | Impact Factor value: 5.181 | ISO 9001:2008 Certified Journal | Page 1013 6. CONCLUSION In this paper, an analysis on wireless SDN monitoring tools, sFlow and FlowVisor, in terms of STRIDE security threat model where both has different functionalities and vulnerabilities in handling data traffic flows and network entities. This analysis will provide suggestions in handling the above mentioned security threats in SDWN using existing well-to-do mechanisms. These study fall in the category of security-centric SDWN and will be viable in doing research on OrchSec wireless architecture [25]. 7. FUTURE ENHANCEMENT The future prospects of this SDWN securityanalysis will lead to persistent research on assessment of SDWN appliance in data center, cognitive networks and mobile communication. As future work, the researchers would plan to study FlowVisor topology isolation mechanism and queue-based bandwidth isolation mechanism in securing the underlying SDWN network. Prototyping the network in real timeSDWN network devices and environment will be interesting and a big challenge ahead. 8. REFERENCES [1] Bernardos et al., "An architecture for software defined wireless networking". [2] M. R. Sama, L. M. Contreras, J. Kaippallimalil, I. Akiyoshi, H. Qian, and H. Ni, "Software-defined control of the virtualized mobile packet core," IEEE Communications Magazine, vol. 53, no. 2, pp. 107–115, Feb. 2015. [3] Y. Wang, J. Bi, and K. Zhang, "Design and implementation of a software-defined mobility architectureforIPnetworks," Mobile Networks and Applications. [4]sFlow, "Making the network visible," 2003. [Online]. Available: http://www.sflow.org/. [5]"FlowVisor,".[Online].Available:https://openflow.stanford . edu/display/DOCS/Flowvisor. [6]T. Turner, "Big switch networks, Inc," Big Switch Networks,2014.http://www.bigswitch. com/ [7]BigSwitch Networks, "Big tap monitoring fabric," Big Switch Networks, 2014. [Online]. Available: http://www. bigswitch .com/topics/big-tap-monitoring-fabric. [8] S. Inc, "SevOne: The digital infrastructure management company". [Online]. Available: https://www.sevone.com/. [9]P. Dauer, R. Khondoker, R.Marx,andK.Bayarou,"Security analysis of software defined networking applications for monitoring and measurement. [10]N. A. Jagadeesan and B. Krishnamachari, "Software- defined networking paradigms in wireless networks: A survey. [11]A. Shostack, "ExperiencesThreatModelingatMicrosoft", [Online]. http://ceur-ws.org/Vol-413/ paper12. pdf. [12]Shawn Hernan and Scott Lambert and Tomasz Ostwald and Adam Shostack, Uncover Security Design Flaws Using The STRIDE Approach. [13]sFlow.org, sFlow Version 5 Specification, [Online]. Available: http://www.sflow.org/sflow_version_5.txt. [14]A. Zaalouk and R. Khondoker and R. Marx and K Bayarou, “OrchSec: An Orchestrator-Based Architecture for Enhancing Network-Security UsingNetwork Monitoringand SDN Control Functions”

Recommended

An Improved Intrusion Prevention Sytem for WLAN
An Improved Intrusion Prevention Sytem for WLANAn Improved Intrusion Prevention Sytem for WLAN
An Improved Intrusion Prevention Sytem for WLAN
rahulmonikasharma
 
Effective Information Flow Control as a Service: EIFCaaS
Effective Information Flow Control as a Service: EIFCaaSEffective Information Flow Control as a Service: EIFCaaS
Effective Information Flow Control as a Service: EIFCaaS
IRJET Journal
 
IRJET- Machine Learning Processing for Intrusion Detection
IRJET- Machine Learning Processing for Intrusion DetectionIRJET- Machine Learning Processing for Intrusion Detection
IRJET- Machine Learning Processing for Intrusion Detection
IRJET Journal
 
Implementation of Secured Network Based Intrusion Detection System Using SVM ...
Implementation of Secured Network Based Intrusion Detection System Using SVM ...Implementation of Secured Network Based Intrusion Detection System Using SVM ...
Implementation of Secured Network Based Intrusion Detection System Using SVM ...
IRJET Journal
 
Survey of Clustering Based Detection using IDS Technique
Survey of Clustering Based Detection using IDS Technique Survey of Clustering Based Detection using IDS Technique
Survey of Clustering Based Detection using IDS Technique
IRJET Journal
 
IRJET- Cost Effective Scheme for Delay Tolerant Data Transmission
IRJET- Cost Effective Scheme for Delay Tolerant Data TransmissionIRJET- Cost Effective Scheme for Delay Tolerant Data Transmission
IRJET- Cost Effective Scheme for Delay Tolerant Data Transmission
IRJET Journal
 
IRJET - Detection of False Data Injection Attacks using K-Means Clusterin...
IRJET - Detection of False Data Injection Attacks using K-Means Clusterin...IRJET - Detection of False Data Injection Attacks using K-Means Clusterin...
IRJET - Detection of False Data Injection Attacks using K-Means Clusterin...
IRJET Journal
 
Energy Meters using Internet of Things Platform
Energy Meters using Internet of Things PlatformEnergy Meters using Internet of Things Platform
Energy Meters using Internet of Things Platform
IRJET Journal
 
IRJET- A Study of DDoS Attacks in Software Defined Networks
IRJET- A Study of DDoS Attacks in Software Defined NetworksIRJET- A Study of DDoS Attacks in Software Defined Networks
IRJET- A Study of DDoS Attacks in Software Defined Networks
IRJET Journal
 
IRJET- Machine Learning based Network Security
IRJET- Machine Learning based Network SecurityIRJET- Machine Learning based Network Security
IRJET- Machine Learning based Network Security
IRJET Journal
 
An efficient intrusion detection using relevance vector machine
An efficient intrusion detection using relevance vector machineAn efficient intrusion detection using relevance vector machine
An efficient intrusion detection using relevance vector machine
IAEME Publication
 
DIVISION AND REPLICATION OF DATA IN GRID FOR OPTIMAL PERFORMANCE AND SECURITY
DIVISION AND REPLICATION OF DATA IN GRID FOR OPTIMAL PERFORMANCE AND SECURITYDIVISION AND REPLICATION OF DATA IN GRID FOR OPTIMAL PERFORMANCE AND SECURITY
DIVISION AND REPLICATION OF DATA IN GRID FOR OPTIMAL PERFORMANCE AND SECURITY
ijgca
 
IRJET- Phishdect & Mitigator: SDN based Phishing Attack Detection
IRJET- Phishdect & Mitigator: SDN based Phishing Attack DetectionIRJET- Phishdect & Mitigator: SDN based Phishing Attack Detection
IRJET- Phishdect & Mitigator: SDN based Phishing Attack Detection
IRJET Journal
 
Indexing Building Evaluation Criteria
Indexing Building Evaluation CriteriaIndexing Building Evaluation Criteria
Indexing Building Evaluation Criteria
IJERA Editor
 
IRJET- Decentralized E-Voting System
IRJET- Decentralized E-Voting SystemIRJET- Decentralized E-Voting System
IRJET- Decentralized E-Voting System
IRJET Journal
 
Ak03402100217
Ak03402100217Ak03402100217
Ak03402100217
ijceronline
 
IRJET- 3 Juncture based Issuer Driven Pull Out System using Distributed Servers
IRJET- 3 Juncture based Issuer Driven Pull Out System using Distributed ServersIRJET- 3 Juncture based Issuer Driven Pull Out System using Distributed Servers
IRJET- 3 Juncture based Issuer Driven Pull Out System using Distributed Servers
IRJET Journal
 
Wireless Network Intrinsic Secrecy
Wireless Network Intrinsic SecrecyWireless Network Intrinsic Secrecy
Wireless Network Intrinsic Secrecy
IRJET Journal
 
IRJET- Enhanced Private and Secured Medical Data Transmission
IRJET- Enhanced Private and Secured Medical Data TransmissionIRJET- Enhanced Private and Secured Medical Data Transmission
IRJET- Enhanced Private and Secured Medical Data Transmission
IRJET Journal
 
Privacy Preserving Public Auditing and Data Integrity for Secure Cloud Storag...
Privacy Preserving Public Auditing and Data Integrity for Secure Cloud Storag...Privacy Preserving Public Auditing and Data Integrity for Secure Cloud Storag...
Privacy Preserving Public Auditing and Data Integrity for Secure Cloud Storag...
INFOGAIN PUBLICATION
 
Elevating security in mobile adhoc network using
Elevating security in mobile adhoc network usingElevating security in mobile adhoc network using
Elevating security in mobile adhoc network using
eSAT Publishing House
 
Software Defined Network Based Internet on thing Eco System for Shopfloor
Software Defined Network Based Internet on thing Eco System for ShopfloorSoftware Defined Network Based Internet on thing Eco System for Shopfloor
Software Defined Network Based Internet on thing Eco System for Shopfloor
IRJET Journal
 
IMPROVED IDS USING LAYERED CRFS WITH LOGON RESTRICTIONS AND MOBILE ALERTS BAS...
IMPROVED IDS USING LAYERED CRFS WITH LOGON RESTRICTIONS AND MOBILE ALERTS BAS...IMPROVED IDS USING LAYERED CRFS WITH LOGON RESTRICTIONS AND MOBILE ALERTS BAS...
IMPROVED IDS USING LAYERED CRFS WITH LOGON RESTRICTIONS AND MOBILE ALERTS BAS...
IJNSA Journal
 
UNCONSTRAINED ENDPOINT SECURITY SYSTEM: UEPTSS
UNCONSTRAINED ENDPOINT SECURITY SYSTEM: UEPTSSUNCONSTRAINED ENDPOINT SECURITY SYSTEM: UEPTSS
UNCONSTRAINED ENDPOINT SECURITY SYSTEM: UEPTSS
IJNSA Journal
 
A Hybrid Intrusion Detection System for Network Security: A New Proposed Min ...
A Hybrid Intrusion Detection System for Network Security: A New Proposed Min ...A Hybrid Intrusion Detection System for Network Security: A New Proposed Min ...
A Hybrid Intrusion Detection System for Network Security: A New Proposed Min ...
IJCSIS Research Publications
 
ICCES_2016_Security Analysis of Software Defined Wireless Network Monitoring ...
ICCES_2016_Security Analysis of Software Defined Wireless Network Monitoring ...ICCES_2016_Security Analysis of Software Defined Wireless Network Monitoring ...
ICCES_2016_Security Analysis of Software Defined Wireless Network Monitoring ...
Asma Swapna
 
ICCIT_NSU_Comparative Security Analysis of Software Defined Wireless Networki...
ICCIT_NSU_Comparative Security Analysis of Software Defined Wireless Networki...ICCIT_NSU_Comparative Security Analysis of Software Defined Wireless Networki...
ICCIT_NSU_Comparative Security Analysis of Software Defined Wireless Networki...
Asma Swapna
 
IRJET- Build SDN with Openflow Controller
IRJET- Build SDN with Openflow ControllerIRJET- Build SDN with Openflow Controller
IRJET- Build SDN with Openflow Controller
IRJET Journal
 
Security in Software Defined Networks (SDN): Challenges and Research Opportun...
Security in Software Defined Networks (SDN): Challenges and Research Opportun...Security in Software Defined Networks (SDN): Challenges and Research Opportun...
Security in Software Defined Networks (SDN): Challenges and Research Opportun...
Editor IJCATR
 
Security of software defined networks: evolution and challenges
Security of software defined networks: evolution and challengesSecurity of software defined networks: evolution and challenges
Security of software defined networks: evolution and challenges
International Journal of Reconfigurable and Embedded Systems
 

More Related Content

What's hot (17)

IRJET- A Study of DDoS Attacks in Software Defined Networks
IRJET- A Study of DDoS Attacks in Software Defined NetworksIRJET- A Study of DDoS Attacks in Software Defined Networks
IRJET- A Study of DDoS Attacks in Software Defined Networks
IRJET Journal
 
IRJET- Machine Learning based Network Security
IRJET- Machine Learning based Network SecurityIRJET- Machine Learning based Network Security
IRJET- Machine Learning based Network Security
IRJET Journal
 
An efficient intrusion detection using relevance vector machine
An efficient intrusion detection using relevance vector machineAn efficient intrusion detection using relevance vector machine
An efficient intrusion detection using relevance vector machine
IAEME Publication
 
DIVISION AND REPLICATION OF DATA IN GRID FOR OPTIMAL PERFORMANCE AND SECURITY
DIVISION AND REPLICATION OF DATA IN GRID FOR OPTIMAL PERFORMANCE AND SECURITYDIVISION AND REPLICATION OF DATA IN GRID FOR OPTIMAL PERFORMANCE AND SECURITY
DIVISION AND REPLICATION OF DATA IN GRID FOR OPTIMAL PERFORMANCE AND SECURITY
ijgca
 
IRJET- Phishdect & Mitigator: SDN based Phishing Attack Detection
IRJET- Phishdect & Mitigator: SDN based Phishing Attack DetectionIRJET- Phishdect & Mitigator: SDN based Phishing Attack Detection
IRJET- Phishdect & Mitigator: SDN based Phishing Attack Detection
IRJET Journal
 
Indexing Building Evaluation Criteria
Indexing Building Evaluation CriteriaIndexing Building Evaluation Criteria
Indexing Building Evaluation Criteria
IJERA Editor
 
IRJET- Decentralized E-Voting System
IRJET- Decentralized E-Voting SystemIRJET- Decentralized E-Voting System
IRJET- Decentralized E-Voting System
IRJET Journal
 
Ak03402100217
Ak03402100217Ak03402100217
Ak03402100217
ijceronline
 
IRJET- 3 Juncture based Issuer Driven Pull Out System using Distributed Servers
IRJET- 3 Juncture based Issuer Driven Pull Out System using Distributed ServersIRJET- 3 Juncture based Issuer Driven Pull Out System using Distributed Servers
IRJET- 3 Juncture based Issuer Driven Pull Out System using Distributed Servers
IRJET Journal
 
Wireless Network Intrinsic Secrecy
Wireless Network Intrinsic SecrecyWireless Network Intrinsic Secrecy
Wireless Network Intrinsic Secrecy
IRJET Journal
 
IRJET- Enhanced Private and Secured Medical Data Transmission
IRJET- Enhanced Private and Secured Medical Data TransmissionIRJET- Enhanced Private and Secured Medical Data Transmission
IRJET- Enhanced Private and Secured Medical Data Transmission
IRJET Journal
 
Privacy Preserving Public Auditing and Data Integrity for Secure Cloud Storag...
Privacy Preserving Public Auditing and Data Integrity for Secure Cloud Storag...Privacy Preserving Public Auditing and Data Integrity for Secure Cloud Storag...
Privacy Preserving Public Auditing and Data Integrity for Secure Cloud Storag...
INFOGAIN PUBLICATION
 
Elevating security in mobile adhoc network using
Elevating security in mobile adhoc network usingElevating security in mobile adhoc network using
Elevating security in mobile adhoc network using
eSAT Publishing House
 
Software Defined Network Based Internet on thing Eco System for Shopfloor
Software Defined Network Based Internet on thing Eco System for ShopfloorSoftware Defined Network Based Internet on thing Eco System for Shopfloor
Software Defined Network Based Internet on thing Eco System for Shopfloor
IRJET Journal
 
IMPROVED IDS USING LAYERED CRFS WITH LOGON RESTRICTIONS AND MOBILE ALERTS BAS...
IMPROVED IDS USING LAYERED CRFS WITH LOGON RESTRICTIONS AND MOBILE ALERTS BAS...IMPROVED IDS USING LAYERED CRFS WITH LOGON RESTRICTIONS AND MOBILE ALERTS BAS...
IMPROVED IDS USING LAYERED CRFS WITH LOGON RESTRICTIONS AND MOBILE ALERTS BAS...
IJNSA Journal
 
UNCONSTRAINED ENDPOINT SECURITY SYSTEM: UEPTSS
UNCONSTRAINED ENDPOINT SECURITY SYSTEM: UEPTSSUNCONSTRAINED ENDPOINT SECURITY SYSTEM: UEPTSS
UNCONSTRAINED ENDPOINT SECURITY SYSTEM: UEPTSS
IJNSA Journal
 
A Hybrid Intrusion Detection System for Network Security: A New Proposed Min ...
A Hybrid Intrusion Detection System for Network Security: A New Proposed Min ...A Hybrid Intrusion Detection System for Network Security: A New Proposed Min ...
A Hybrid Intrusion Detection System for Network Security: A New Proposed Min ...
IJCSIS Research Publications
 
IRJET- A Study of DDoS Attacks in Software Defined Networks
IRJET- A Study of DDoS Attacks in Software Defined NetworksIRJET- A Study of DDoS Attacks in Software Defined Networks
IRJET- A Study of DDoS Attacks in Software Defined Networks
IRJET Journal
 
IRJET- Machine Learning based Network Security
IRJET- Machine Learning based Network SecurityIRJET- Machine Learning based Network Security
IRJET- Machine Learning based Network Security
IRJET Journal
 
An efficient intrusion detection using relevance vector machine
An efficient intrusion detection using relevance vector machineAn efficient intrusion detection using relevance vector machine
An efficient intrusion detection using relevance vector machine
IAEME Publication
 
DIVISION AND REPLICATION OF DATA IN GRID FOR OPTIMAL PERFORMANCE AND SECURITY
DIVISION AND REPLICATION OF DATA IN GRID FOR OPTIMAL PERFORMANCE AND SECURITYDIVISION AND REPLICATION OF DATA IN GRID FOR OPTIMAL PERFORMANCE AND SECURITY
DIVISION AND REPLICATION OF DATA IN GRID FOR OPTIMAL PERFORMANCE AND SECURITY
ijgca
 
IRJET- Phishdect & Mitigator: SDN based Phishing Attack Detection
IRJET- Phishdect & Mitigator: SDN based Phishing Attack DetectionIRJET- Phishdect & Mitigator: SDN based Phishing Attack Detection
IRJET- Phishdect & Mitigator: SDN based Phishing Attack Detection
IRJET Journal
 
Indexing Building Evaluation Criteria
Indexing Building Evaluation CriteriaIndexing Building Evaluation Criteria
Indexing Building Evaluation Criteria
IJERA Editor
 
IRJET- Decentralized E-Voting System
IRJET- Decentralized E-Voting SystemIRJET- Decentralized E-Voting System
IRJET- Decentralized E-Voting System
IRJET Journal
 
Ak03402100217
Ak03402100217Ak03402100217
Ak03402100217
ijceronline
 
IRJET- 3 Juncture based Issuer Driven Pull Out System using Distributed Servers
IRJET- 3 Juncture based Issuer Driven Pull Out System using Distributed ServersIRJET- 3 Juncture based Issuer Driven Pull Out System using Distributed Servers
IRJET- 3 Juncture based Issuer Driven Pull Out System using Distributed Servers
IRJET Journal
 
Wireless Network Intrinsic Secrecy
Wireless Network Intrinsic SecrecyWireless Network Intrinsic Secrecy
Wireless Network Intrinsic Secrecy
IRJET Journal
 
IRJET- Enhanced Private and Secured Medical Data Transmission
IRJET- Enhanced Private and Secured Medical Data TransmissionIRJET- Enhanced Private and Secured Medical Data Transmission
IRJET- Enhanced Private and Secured Medical Data Transmission
IRJET Journal
 
Privacy Preserving Public Auditing and Data Integrity for Secure Cloud Storag...
Privacy Preserving Public Auditing and Data Integrity for Secure Cloud Storag...Privacy Preserving Public Auditing and Data Integrity for Secure Cloud Storag...
Privacy Preserving Public Auditing and Data Integrity for Secure Cloud Storag...
INFOGAIN PUBLICATION
 
Elevating security in mobile adhoc network using
Elevating security in mobile adhoc network usingElevating security in mobile adhoc network using
Elevating security in mobile adhoc network using
eSAT Publishing House
 
Software Defined Network Based Internet on thing Eco System for Shopfloor
Software Defined Network Based Internet on thing Eco System for ShopfloorSoftware Defined Network Based Internet on thing Eco System for Shopfloor
Software Defined Network Based Internet on thing Eco System for Shopfloor
IRJET Journal
 
IMPROVED IDS USING LAYERED CRFS WITH LOGON RESTRICTIONS AND MOBILE ALERTS BAS...
IMPROVED IDS USING LAYERED CRFS WITH LOGON RESTRICTIONS AND MOBILE ALERTS BAS...IMPROVED IDS USING LAYERED CRFS WITH LOGON RESTRICTIONS AND MOBILE ALERTS BAS...
IMPROVED IDS USING LAYERED CRFS WITH LOGON RESTRICTIONS AND MOBILE ALERTS BAS...
IJNSA Journal
 
UNCONSTRAINED ENDPOINT SECURITY SYSTEM: UEPTSS
UNCONSTRAINED ENDPOINT SECURITY SYSTEM: UEPTSSUNCONSTRAINED ENDPOINT SECURITY SYSTEM: UEPTSS
UNCONSTRAINED ENDPOINT SECURITY SYSTEM: UEPTSS
IJNSA Journal
 
A Hybrid Intrusion Detection System for Network Security: A New Proposed Min ...
A Hybrid Intrusion Detection System for Network Security: A New Proposed Min ...A Hybrid Intrusion Detection System for Network Security: A New Proposed Min ...
A Hybrid Intrusion Detection System for Network Security: A New Proposed Min ...
IJCSIS Research Publications
 

Similar to An Analysis on Software Defined Wireless Network using Stride Model (20)

ICCES_2016_Security Analysis of Software Defined Wireless Network Monitoring ...
ICCES_2016_Security Analysis of Software Defined Wireless Network Monitoring ...ICCES_2016_Security Analysis of Software Defined Wireless Network Monitoring ...
ICCES_2016_Security Analysis of Software Defined Wireless Network Monitoring ...
Asma Swapna
 
ICCIT_NSU_Comparative Security Analysis of Software Defined Wireless Networki...
ICCIT_NSU_Comparative Security Analysis of Software Defined Wireless Networki...ICCIT_NSU_Comparative Security Analysis of Software Defined Wireless Networki...
ICCIT_NSU_Comparative Security Analysis of Software Defined Wireless Networki...
Asma Swapna
 
IRJET- Build SDN with Openflow Controller
IRJET- Build SDN with Openflow ControllerIRJET- Build SDN with Openflow Controller
IRJET- Build SDN with Openflow Controller
IRJET Journal
 
Security in Software Defined Networks (SDN): Challenges and Research Opportun...
Security in Software Defined Networks (SDN): Challenges and Research Opportun...Security in Software Defined Networks (SDN): Challenges and Research Opportun...
Security in Software Defined Networks (SDN): Challenges and Research Opportun...
Editor IJCATR
 
Security of software defined networks: evolution and challenges
Security of software defined networks: evolution and challengesSecurity of software defined networks: evolution and challenges
Security of software defined networks: evolution and challenges
International Journal of Reconfigurable and Embedded Systems
 
Security Analysis of IEEE 802.21 Standard in Software Defined Wireless Networ...
Security Analysis of IEEE 802.21 Standard in Software Defined Wireless Networ...Security Analysis of IEEE 802.21 Standard in Software Defined Wireless Networ...
Security Analysis of IEEE 802.21 Standard in Software Defined Wireless Networ...
Asma Swapna
 
HRMN300INSTRUCTIONS· Respond to all four questions below on.docx
HRMN300INSTRUCTIONS· Respond to all four questions below on.docxHRMN300INSTRUCTIONS· Respond to all four questions below on.docx
HRMN300INSTRUCTIONS· Respond to all four questions below on.docx
pooleavelina
 
Software Defined Networking Architecture for Empowering Internet of Things & ...
Software Defined Networking Architecture for Empowering Internet of Things & ...Software Defined Networking Architecture for Empowering Internet of Things & ...
Software Defined Networking Architecture for Empowering Internet of Things & ...
IRJET Journal
 
Denial of Service Attacks in Software Defined Networking - A Survey
Denial of Service Attacks in Software Defined Networking - A SurveyDenial of Service Attacks in Software Defined Networking - A Survey
Denial of Service Attacks in Software Defined Networking - A Survey
IRJET Journal
 
Software defined network
Software defined networkSoftware defined network
Software defined network
Deeptiman Mallick
 
Towards an Open Data Center with an Interoperable Network (ODIN) Volume 3: So...
Towards an Open Data Center with an Interoperable Network (ODIN) Volume 3: So...Towards an Open Data Center with an Interoperable Network (ODIN) Volume 3: So...
Towards an Open Data Center with an Interoperable Network (ODIN) Volume 3: So...
IBM India Smarter Computing
 
A SCALABLE MONITORING SYSTEM FOR SOFTWARE DEFINED NETWORKS
A SCALABLE MONITORING SYSTEM FOR SOFTWARE DEFINED NETWORKSA SCALABLE MONITORING SYSTEM FOR SOFTWARE DEFINED NETWORKS
A SCALABLE MONITORING SYSTEM FOR SOFTWARE DEFINED NETWORKS
ijdpsjournal
 
TACTiCS_WP Security_Addressing Security in SDN Environment
TACTiCS_WP Security_Addressing Security in SDN EnvironmentTACTiCS_WP Security_Addressing Security in SDN Environment
TACTiCS_WP Security_Addressing Security in SDN Environment
Saikat Chaudhuri
 
Security and risk analysis in the cloud with software defined networking arch...
Security and risk analysis in the cloud with software defined networking arch...Security and risk analysis in the cloud with software defined networking arch...
Security and risk analysis in the cloud with software defined networking arch...
IJECEIAES
 
Too soft[ware defined] networks SD-Wan vulnerability assessment
Too soft[ware defined] networks SD-Wan vulnerability assessmentToo soft[ware defined] networks SD-Wan vulnerability assessment
Too soft[ware defined] networks SD-Wan vulnerability assessment
Sergey Gordeychik
 
Security sdn
Security sdnSecurity sdn
Security sdn
Priya Singh
 
Software Defined Networking Attacks and Countermeasures .docx
Software Defined Networking Attacks and Countermeasures .docxSoftware Defined Networking Attacks and Countermeasures .docx
Software Defined Networking Attacks and Countermeasures .docx
rosemariebrayshaw
 
SDN: A New Approach to Networking Technology
SDN: A New Approach to Networking TechnologySDN: A New Approach to Networking Technology
SDN: A New Approach to Networking Technology
IRJET Journal
 
Sdn pres v2-Software-defined networks
Sdn pres v2-Software-defined networksSdn pres v2-Software-defined networks
Sdn pres v2-Software-defined networks
ahmad abdelhafeez
 
Banv
BanvBanv
Banv
netvis
 
ICCES_2016_Security Analysis of Software Defined Wireless Network Monitoring ...
ICCES_2016_Security Analysis of Software Defined Wireless Network Monitoring ...ICCES_2016_Security Analysis of Software Defined Wireless Network Monitoring ...
ICCES_2016_Security Analysis of Software Defined Wireless Network Monitoring ...
Asma Swapna
 
ICCIT_NSU_Comparative Security Analysis of Software Defined Wireless Networki...
ICCIT_NSU_Comparative Security Analysis of Software Defined Wireless Networki...ICCIT_NSU_Comparative Security Analysis of Software Defined Wireless Networki...
ICCIT_NSU_Comparative Security Analysis of Software Defined Wireless Networki...
Asma Swapna
 
IRJET- Build SDN with Openflow Controller
IRJET- Build SDN with Openflow ControllerIRJET- Build SDN with Openflow Controller
IRJET- Build SDN with Openflow Controller
IRJET Journal
 
Security in Software Defined Networks (SDN): Challenges and Research Opportun...
Security in Software Defined Networks (SDN): Challenges and Research Opportun...Security in Software Defined Networks (SDN): Challenges and Research Opportun...
Security in Software Defined Networks (SDN): Challenges and Research Opportun...
Editor IJCATR
 
Security of software defined networks: evolution and challenges
Security of software defined networks: evolution and challengesSecurity of software defined networks: evolution and challenges
Security of software defined networks: evolution and challenges
International Journal of Reconfigurable and Embedded Systems
 
Security Analysis of IEEE 802.21 Standard in Software Defined Wireless Networ...
Security Analysis of IEEE 802.21 Standard in Software Defined Wireless Networ...Security Analysis of IEEE 802.21 Standard in Software Defined Wireless Networ...
Security Analysis of IEEE 802.21 Standard in Software Defined Wireless Networ...
Asma Swapna
 
HRMN300INSTRUCTIONS· Respond to all four questions below on.docx
HRMN300INSTRUCTIONS· Respond to all four questions below on.docxHRMN300INSTRUCTIONS· Respond to all four questions below on.docx
HRMN300INSTRUCTIONS· Respond to all four questions below on.docx
pooleavelina
 
Software Defined Networking Architecture for Empowering Internet of Things & ...
Software Defined Networking Architecture for Empowering Internet of Things & ...Software Defined Networking Architecture for Empowering Internet of Things & ...
Software Defined Networking Architecture for Empowering Internet of Things & ...
IRJET Journal
 
Denial of Service Attacks in Software Defined Networking - A Survey
Denial of Service Attacks in Software Defined Networking - A SurveyDenial of Service Attacks in Software Defined Networking - A Survey
Denial of Service Attacks in Software Defined Networking - A Survey
IRJET Journal
 
Software defined network
Software defined networkSoftware defined network
Software defined network
Deeptiman Mallick
 
Towards an Open Data Center with an Interoperable Network (ODIN) Volume 3: So...
Towards an Open Data Center with an Interoperable Network (ODIN) Volume 3: So...Towards an Open Data Center with an Interoperable Network (ODIN) Volume 3: So...
Towards an Open Data Center with an Interoperable Network (ODIN) Volume 3: So...
IBM India Smarter Computing
 
A SCALABLE MONITORING SYSTEM FOR SOFTWARE DEFINED NETWORKS
A SCALABLE MONITORING SYSTEM FOR SOFTWARE DEFINED NETWORKSA SCALABLE MONITORING SYSTEM FOR SOFTWARE DEFINED NETWORKS
A SCALABLE MONITORING SYSTEM FOR SOFTWARE DEFINED NETWORKS
ijdpsjournal
 
TACTiCS_WP Security_Addressing Security in SDN Environment
TACTiCS_WP Security_Addressing Security in SDN EnvironmentTACTiCS_WP Security_Addressing Security in SDN Environment
TACTiCS_WP Security_Addressing Security in SDN Environment
Saikat Chaudhuri
 
Security and risk analysis in the cloud with software defined networking arch...
Security and risk analysis in the cloud with software defined networking arch...Security and risk analysis in the cloud with software defined networking arch...
Security and risk analysis in the cloud with software defined networking arch...
IJECEIAES
 
Too soft[ware defined] networks SD-Wan vulnerability assessment
Too soft[ware defined] networks SD-Wan vulnerability assessmentToo soft[ware defined] networks SD-Wan vulnerability assessment
Too soft[ware defined] networks SD-Wan vulnerability assessment
Sergey Gordeychik
 
Security sdn
Security sdnSecurity sdn
Security sdn
Priya Singh
 
Software Defined Networking Attacks and Countermeasures .docx
Software Defined Networking Attacks and Countermeasures .docxSoftware Defined Networking Attacks and Countermeasures .docx
Software Defined Networking Attacks and Countermeasures .docx
rosemariebrayshaw
 
SDN: A New Approach to Networking Technology
SDN: A New Approach to Networking TechnologySDN: A New Approach to Networking Technology
SDN: A New Approach to Networking Technology
IRJET Journal
 
Sdn pres v2-Software-defined networks
Sdn pres v2-Software-defined networksSdn pres v2-Software-defined networks
Sdn pres v2-Software-defined networks
ahmad abdelhafeez
 
Banv
BanvBanv
Banv
netvis
 

More from IRJET Journal (20)

Enhanced heart disease prediction using SKNDGR ensemble Machine Learning Model
Enhanced heart disease prediction using SKNDGR ensemble Machine Learning ModelEnhanced heart disease prediction using SKNDGR ensemble Machine Learning Model
Enhanced heart disease prediction using SKNDGR ensemble Machine Learning Model
IRJET Journal
 
Utilizing Biomedical Waste for Sustainable Brick Manufacturing: A Novel Appro...
Utilizing Biomedical Waste for Sustainable Brick Manufacturing: A Novel Appro...Utilizing Biomedical Waste for Sustainable Brick Manufacturing: A Novel Appro...
Utilizing Biomedical Waste for Sustainable Brick Manufacturing: A Novel Appro...
IRJET Journal
 
Kiona – A Smart Society Automation Project
Kiona – A Smart Society Automation ProjectKiona – A Smart Society Automation Project
Kiona – A Smart Society Automation Project
IRJET Journal
 
DESIGN AND DEVELOPMENT OF BATTERY THERMAL MANAGEMENT SYSTEM USING PHASE CHANG...
DESIGN AND DEVELOPMENT OF BATTERY THERMAL MANAGEMENT SYSTEM USING PHASE CHANG...DESIGN AND DEVELOPMENT OF BATTERY THERMAL MANAGEMENT SYSTEM USING PHASE CHANG...
DESIGN AND DEVELOPMENT OF BATTERY THERMAL MANAGEMENT SYSTEM USING PHASE CHANG...
IRJET Journal
 
Invest in Innovation: Empowering Ideas through Blockchain Based Crowdfunding
Invest in Innovation: Empowering Ideas through Blockchain Based CrowdfundingInvest in Innovation: Empowering Ideas through Blockchain Based Crowdfunding
Invest in Innovation: Empowering Ideas through Blockchain Based Crowdfunding
IRJET Journal
 
SPACE WATCH YOUR REAL-TIME SPACE INFORMATION HUB
SPACE WATCH YOUR REAL-TIME SPACE INFORMATION HUBSPACE WATCH YOUR REAL-TIME SPACE INFORMATION HUB
SPACE WATCH YOUR REAL-TIME SPACE INFORMATION HUB
IRJET Journal
 
A Review on Influence of Fluid Viscous Damper on The Behaviour of Multi-store...
A Review on Influence of Fluid Viscous Damper on The Behaviour of Multi-store...A Review on Influence of Fluid Viscous Damper on The Behaviour of Multi-store...
A Review on Influence of Fluid Viscous Damper on The Behaviour of Multi-store...
IRJET Journal
 
Wireless Arduino Control via Mobile: Eliminating the Need for a Dedicated Wir...
Wireless Arduino Control via Mobile: Eliminating the Need for a Dedicated Wir...Wireless Arduino Control via Mobile: Eliminating the Need for a Dedicated Wir...
Wireless Arduino Control via Mobile: Eliminating the Need for a Dedicated Wir...
IRJET Journal
 
Explainable AI(XAI) using LIME and Disease Detection in Mango Leaf by Transfe...
Explainable AI(XAI) using LIME and Disease Detection in Mango Leaf by Transfe...Explainable AI(XAI) using LIME and Disease Detection in Mango Leaf by Transfe...
Explainable AI(XAI) using LIME and Disease Detection in Mango Leaf by Transfe...
IRJET Journal
 
BRAIN TUMOUR DETECTION AND CLASSIFICATION
BRAIN TUMOUR DETECTION AND CLASSIFICATIONBRAIN TUMOUR DETECTION AND CLASSIFICATION
BRAIN TUMOUR DETECTION AND CLASSIFICATION
IRJET Journal
 
The Project Manager as an ambassador of the contract. The case of NEC4 ECC co...
The Project Manager as an ambassador of the contract. The case of NEC4 ECC co...The Project Manager as an ambassador of the contract. The case of NEC4 ECC co...
The Project Manager as an ambassador of the contract. The case of NEC4 ECC co...
IRJET Journal
 
"Enhanced Heat Transfer Performance in Shell and Tube Heat Exchangers: A CFD ...
"Enhanced Heat Transfer Performance in Shell and Tube Heat Exchangers: A CFD ..."Enhanced Heat Transfer Performance in Shell and Tube Heat Exchangers: A CFD ...
"Enhanced Heat Transfer Performance in Shell and Tube Heat Exchangers: A CFD ...
IRJET Journal
 
Advancements in CFD Analysis of Shell and Tube Heat Exchangers with Nanofluid...
Advancements in CFD Analysis of Shell and Tube Heat Exchangers with Nanofluid...Advancements in CFD Analysis of Shell and Tube Heat Exchangers with Nanofluid...
Advancements in CFD Analysis of Shell and Tube Heat Exchangers with Nanofluid...
IRJET Journal
 
Breast Cancer Detection using Computer Vision
Breast Cancer Detection using Computer VisionBreast Cancer Detection using Computer Vision
Breast Cancer Detection using Computer Vision
IRJET Journal
 
Auto-Charging E-Vehicle with its battery Management.
Auto-Charging E-Vehicle with its battery Management.Auto-Charging E-Vehicle with its battery Management.
Auto-Charging E-Vehicle with its battery Management.
IRJET Journal
 
Analysis of high energy charge particle in the Heliosphere
Analysis of high energy charge particle in the HeliosphereAnalysis of high energy charge particle in the Heliosphere
Analysis of high energy charge particle in the Heliosphere
IRJET Journal
 
A Novel System for Recommending Agricultural Crops Using Machine Learning App...
A Novel System for Recommending Agricultural Crops Using Machine Learning App...A Novel System for Recommending Agricultural Crops Using Machine Learning App...
A Novel System for Recommending Agricultural Crops Using Machine Learning App...
IRJET Journal
 
Auto-Charging E-Vehicle with its battery Management.
Auto-Charging E-Vehicle with its battery Management.Auto-Charging E-Vehicle with its battery Management.
Auto-Charging E-Vehicle with its battery Management.
IRJET Journal
 
Analysis of high energy charge particle in the Heliosphere
Analysis of high energy charge particle in the HeliosphereAnalysis of high energy charge particle in the Heliosphere
Analysis of high energy charge particle in the Heliosphere
IRJET Journal
 
Wireless Arduino Control via Mobile: Eliminating the Need for a Dedicated Wir...
Wireless Arduino Control via Mobile: Eliminating the Need for a Dedicated Wir...Wireless Arduino Control via Mobile: Eliminating the Need for a Dedicated Wir...
Wireless Arduino Control via Mobile: Eliminating the Need for a Dedicated Wir...
IRJET Journal
 
Enhanced heart disease prediction using SKNDGR ensemble Machine Learning Model
Enhanced heart disease prediction using SKNDGR ensemble Machine Learning ModelEnhanced heart disease prediction using SKNDGR ensemble Machine Learning Model
Enhanced heart disease prediction using SKNDGR ensemble Machine Learning Model
IRJET Journal
 
Utilizing Biomedical Waste for Sustainable Brick Manufacturing: A Novel Appro...
Utilizing Biomedical Waste for Sustainable Brick Manufacturing: A Novel Appro...Utilizing Biomedical Waste for Sustainable Brick Manufacturing: A Novel Appro...
Utilizing Biomedical Waste for Sustainable Brick Manufacturing: A Novel Appro...
IRJET Journal
 
Kiona – A Smart Society Automation Project
Kiona – A Smart Society Automation ProjectKiona – A Smart Society Automation Project
Kiona – A Smart Society Automation Project
IRJET Journal
 
DESIGN AND DEVELOPMENT OF BATTERY THERMAL MANAGEMENT SYSTEM USING PHASE CHANG...
DESIGN AND DEVELOPMENT OF BATTERY THERMAL MANAGEMENT SYSTEM USING PHASE CHANG...DESIGN AND DEVELOPMENT OF BATTERY THERMAL MANAGEMENT SYSTEM USING PHASE CHANG...
DESIGN AND DEVELOPMENT OF BATTERY THERMAL MANAGEMENT SYSTEM USING PHASE CHANG...
IRJET Journal
 
Invest in Innovation: Empowering Ideas through Blockchain Based Crowdfunding
Invest in Innovation: Empowering Ideas through Blockchain Based CrowdfundingInvest in Innovation: Empowering Ideas through Blockchain Based Crowdfunding
Invest in Innovation: Empowering Ideas through Blockchain Based Crowdfunding
IRJET Journal
 
SPACE WATCH YOUR REAL-TIME SPACE INFORMATION HUB
SPACE WATCH YOUR REAL-TIME SPACE INFORMATION HUBSPACE WATCH YOUR REAL-TIME SPACE INFORMATION HUB
SPACE WATCH YOUR REAL-TIME SPACE INFORMATION HUB
IRJET Journal
 
A Review on Influence of Fluid Viscous Damper on The Behaviour of Multi-store...
A Review on Influence of Fluid Viscous Damper on The Behaviour of Multi-store...A Review on Influence of Fluid Viscous Damper on The Behaviour of Multi-store...
A Review on Influence of Fluid Viscous Damper on The Behaviour of Multi-store...
IRJET Journal
 
Wireless Arduino Control via Mobile: Eliminating the Need for a Dedicated Wir...
Wireless Arduino Control via Mobile: Eliminating the Need for a Dedicated Wir...Wireless Arduino Control via Mobile: Eliminating the Need for a Dedicated Wir...
Wireless Arduino Control via Mobile: Eliminating the Need for a Dedicated Wir...
IRJET Journal
 
Explainable AI(XAI) using LIME and Disease Detection in Mango Leaf by Transfe...
Explainable AI(XAI) using LIME and Disease Detection in Mango Leaf by Transfe...Explainable AI(XAI) using LIME and Disease Detection in Mango Leaf by Transfe...
Explainable AI(XAI) using LIME and Disease Detection in Mango Leaf by Transfe...
IRJET Journal
 
BRAIN TUMOUR DETECTION AND CLASSIFICATION
BRAIN TUMOUR DETECTION AND CLASSIFICATIONBRAIN TUMOUR DETECTION AND CLASSIFICATION
BRAIN TUMOUR DETECTION AND CLASSIFICATION
IRJET Journal
 
The Project Manager as an ambassador of the contract. The case of NEC4 ECC co...
The Project Manager as an ambassador of the contract. The case of NEC4 ECC co...The Project Manager as an ambassador of the contract. The case of NEC4 ECC co...
The Project Manager as an ambassador of the contract. The case of NEC4 ECC co...
IRJET Journal
 
"Enhanced Heat Transfer Performance in Shell and Tube Heat Exchangers: A CFD ...
"Enhanced Heat Transfer Performance in Shell and Tube Heat Exchangers: A CFD ..."Enhanced Heat Transfer Performance in Shell and Tube Heat Exchangers: A CFD ...
"Enhanced Heat Transfer Performance in Shell and Tube Heat Exchangers: A CFD ...
IRJET Journal
 
Advancements in CFD Analysis of Shell and Tube Heat Exchangers with Nanofluid...
Advancements in CFD Analysis of Shell and Tube Heat Exchangers with Nanofluid...Advancements in CFD Analysis of Shell and Tube Heat Exchangers with Nanofluid...
Advancements in CFD Analysis of Shell and Tube Heat Exchangers with Nanofluid...
IRJET Journal
 
Breast Cancer Detection using Computer Vision
Breast Cancer Detection using Computer VisionBreast Cancer Detection using Computer Vision
Breast Cancer Detection using Computer Vision
IRJET Journal
 
Auto-Charging E-Vehicle with its battery Management.
Auto-Charging E-Vehicle with its battery Management.Auto-Charging E-Vehicle with its battery Management.
Auto-Charging E-Vehicle with its battery Management.
IRJET Journal
 
Analysis of high energy charge particle in the Heliosphere
Analysis of high energy charge particle in the HeliosphereAnalysis of high energy charge particle in the Heliosphere
Analysis of high energy charge particle in the Heliosphere
IRJET Journal
 
A Novel System for Recommending Agricultural Crops Using Machine Learning App...
A Novel System for Recommending Agricultural Crops Using Machine Learning App...A Novel System for Recommending Agricultural Crops Using Machine Learning App...
A Novel System for Recommending Agricultural Crops Using Machine Learning App...
IRJET Journal
 
Auto-Charging E-Vehicle with its battery Management.
Auto-Charging E-Vehicle with its battery Management.Auto-Charging E-Vehicle with its battery Management.
Auto-Charging E-Vehicle with its battery Management.
IRJET Journal
 
Analysis of high energy charge particle in the Heliosphere
Analysis of high energy charge particle in the HeliosphereAnalysis of high energy charge particle in the Heliosphere
Analysis of high energy charge particle in the Heliosphere
IRJET Journal
 
Wireless Arduino Control via Mobile: Eliminating the Need for a Dedicated Wir...
Wireless Arduino Control via Mobile: Eliminating the Need for a Dedicated Wir...Wireless Arduino Control via Mobile: Eliminating the Need for a Dedicated Wir...
Wireless Arduino Control via Mobile: Eliminating the Need for a Dedicated Wir...
IRJET Journal
 

Recently uploaded (20)

What is dbms architecture, components of dbms architecture and types of dbms ...
What is dbms architecture, components of dbms architecture and types of dbms ...What is dbms architecture, components of dbms architecture and types of dbms ...
What is dbms architecture, components of dbms architecture and types of dbms ...
cyhuutjdoazdwrnubt
 
UNIT-5-PPT Computer Control Power of Power System
UNIT-5-PPT Computer Control Power of Power SystemUNIT-5-PPT Computer Control Power of Power System
UNIT-5-PPT Computer Control Power of Power System
Sridhar191373
 
Forensic Science – Digital Forensics – Digital Evidence – The Digital Forensi...
Forensic Science – Digital Forensics – Digital Evidence – The Digital Forensi...Forensic Science – Digital Forensics – Digital Evidence – The Digital Forensi...
Forensic Science – Digital Forensics – Digital Evidence – The Digital Forensi...
ManiMaran230751
 
Pruebas y Solucion de problemas empresariales en redes de Fibra Optica
Pruebas y Solucion de problemas empresariales en redes de Fibra OpticaPruebas y Solucion de problemas empresariales en redes de Fibra Optica
Pruebas y Solucion de problemas empresariales en redes de Fibra Optica
OmarAlfredoDelCastil
 
Axial Capacity Estimation of FRP-strengthened Corroded Concrete Columns
Axial Capacity Estimation of FRP-strengthened Corroded Concrete ColumnsAxial Capacity Estimation of FRP-strengthened Corroded Concrete Columns
Axial Capacity Estimation of FRP-strengthened Corroded Concrete Columns
Journal of Soft Computing in Civil Engineering
 
Influence line diagram in a robust model
Influence line diagram in a robust modelInfluence line diagram in a robust model
Influence line diagram in a robust model
ParthaSengupta26
 
Introduction of Structural Audit and Health Montoring.pptx
Introduction of Structural Audit and Health Montoring.pptxIntroduction of Structural Audit and Health Montoring.pptx
Introduction of Structural Audit and Health Montoring.pptx
gunjalsachin
 
[HIFLUX] High Pressure Tube Support Catalog 2025
[HIFLUX] High Pressure Tube Support Catalog 2025[HIFLUX] High Pressure Tube Support Catalog 2025
[HIFLUX] High Pressure Tube Support Catalog 2025
하이플럭스 / HIFLUX Co., Ltd.
 
May 2025: Top 10 Cited Articles in Software Engineering & Applications Intern...
May 2025: Top 10 Cited Articles in Software Engineering & Applications Intern...May 2025: Top 10 Cited Articles in Software Engineering & Applications Intern...
May 2025: Top 10 Cited Articles in Software Engineering & Applications Intern...
sebastianku31
 
Influence line diagram for truss in a robust
Influence line diagram for truss in a robustInfluence line diagram for truss in a robust
Influence line diagram for truss in a robust
ParthaSengupta26
 
Software_Engineering_in_6_Hours_lyst1728638742594.pdf
Software_Engineering_in_6_Hours_lyst1728638742594.pdfSoftware_Engineering_in_6_Hours_lyst1728638742594.pdf
Software_Engineering_in_6_Hours_lyst1728638742594.pdf
VanshMunjal7
 
Software Developer Portfolio: Backend Architecture & Performance Optimization
Software Developer Portfolio: Backend Architecture & Performance OptimizationSoftware Developer Portfolio: Backend Architecture & Performance Optimization
Software Developer Portfolio: Backend Architecture & Performance Optimization
kiwoong (daniel) kim
 
[HIFLUX] Lok Fitting&Valve Catalog 2025 (Eng)
[HIFLUX] Lok Fitting&Valve Catalog 2025 (Eng)[HIFLUX] Lok Fitting&Valve Catalog 2025 (Eng)
[HIFLUX] Lok Fitting&Valve Catalog 2025 (Eng)
하이플럭스 / HIFLUX Co., Ltd.
 
MODULE 5 BUILDING PLANNING AND DESIGN SY BTECH ACOUSTICS SYSTEM IN BUILDING
MODULE 5 BUILDING PLANNING AND DESIGN SY BTECH ACOUSTICS SYSTEM IN BUILDINGMODULE 5 BUILDING PLANNING AND DESIGN SY BTECH ACOUSTICS SYSTEM IN BUILDING
MODULE 5 BUILDING PLANNING AND DESIGN SY BTECH ACOUSTICS SYSTEM IN BUILDING
Dr. BASWESHWAR JIRWANKAR
 
world subdivision.pdf...................
world subdivision.pdf...................world subdivision.pdf...................
world subdivision.pdf...................
bmmederos12
 
UNIT-1-PPT-Introduction about Power System Operation and Control
UNIT-1-PPT-Introduction about Power System Operation and ControlUNIT-1-PPT-Introduction about Power System Operation and Control
UNIT-1-PPT-Introduction about Power System Operation and Control
Sridhar191373
 
fy06_46f6-ht30_22_oil_gas_industry_guidelines.ppt
fy06_46f6-ht30_22_oil_gas_industry_guidelines.pptfy06_46f6-ht30_22_oil_gas_industry_guidelines.ppt
fy06_46f6-ht30_22_oil_gas_industry_guidelines.ppt
sukarnoamin
 
Highway Engineering - Pavement materials
Highway Engineering - Pavement materialsHighway Engineering - Pavement materials
Highway Engineering - Pavement materials
AmrutaBhosale9
 
Numerical Investigation of the Aerodynamic Characteristics for a Darrieus H-t...
Numerical Investigation of the Aerodynamic Characteristics for a Darrieus H-t...Numerical Investigation of the Aerodynamic Characteristics for a Darrieus H-t...
Numerical Investigation of the Aerodynamic Characteristics for a Darrieus H-t...
Mohamed905031
 
UNIT-4-PPT UNIT COMMITMENT AND ECONOMIC DISPATCH
UNIT-4-PPT UNIT COMMITMENT AND ECONOMIC DISPATCHUNIT-4-PPT UNIT COMMITMENT AND ECONOMIC DISPATCH
UNIT-4-PPT UNIT COMMITMENT AND ECONOMIC DISPATCH
Sridhar191373
 
What is dbms architecture, components of dbms architecture and types of dbms ...
What is dbms architecture, components of dbms architecture and types of dbms ...What is dbms architecture, components of dbms architecture and types of dbms ...
What is dbms architecture, components of dbms architecture and types of dbms ...
cyhuutjdoazdwrnubt
 
UNIT-5-PPT Computer Control Power of Power System
UNIT-5-PPT Computer Control Power of Power SystemUNIT-5-PPT Computer Control Power of Power System
UNIT-5-PPT Computer Control Power of Power System
Sridhar191373
 
Forensic Science – Digital Forensics – Digital Evidence – The Digital Forensi...
Forensic Science – Digital Forensics – Digital Evidence – The Digital Forensi...Forensic Science – Digital Forensics – Digital Evidence – The Digital Forensi...
Forensic Science – Digital Forensics – Digital Evidence – The Digital Forensi...
ManiMaran230751
 
Pruebas y Solucion de problemas empresariales en redes de Fibra Optica
Pruebas y Solucion de problemas empresariales en redes de Fibra OpticaPruebas y Solucion de problemas empresariales en redes de Fibra Optica
Pruebas y Solucion de problemas empresariales en redes de Fibra Optica
OmarAlfredoDelCastil
 
Axial Capacity Estimation of FRP-strengthened Corroded Concrete Columns
Axial Capacity Estimation of FRP-strengthened Corroded Concrete ColumnsAxial Capacity Estimation of FRP-strengthened Corroded Concrete Columns
Axial Capacity Estimation of FRP-strengthened Corroded Concrete Columns
Journal of Soft Computing in Civil Engineering
 
Influence line diagram in a robust model
Influence line diagram in a robust modelInfluence line diagram in a robust model
Influence line diagram in a robust model
ParthaSengupta26
 
Introduction of Structural Audit and Health Montoring.pptx
Introduction of Structural Audit and Health Montoring.pptxIntroduction of Structural Audit and Health Montoring.pptx
Introduction of Structural Audit and Health Montoring.pptx
gunjalsachin
 
[HIFLUX] High Pressure Tube Support Catalog 2025
[HIFLUX] High Pressure Tube Support Catalog 2025[HIFLUX] High Pressure Tube Support Catalog 2025
[HIFLUX] High Pressure Tube Support Catalog 2025
하이플럭스 / HIFLUX Co., Ltd.
 
May 2025: Top 10 Cited Articles in Software Engineering & Applications Intern...
May 2025: Top 10 Cited Articles in Software Engineering & Applications Intern...May 2025: Top 10 Cited Articles in Software Engineering & Applications Intern...
May 2025: Top 10 Cited Articles in Software Engineering & Applications Intern...
sebastianku31
 
Influence line diagram for truss in a robust
Influence line diagram for truss in a robustInfluence line diagram for truss in a robust
Influence line diagram for truss in a robust
ParthaSengupta26
 
Software_Engineering_in_6_Hours_lyst1728638742594.pdf
Software_Engineering_in_6_Hours_lyst1728638742594.pdfSoftware_Engineering_in_6_Hours_lyst1728638742594.pdf
Software_Engineering_in_6_Hours_lyst1728638742594.pdf
VanshMunjal7
 
Software Developer Portfolio: Backend Architecture & Performance Optimization
Software Developer Portfolio: Backend Architecture & Performance OptimizationSoftware Developer Portfolio: Backend Architecture & Performance Optimization
Software Developer Portfolio: Backend Architecture & Performance Optimization
kiwoong (daniel) kim
 
[HIFLUX] Lok Fitting&Valve Catalog 2025 (Eng)
[HIFLUX] Lok Fitting&Valve Catalog 2025 (Eng)[HIFLUX] Lok Fitting&Valve Catalog 2025 (Eng)
[HIFLUX] Lok Fitting&Valve Catalog 2025 (Eng)
하이플럭스 / HIFLUX Co., Ltd.
 
MODULE 5 BUILDING PLANNING AND DESIGN SY BTECH ACOUSTICS SYSTEM IN BUILDING
MODULE 5 BUILDING PLANNING AND DESIGN SY BTECH ACOUSTICS SYSTEM IN BUILDINGMODULE 5 BUILDING PLANNING AND DESIGN SY BTECH ACOUSTICS SYSTEM IN BUILDING
MODULE 5 BUILDING PLANNING AND DESIGN SY BTECH ACOUSTICS SYSTEM IN BUILDING
Dr. BASWESHWAR JIRWANKAR
 
world subdivision.pdf...................
world subdivision.pdf...................world subdivision.pdf...................
world subdivision.pdf...................
bmmederos12
 
UNIT-1-PPT-Introduction about Power System Operation and Control
UNIT-1-PPT-Introduction about Power System Operation and ControlUNIT-1-PPT-Introduction about Power System Operation and Control
UNIT-1-PPT-Introduction about Power System Operation and Control
Sridhar191373
 
fy06_46f6-ht30_22_oil_gas_industry_guidelines.ppt
fy06_46f6-ht30_22_oil_gas_industry_guidelines.pptfy06_46f6-ht30_22_oil_gas_industry_guidelines.ppt
fy06_46f6-ht30_22_oil_gas_industry_guidelines.ppt
sukarnoamin
 
Highway Engineering - Pavement materials
Highway Engineering - Pavement materialsHighway Engineering - Pavement materials
Highway Engineering - Pavement materials
AmrutaBhosale9
 
Numerical Investigation of the Aerodynamic Characteristics for a Darrieus H-t...
Numerical Investigation of the Aerodynamic Characteristics for a Darrieus H-t...Numerical Investigation of the Aerodynamic Characteristics for a Darrieus H-t...
Numerical Investigation of the Aerodynamic Characteristics for a Darrieus H-t...
Mohamed905031
 
UNIT-4-PPT UNIT COMMITMENT AND ECONOMIC DISPATCH
UNIT-4-PPT UNIT COMMITMENT AND ECONOMIC DISPATCHUNIT-4-PPT UNIT COMMITMENT AND ECONOMIC DISPATCH
UNIT-4-PPT UNIT COMMITMENT AND ECONOMIC DISPATCH
Sridhar191373
 

An Analysis on Software Defined Wireless Network using Stride Model

  • 1. International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 04 Issue: 08 | Aug -2017 www.irjet.net p-ISSN: 2395-0072 © 2017, IRJET | Impact Factor value: 5.181 | ISO 9001:2008 Certified Journal | Page 1008 An Analysis on Software Defined Wireless Network Using STRIDE Model Arockia Panimalar.S 1, Nishanth.R2, Sathish.G3, Manikandan.G4 1 Assistant Professor, Department of BCA & M.Sc SS, Sri Krishna Arts and Science College, Coimbatore, India 2,3,4 III BCA, Department of BCA & M.Sc SS, Sri Krishna Arts and Science College, Coimbatore, India ---------------------------------------------------------------------***--------------------------------------------------------------------- Abstract - The present mobile and remote system are becoming quicker in size and complex to quantify the administrations. Security is a standout amongst the most essential angles for such complex system and should be checked appropriately to give early identification of security ruptures and Denial of Service assault. Tools that measure such detection of network threats and monitors network services requires interior security in their own particular component. This paper examines two of such checking and estimation apparatuses: sFlow and FlowVisor for hidden Software Defined Wireless Networking (SDWN) condition by applying STRIDE threat model. This analytical study represents that, sFlow requires an externalsecure deployment environment to ensure security in data flow and datastorefor SDWN. FlowVisor accompanies secured get to control in information store wherein separated stream cut requires instrument that enhance its security. Key Words: Software Defined Wireless Networking (SDWN), STRIDE, OpenFlow, sFlow, FlowVisor 1. INTRODUCTION Wireless Networking turns into the most versatile innovation for adaptability and portability inhumanlife. For the most recent couple of years, Software Defined Wireless Networking (SDWN), a branch of Software DefinedNetwork (SDN) has been a key research innovation to dissect and legitimate administration of the thickly populated cellular network [1] [2]. Programming DefinedWirelessNetworking (SDWN) guarantees straightforward and adaptable system design and successful portability administration of the IP networks. The Software Defined Wireless Networking (SDWN) automatically concentrates and isolates the control plane (otherwise knownas. Network OS)fromthedata plane (otherwise known as Forwarding plane). A regular engineering of SDN is delineated in Fig. 1. The southbound interface is a medium between the control plane and data plane while northbound is layer between application plane and control plane. The southbound interface prepares the controllers to gather data about Mobile Nodes (MNs) and transmits and gets bundles to and from MNs utilizing SDWN components [3]. To guarantee qulaity of service in SDWN and persistent network services, operators need to monitor the network and do legitimate service measurements from time to time. Such observing will help in in analyzing network parameters,i.e.throughput,roundtriptransmission time, data transfer capacity in the remote connection, mobility frequency and preparing a real-time view of the network service standard on industry level. For such analysis, observing and estimation, different open source and business innovation and instruments are accessible for SDWN including sFlow [4], FlowVisor [5], BigSwitch [6], BigTap [7], SevOne [8] and so on. These tools provide the operator with capabilities to perform troublesome network activities and even monitor, detect and indicate security attack in progress on a certain network entity. Fig 1: SDN Architecture with Control and Data Plane Beforehand a few research works isperformedondissecting the security of OpenFlow-based SDN environment. Analysis on 4D, PCE and SANE-based SDN architectures is performed in paper [9], security use of SDN is completely investigated and assessed in [10]. First, sFlow was represented as an effective andscalablevulnerabilitymitigationmechanismfor SDN [11]. FlowVisor turned a better solution for network virtualization [12] and powerlessness answer for flow isolation is proposed and assessed nearby [13]. Among the tools that screen and measure the SDN, a comparative study between sFlow (Open-Source) and BigTap (commercial) is illustrated in paper [14]. Be that as it may,a securityandrisk
  • 2. International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 04 Issue: 08 | Aug -2017 www.irjet.net p-ISSN: 2395-0072 © 2017, IRJET | Impact Factor value: 5.181 | ISO 9001:2008 Certified Journal | Page 1009 characterized ponder in SDWN monitoring and measurement tools, thosefocusesonOpen-Flowflow entries and communication among multiple controllers in wireless platform, is the primary goal of this perspective study. Consequently, sFlow and FlowVisor are decided for above stream conditions. The structure of this paper is as per the following. In Section II, the STRIDE and Data Flow approach is portrayed. In Section III and IV, security and threat risks of sFlow and FlowVisor are broke down. Segment V represents a comparative report between the two monitoring tools and along these lines closing the paper in Section VI with future prospects of this study outcome. 2. METHODS FOR IMPLEMENTING SDN Several approaches are available for implementing SDN concept including OpenFlow that separates the control and forwarding plane in the network architecture. SDN approaches were generalized using a concept of OpenFlow and were introduced in mid-1990s. A. OpenFlow According to OpenFlow specification in [15], any OpenFlow switch holds flow entries that contain incoming packet header information, packet handling action for matched packet entries in the list and statistics of number of bytes, packets in a particular flow and time since last pass. Packets as arrive at any OpenFlow switches, it executes the packet header information and try matching the existing flow entries. When the information does not match any of the flow tables, switch then pass the packet to the controller to take action and update the flow entries accordingly with required information of the packet. Whenit’sa match switch performs and forwards the packet to its next destination on the basis of routing flow table information in it. B. Software Defined Wireless Network As SDN brings more advantage in connecting into the internet, Software Defined Wireless Network (SDWN) has got much importance and emerging research field with attention. SDWN isorientedtowardsthemobileand wireless network devices and aims at the research and study of crucial technologies for the future mobile and wireless network. This SDWN architecture is composed of both North-South and East-West network dimensionwhereEast- West operates for wireless and mobile devices using intercontroller protocols such as Border Gateway Protocol (BGP) [16]. Hence, security of the underlying network depends on the secured flow information and control plane. Tools that monitor and measure and flows between SDWN entities, therefore, requires security from external access and service oriented attacks. This study is concerned about sFlow and FlowVisor as one of these tools. C. Threat Modelling and STRIDE Threat Modelling used to refer to analyzing any software or system or organizational network. Threat Modeling encompasses a wide variety of activities in the elicitations and analysis of securitymechanismsindeployeddesigns and network [17]. Some of the mostly applied models include DREAD [18], Octave [19], STRIDE [20], Generic Risk Model, Guerilla Threat Modelling, Process forAttack Simulationand Threat Analysis (PASTA), Trike etc [21]. DREAD provides threat identification rate as SQL injections and provides the subjective assessments by the threat reporter.Octave model is best suited for complex and larger system where STRIDE focuses on network based application and systems. Trike helps security auditing process with distinct risk-based implementation than others, however, is yet in experimentation stage and lacks proper documentationand support. PASTA includes risk management steps in the final stage of the process and is not limited to a specific risk calculation formula [22]. Thereby, introduced by Microsoft, STRIDE model method is used to identify and evaluate the security threats on OpenFlow based SDWN network measurement and monitoring tools: sFlow and FlowVisor. STRIDE threat model reveals if a system or software in concern is vulnerable to Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service (DoS) and Elevation of Privilege threat [20]. EachoftheSTRIDE threats can be mapped to one security property as shownin Table 1. and described in the following: a)Spoofing: In spoofing malicious user or program masquerades gain illegal access in privileged data by falsifying user information. b)Tampering: Data tampering involves malicious modification of information and resources i.e. alteration of data as it streams between two PCs over an open network called the Internet. c)Repudiation: Repudiation threats are associated with malicious users and masquerades who performs an action and deny without other parties having any way to prove otherwise—for example, an attacker controller performs an illegal operation in a SDN that lacks the ability to trace the prohibited operations. d)Information Disclosure: Thistreatmeanstheillegitimate availability of resourceinformationofthe systemornetwork or software to malicious and unauthorized users or programs. e) Denial of Service: This treat causesserviceunavailability to the authorized legitimate users or programs. f)Elevation of Privilege: In this type of threat, an unprivileged user gains privileged access and thereby has sufficient access tocompromiseordestroytheentiresystem.
  • 3. International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 04 Issue: 08 | Aug -2017 www.irjet.net p-ISSN: 2395-0072 © 2017, IRJET | Impact Factor value: 5.181 | ISO 9001:2008 Certified Journal | Page 1010 This treat can cause penetration of all system or network defense and declares it a trusted system. Table 1 presents the STRIDE threat categorization model, based on the above definitions, which includes the corresponding security property and default controls associated with the threat type. TABLE 1: Threat Categorization, Security Properties and Controls [17] Threat Property Controls Spoofing Authentication Authentication Stores, Strong Authentication mechanisms Tampering Integrity/ Access Controls Crypto Hash, Digital watermark/ isolation and access checks Repudiation Non Repudiation Logging infrastructure, full packet-capture Information Disclosure Confidentiality Encryption or Isolation Denial of Service Availability Redundancy, failover, QoS, Bandwidth throttle Elevation of Privilege Authorization /Least Privilege RBAC, DACL, MAC, Sudo, UAC, Privileged account protections Data Flow Diagrams (DFD) are used to graphically represent any system [17]. DFDs use a standard set of symbols consisting of four elements: data flows, data stores, processes, and interactors [17]. In Table2,DFD elements are identified as a means of eliciting information which can be used to drive STRIDE threat analysis. As illustrated in Table 3, each DFD elements can be vulnerable to one or many STRIDE threats. TABLE 2. DFD elements and their representation [17] Name Representation Definition Data Flow Directed Arrow Data sent among network elements Data Store Parallel Lines Stable Data Process Circle Programs or applications that configures the system Interactors Rectangular Box Endpoints out of system scope to control Trust Boundaries Dotted Line Separation between trusted and untrusted elements of the system TABLE 3. STRIDE Threats per DFD element [17] Threat Data Flow Data Store Process Interactors Spoofing Yes Yes Tampering Yes Yes Yes Repudiation Yes Yes Yes Information Disclosure Yes Yes Yes Denial of Service Yes Yes Yes Elevation of Privilege Yes 3. sFLOW sFlow is an open source sampling technology and traffic measurement and monitoring tool for OpenFlow network [4]. It is a traffic monitoring solution embedded with switch and router of any possible OpenFlow based SDWN. Primary elements of sFlow system consists sFlow agents and sFlow collector, illustrated in Fig. 2. Agent is the software process that is remotely configuredusinga Management Information Base (MIB) within the device. Consolidating the interface counters and flow tests into sFlow datagrams, these datagrams are sent to the sFlow collector installed in the checking host through the SDWN environment utilizing Simple Network Management Protocol (SNMP) [23]. Including sFlow’s own collector sets: sFlow-RT, sFlow- Trend, sflowtool, this sampling tool also support the third party collectors: VitalSuit, Peakflow, Kentik Detect and FlowTraq - those handle more details of sFlow datagrams [4]. Illustration in Fig. 2 represents the Data Flow Diagram (DFD) of sFlow that uncovers the crucial security risk.sFlow doesn’t provide any security mechanism fordata flowrather depends on secure third partymanagement environmentfor sFlow agents. Fig. 2: sFlow Data Flow Diagram
  • 4. International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 04 Issue: 08 | Aug -2017 www.irjet.net p-ISSN: 2395-0072 © 2017, IRJET | Impact Factor value: 5.181 | ISO 9001:2008 Certified Journal | Page 1011 A. Data Flows Data flows are vulnerable to Tampering, Information Disclosure and DoS attack in absence of proper security mechanism. A physical interface of switch, routers is potential data sources in the underlying SDWN. These provides sampled data packet to sFlow agents for measurement. sFlow agents combine packet flow sampling and counter sampling to sFlow datagrams. The sFlow Datagrams are used to immediately forward the sampled traffic statistics being unencrypted to a sFlow Collector for analysis [24]. As collectors can be vendor provided, security of the received datagrams depends on vendor’s will of deployment and how they process the data. Hence, sFlow doesn’t provide any security mechanism. For security reasons SNMPv3 should be used to configureandcontrol the sFlow agents to encrypt and authenticate the datagrams before transmitting to the collector [24]. B. Data Stores According to Table 1 data store are prone to Tampering, Information Disclosure and DoS attack vulnerabilities alike data flows. MIB contains information about sFlow agents, collector ports and even IP addresses. Using SNMP, sFlow agents can be configured through a local Command Line Interface (CLI) or SNMP commands. In order to decline any anonymous actions, switches and routers in the network should have some Access Control (AC) mechanisms, i.e. Discretionary Access Control (DAC), Role-Based Access Control (RBAC) to ensure the interface’s security [14]. In inverse case, if CLI is available from unapproved client, MIB in sFlow is powerless against data Tampering, traffic Information Disclosure and even DoS assault, holds the MIB flow enteries and authority subtle elements open for unapproved get to and considerably aggressor can alter the information. If there should be an occurrence of SNMPv1, SNMPv2 communication with collector is at comparable dangers. C. Interactors sFlow agents performs one-way communication with the sFlow collectors and sends the combination of packet based and time-based sampled traffic data [24].According to Table 1. they are not considered as interactors. D. Processes sFlow agent processes are not accessible through interfaces, therefore the STRIDE method is not applied. The collector should check the time-based counter number of the sFlow datagrams to provide a securitymechanismagainst spoofing attacks [24]. E. Summary Above analysis clarifies that sFlow requires a third party deployment environment for security needs. However, ensuring the Transport Layer Security (TLS) among sFlow agents and collector, sFlow itself can emerge as a secured SDWN monitoring and measurement tool for wireless and Table 4 shows the probable vulnerabilities of sFlow agents. Adapting an access control mechanism can eliminate the security risks to a certain level of tampering and MIB information disclosure. TABLE 4. sFlow Vulnerabilities Threat Data Flow Data Store Solution Tampering Yes Yes ACL/RBAC/DAC for CLI, NPMv3, TLS Information Disclosure Yes Yes TLS Denial of Services(DoS) Yes Yes AC in CLI for MIB Security, TLS 4. FLOWVISOR FlowVisor is an OpenFlow controller works as a proxy in between the OpenFlow switches and several multiple OpenFlow controllers, allowing visualization of OpenFlow physical infrastructure into different virtual networks [5]. Using OpenFlow protocol, FlowVisor controls underlying network, dividing the resources into slices isolated from each other. And delegates control of each slice to a different controller [5]. FlowVisor provides isolationfortopology and addressing space. FlowVisor is architecturally a neutral transparent proxy and makes no assumption about the functions and operations of the switches and controllers. FlowVisor sits between each of the controllers and switches making sure that the guest controller has full accessibility of the switches maintaining the flows that define the corresponding slice. The DFD in Fig. 3 represents data flow between OpenFlow enabled switches and controllerswhere messages are intercepted through FlowVisor. Fig. 3: FlowVisor Data Flow Diagram
  • 5. International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 04 Issue: 08 | Aug -2017 www.irjet.net p-ISSN: 2395-0072 © 2017, IRJET | Impact Factor value: 5.181 | ISO 9001:2008 Certified Journal | Page 1012 FlowVisor partitions the base transmission transfer speed for each slice doling out particular data rate to a set of flows from that slice. FlowVisor screens each flow-entry for each guest controller and portions the flow table among the switches. Switches are arranged by the resource allocation and directing approaches cuts of the FlowVisor controller. Slices are isolated and have their own ‘flowspace’ or set of region of data flows. These isolated slices can be broken allowing different attacks. A. Data Flows FlowVisor adopts slicing policies for each guest controller. Activity sent from the production network and guest controllers if matches the sending enteries in the FlowVisor are sliced for relevant switches as per 'flowspace'. Diverse slices having adaptable and distinctive flow policies are emphatically separated. Any traffic that does not coordinate the current sending enteries are sent to the production controller for inclusion. Production controller subsequently revises the relevant slice. Assault on slice policy reworks from assaulting entity can make vulnerabilities such system with FlowVisor. Assuming, in this manner, data is sent from an aggressor, the controller can't identifyasa resultofpolicy revise and causes altering of flow rules and the system data and even DoS dangers. B. Data Stores The switch arrangement is put away in the flow enteries of the cuts by the respective guest controllers. This permits data movement validation to flow between the controllers and switches inside the wireless OpenFlow network even under portability circumstances. This mechanism ensures that data is secured against Tampering, Information Disclosure and Spoofing threats. C. Interactors FlowVisor’s Command Line Interface (CLI) provides control access to users for data and slice configuration. CLI uses user-authentication in terms of username, host name and port number on accessing the interface and slices and therefore securefromSpoofing,Tampering,Repudiation and Elevation of Privilege threats. D. Processes Slice processes are owned by the admin and groups of the network operators and thereby Spoofing, Repudiation, DoS and tampering threats are unable to make the network vulnerable in FlowVisor’s process. E. Summary FlowVisor is open source to access controller’s processes, data flow and action support forslices.Althoughthistool has separate production controllerandisolated slicestoperform the flow independently against any attacking entity, FlowVisor is vulnerable to different threats at different flow status described in Table 5. TABLE 5: FlowVisor Vulnerabilities Threat Data Flow Solution Tampering Yes TLS Information Disclosure Yes TLS Denial of Services (DoS) Yes Access Control in CLI for policy rewrite, TLS Adjusting Transport Layer Security can safeguard the arrangement revise production controller for unmatched packets where virtual controllercan'tchangetheMACandIP address for the packets uninhibitedly. 5. COMPARISON BETWEEN sFLOW AND FLOWVISOR sFlow and FlowVisor both provide different network monitoring and measurement functionalities. The comparative threat model analysis of them is illustrated in Table 6. Above investigation holds sFlow giving no security in data flow and data store in DFD wherein FlowVisor acquires security threat vulnerabilities in disengaged cuts. This makes FlowVisor defenseless against Spoofing, Tampering and Information disclosure, even postponement and Denial of Service dangers in data flow. However, FlowVisor guarantees security of switch information put away in its own controller where sFlow relies upon external secure environment to guarantee security in MIB data storage and flow entry information. This makes sFlow helpless against spoofing, DoS and information divulgence risk as switching operators send decoded datagrams to the collector. Utilizing Transport LayerSecurity(TLS)insending the datagrams to the collectors can take out information exposure threatswhereintamperingcanbehandledutilizing access control mechanism in CLI, agent arranging SNMPv3 protocols. FlowVisor includes access control in CLI for slice information whichprotectsitfromspoofing,repudiation and elevation of privilege attacks fromanykindof malicioususer or masquerades. TABLE 6: Comparison of FlowVisor and sFlow tools Threat Data Flow Data Store Tampering FlowVisor, sFlow sFlow Information Disclosure FlowVisor, sFlow sFlow Denial of Services (DoS) FlowVisor, sFlow sFlow
  • 6. International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 04 Issue: 08 | Aug -2017 www.irjet.net p-ISSN: 2395-0072 © 2017, IRJET | Impact Factor value: 5.181 | ISO 9001:2008 Certified Journal | Page 1013 6. CONCLUSION In this paper, an analysis on wireless SDN monitoring tools, sFlow and FlowVisor, in terms of STRIDE security threat model where both has different functionalities and vulnerabilities in handling data traffic flows and network entities. This analysis will provide suggestions in handling the above mentioned security threats in SDWN using existing well-to-do mechanisms. These study fall in the category of security-centric SDWN and will be viable in doing research on OrchSec wireless architecture [25]. 7. FUTURE ENHANCEMENT The future prospects of this SDWN securityanalysis will lead to persistent research on assessment of SDWN appliance in data center, cognitive networks and mobile communication. As future work, the researchers would plan to study FlowVisor topology isolation mechanism and queue-based bandwidth isolation mechanism in securing the underlying SDWN network. Prototyping the network in real timeSDWN network devices and environment will be interesting and a big challenge ahead. 8. REFERENCES [1] Bernardos et al., "An architecture for software defined wireless networking". [2] M. R. Sama, L. M. Contreras, J. Kaippallimalil, I. Akiyoshi, H. Qian, and H. Ni, "Software-defined control of the virtualized mobile packet core," IEEE Communications Magazine, vol. 53, no. 2, pp. 107–115, Feb. 2015. [3] Y. Wang, J. Bi, and K. Zhang, "Design and implementation of a software-defined mobility architectureforIPnetworks," Mobile Networks and Applications. [4]sFlow, "Making the network visible," 2003. [Online]. Available: http://www.sflow.org/. [5]"FlowVisor,".[Online].Available:https://openflow.stanford . edu/display/DOCS/Flowvisor. [6]T. Turner, "Big switch networks, Inc," Big Switch Networks,2014.http://www.bigswitch. com/ [7]BigSwitch Networks, "Big tap monitoring fabric," Big Switch Networks, 2014. [Online]. Available: http://www. bigswitch .com/topics/big-tap-monitoring-fabric. [8] S. Inc, "SevOne: The digital infrastructure management company". [Online]. Available: https://www.sevone.com/. [9]P. Dauer, R. Khondoker, R.Marx,andK.Bayarou,"Security analysis of software defined networking applications for monitoring and measurement. [10]N. A. Jagadeesan and B. Krishnamachari, "Software- defined networking paradigms in wireless networks: A survey. [11]A. Shostack, "ExperiencesThreatModelingatMicrosoft", [Online]. http://ceur-ws.org/Vol-413/ paper12. pdf. [12]Shawn Hernan and Scott Lambert and Tomasz Ostwald and Adam Shostack, Uncover Security Design Flaws Using The STRIDE Approach. [13]sFlow.org, sFlow Version 5 Specification, [Online]. Available: http://www.sflow.org/sflow_version_5.txt. [14]A. Zaalouk and R. Khondoker and R. Marx and K Bayarou, “OrchSec: An Orchestrator-Based Architecture for Enhancing Network-Security UsingNetwork Monitoringand SDN Control Functions”

Download presentation

Your download has started