Ramesh Ch Meena - Academia.edu (original) (raw)
Uploads
Papers by Ramesh Ch Meena
2020 3rd International Conference on Emerging Technologies in Computer Engineering: Machine Learning and Internet of Things (ICETCE), 2020
SDN is a newly emerged network technology and its advantages are rapidly increasing its usages in... more SDN is a newly emerged network technology and its advantages are rapidly increasing its usages in enterprise networks. Normally, data packets in networks are forwarded based on destination address without source host address validation. The attackers may use this gap and perform various types of attacks to disturb the operations of network and related services. Various Source Address Validation (SAV) Techniques for non SDN environment have been proposed by researches but there are very few SAV techniques for SDN. We propose a RYU SDN Controller based testbed for testing of performance and ease development of new SAV techniques for SDN environment. SIPAV-SDN SAV technique has been implemented on testbed and performance checked. Experiment results have shown that proposed testbed successfully worked as per requirement of SAV technique. This may be used for testing of already proposed SAV techniques. This also provides a low cost SDN testbed for development of new SAV approaches, other network services and applications.
International JournalofEngineering Research and General Science, 2015
IPv4 addresses are already depleted in Internet Assigned Numbers Authority (IANA) and have exhaus... more IPv4 addresses are already depleted in Internet Assigned Numbers Authority (IANA) and have exhausted in Regional Internet Registries (RIRs) while more clients are continuously adding into the Internet. IPv6, as the only available next generation Internet protocol, is still not commercially successful accepted because a scheme that could solve the migration of IPv4 resources to IPv6 network, as well as mutual communication between the two incompatible protocols, has not been fully developed and deployed. Translation solution provides a proper approach to address this problem. In this review paper, we reviewed research papers presented by the researchers between 2007 and 2015 related to IPv4 & IPv6 resource migration and protocol transition schemes and observed issues related network security, addressing and error detection in the implementation of IPv6. INTRODUCTION Internet Protocol version 6 (IPv6) is a new generation protocol of the basic internet protocol. Internet Protocol (IP) is a common language of the Internet, every device connected to the Internet must support it. The current version of IPv4 (IP version 4) has several shortcomings which are unavoidable and complicate such exhausted address space, security issues, non availability of auto-configuration and in some cases present a barrier to, the further development of the Internet. The coming IPv6 revolution should remove these barriers and provide a feature-rich environment for the future of global networking. Internet Engineers Task Force released the first RFC specifying the IPv6 were released at the end of 1995 and continuously trying to improve it. Since 1995 IPv6 has not been implemented in completely in real world due some issues like availability of alternative solutions in IPv4, non availability of compatible software, financial investment required in term of compatible equipments, software and security systems. Therefore issues involve in ipv6 implementation has to be analyzed and found the solutions for some of the issues. Further in this section IPv4 and IPv6 described briefly.
International Journal of Innovative Technology and Exploring Engineering, 2019
Abstract: SDN technology is becoming every day more popular and big data centers and organizati... more Abstract: SDN technology is becoming every day more popular and big data centers and organizational networks have started deploying for its advantages. Current development of SDN network relies on target host IP address of packet and OFSwitches ignores checking of source host IP. SDN has separated control planes and data planes and OpenFlow protocol enabled switches are used as packet forwarding devices. The SDN controller controls flow of data packet through forwarding devices and when these are turned on, do not have any control and defense. The devices are not able to handle packet arriving from connected host. In this case, data packets of hosts are sent to the controller forwarding device for inspection and control packet creation for data packet and setting up required matching entries in flow table of forwarding device for such type of data packets generated by the hosts. The attackers can generate packets with Spoofed source IP address and perform various types of attacks. In this research paper, we offer a scheme as Source IP Address Validation for Software Defined Network (SIPAV-SDN) to check packet's source host IP address by binding source host IP Address and MAC address with switch port. It maintains a HostTable at Controller for verification of source host IP and MAC with switch port and only forwards the packets which have valid sources host IP address. We also simulated SIPAV-SDN with hybrid SDN network and experiment results have shown that it achieved 100% packet filtering accuracy for IP spoofed TCP, UDP and ICMP packet attacks. We used python programming language for RYU controller in Mininet network emulator.
International Journal of Recent Technology and Engineering, 2019
Abstract: SDN features are making it more popular day by day: centralized monitoring, control o... more Abstract: SDN features are making it more popular day by day: centralized monitoring, control of network equipments, increased performance and flexibility in designing network policies as per organization requirements. The SDN controller deals with data & control plane separately. The SDN switches are simply data forwarding devices and controller decides control over forwarding data through them. Controller has a technique to identify the network switch and router nodes; but it does not identify the presence of hosts before they generated network traffic and is not able to create the packet forwarding rules, security policies. The objective of this paper is to detect connected host before they generate any traffic and store host details at controller level for future researches in area of development of new network tools, applications, optimizations techniques and security. Here, we propose Instant Detection of Host in SDN (IDH-SDN) to detect host before transmission of any data packet and store host details in a HostTable at controller level. In our experiment, various network topologies have been used to test host detection and data collection algorithm and results of all experiments verified with Wireshark network packet analyzer. The HostTable data may be used for various purposes such as development of new network tools, policies, security approaches in OpenFlow network.
Test Engineering and Management, 2020
Control and data planes have been separated in SDN technology and OpenFlow protocol supported rou... more Control and data planes have been separated in SDN technology and OpenFlow protocol supported routers/switches works as packet forwarding equipment in such network. Security monitoring, controlling and flow of data in network are the responsibilities of SDN controller. Initially, OpenFlow router/switch does not have any control & security polices and knowledge to deal with data packet generated by host for forwarding to its destination. In this condition, the first data packet of host is sent to SDN Controller by OpenFlow router/switch for checking, decision, generation of control packets for data packet and making flow entries in OpenFlow/SDN switch flow table for subsequent action on such type of data packets received from a host. These processes at SDN controller and SDN switch level are time intense and first data packet of a host always takes longer time to reach its destination. Here, we have proposed an SDN Controller with Instant Flow Entries (SDN-CIFE) to reduce the forwarding time period of first data packet of the host. This approach makes necessary flow entries in flow table of SDN switch before generation of actual traffic by the host. The approach is designed in python and experimented using mininet network emulator and RYU controller. SDN-CIFE test results have shown that first data packet processing time of a host is reduced more than 83%.
2019 4th International Conference and Workshops on Recent Advances and Innovations in Engineering (ICRAIE), 2019
Popularity of Software Defined Network (SDN) technology is spreading rapidly and corporate networ... more Popularity of Software Defined Network (SDN) technology is spreading rapidly and corporate networks are deploying to take advantages of its features. Control & Data planes are segregated in SDN and simple forwarding devices enabled with OpenFlow protocol is used to forward data planes. The responsibility of control planes are taken by controller into SDN network. The data packets are generated by source host and forwarded to destination host by seeing destination address of such packet without validating source host address. Flow of data packets is controlled by controller setting up required flow entries into flow table of forwarding devices. Initially forwarding devices do not have any security & control and they are not able to forward traffic generated by attached hosts. Data packets of attached hosts are sent to the controller by forwarding devices for generation of control packets and setup necessary flow entries into device flow table. Source IP spoofed attacks may be setup by attacker in this situation and perform different type of attacks. There are some techniques for prevention and mitigation from such attacks. In this study, we offer an analysis of available source address validation techniques for SDN environment. The study discussed various features, limitations and gaps of source address validation solutions and provided various areas in SDN Security for future research.
2020 3rd International Conference on Emerging Technologies in Computer Engineering: Machine Learning and Internet of Things (ICETCE), 2020
SDN is a newly emerged network technology and its advantages are rapidly increasing its usages in... more SDN is a newly emerged network technology and its advantages are rapidly increasing its usages in enterprise networks. Normally, data packets in networks are forwarded based on destination address without source host address validation. The attackers may use this gap and perform various types of attacks to disturb the operations of network and related services. Various Source Address Validation (SAV) Techniques for non SDN environment have been proposed by researches but there are very few SAV techniques for SDN. We propose a RYU SDN Controller based testbed for testing of performance and ease development of new SAV techniques for SDN environment. SIPAV-SDN SAV technique has been implemented on testbed and performance checked. Experiment results have shown that proposed testbed successfully worked as per requirement of SAV technique. This may be used for testing of already proposed SAV techniques. This also provides a low cost SDN testbed for development of new SAV approaches, other network services and applications.
International JournalofEngineering Research and General Science, 2015
IPv4 addresses are already depleted in Internet Assigned Numbers Authority (IANA) and have exhaus... more IPv4 addresses are already depleted in Internet Assigned Numbers Authority (IANA) and have exhausted in Regional Internet Registries (RIRs) while more clients are continuously adding into the Internet. IPv6, as the only available next generation Internet protocol, is still not commercially successful accepted because a scheme that could solve the migration of IPv4 resources to IPv6 network, as well as mutual communication between the two incompatible protocols, has not been fully developed and deployed. Translation solution provides a proper approach to address this problem. In this review paper, we reviewed research papers presented by the researchers between 2007 and 2015 related to IPv4 & IPv6 resource migration and protocol transition schemes and observed issues related network security, addressing and error detection in the implementation of IPv6. INTRODUCTION Internet Protocol version 6 (IPv6) is a new generation protocol of the basic internet protocol. Internet Protocol (IP) is a common language of the Internet, every device connected to the Internet must support it. The current version of IPv4 (IP version 4) has several shortcomings which are unavoidable and complicate such exhausted address space, security issues, non availability of auto-configuration and in some cases present a barrier to, the further development of the Internet. The coming IPv6 revolution should remove these barriers and provide a feature-rich environment for the future of global networking. Internet Engineers Task Force released the first RFC specifying the IPv6 were released at the end of 1995 and continuously trying to improve it. Since 1995 IPv6 has not been implemented in completely in real world due some issues like availability of alternative solutions in IPv4, non availability of compatible software, financial investment required in term of compatible equipments, software and security systems. Therefore issues involve in ipv6 implementation has to be analyzed and found the solutions for some of the issues. Further in this section IPv4 and IPv6 described briefly.
International Journal of Innovative Technology and Exploring Engineering, 2019
Abstract: SDN technology is becoming every day more popular and big data centers and organizati... more Abstract: SDN technology is becoming every day more popular and big data centers and organizational networks have started deploying for its advantages. Current development of SDN network relies on target host IP address of packet and OFSwitches ignores checking of source host IP. SDN has separated control planes and data planes and OpenFlow protocol enabled switches are used as packet forwarding devices. The SDN controller controls flow of data packet through forwarding devices and when these are turned on, do not have any control and defense. The devices are not able to handle packet arriving from connected host. In this case, data packets of hosts are sent to the controller forwarding device for inspection and control packet creation for data packet and setting up required matching entries in flow table of forwarding device for such type of data packets generated by the hosts. The attackers can generate packets with Spoofed source IP address and perform various types of attacks. In this research paper, we offer a scheme as Source IP Address Validation for Software Defined Network (SIPAV-SDN) to check packet's source host IP address by binding source host IP Address and MAC address with switch port. It maintains a HostTable at Controller for verification of source host IP and MAC with switch port and only forwards the packets which have valid sources host IP address. We also simulated SIPAV-SDN with hybrid SDN network and experiment results have shown that it achieved 100% packet filtering accuracy for IP spoofed TCP, UDP and ICMP packet attacks. We used python programming language for RYU controller in Mininet network emulator.
International Journal of Recent Technology and Engineering, 2019
Abstract: SDN features are making it more popular day by day: centralized monitoring, control o... more Abstract: SDN features are making it more popular day by day: centralized monitoring, control of network equipments, increased performance and flexibility in designing network policies as per organization requirements. The SDN controller deals with data & control plane separately. The SDN switches are simply data forwarding devices and controller decides control over forwarding data through them. Controller has a technique to identify the network switch and router nodes; but it does not identify the presence of hosts before they generated network traffic and is not able to create the packet forwarding rules, security policies. The objective of this paper is to detect connected host before they generate any traffic and store host details at controller level for future researches in area of development of new network tools, applications, optimizations techniques and security. Here, we propose Instant Detection of Host in SDN (IDH-SDN) to detect host before transmission of any data packet and store host details in a HostTable at controller level. In our experiment, various network topologies have been used to test host detection and data collection algorithm and results of all experiments verified with Wireshark network packet analyzer. The HostTable data may be used for various purposes such as development of new network tools, policies, security approaches in OpenFlow network.
Test Engineering and Management, 2020
Control and data planes have been separated in SDN technology and OpenFlow protocol supported rou... more Control and data planes have been separated in SDN technology and OpenFlow protocol supported routers/switches works as packet forwarding equipment in such network. Security monitoring, controlling and flow of data in network are the responsibilities of SDN controller. Initially, OpenFlow router/switch does not have any control & security polices and knowledge to deal with data packet generated by host for forwarding to its destination. In this condition, the first data packet of host is sent to SDN Controller by OpenFlow router/switch for checking, decision, generation of control packets for data packet and making flow entries in OpenFlow/SDN switch flow table for subsequent action on such type of data packets received from a host. These processes at SDN controller and SDN switch level are time intense and first data packet of a host always takes longer time to reach its destination. Here, we have proposed an SDN Controller with Instant Flow Entries (SDN-CIFE) to reduce the forwarding time period of first data packet of the host. This approach makes necessary flow entries in flow table of SDN switch before generation of actual traffic by the host. The approach is designed in python and experimented using mininet network emulator and RYU controller. SDN-CIFE test results have shown that first data packet processing time of a host is reduced more than 83%.
2019 4th International Conference and Workshops on Recent Advances and Innovations in Engineering (ICRAIE), 2019
Popularity of Software Defined Network (SDN) technology is spreading rapidly and corporate networ... more Popularity of Software Defined Network (SDN) technology is spreading rapidly and corporate networks are deploying to take advantages of its features. Control & Data planes are segregated in SDN and simple forwarding devices enabled with OpenFlow protocol is used to forward data planes. The responsibility of control planes are taken by controller into SDN network. The data packets are generated by source host and forwarded to destination host by seeing destination address of such packet without validating source host address. Flow of data packets is controlled by controller setting up required flow entries into flow table of forwarding devices. Initially forwarding devices do not have any security & control and they are not able to forward traffic generated by attached hosts. Data packets of attached hosts are sent to the controller by forwarding devices for generation of control packets and setup necessary flow entries into device flow table. Source IP spoofed attacks may be setup by attacker in this situation and perform different type of attacks. There are some techniques for prevention and mitigation from such attacks. In this study, we offer an analysis of available source address validation techniques for SDN environment. The study discussed various features, limitations and gaps of source address validation solutions and provided various areas in SDN Security for future research.