Click to open the HelpDesk interface
AECE - Front page banner

Menu:


FACTS & FIGURES

JCR Impact Factor: 0.650
JCR 5-Year IF: 0.639
Issues per year: 4
Current issue: Feb 2020
Next issue: May 2020
Avg review time: 73 days


PUBLISHER

Stefan cel Mare
University of Suceava
Faculty of Electrical Engineering and
Computer Science
13, Universitatii Street
Suceava - 720229
ROMANIA

Print ISSN: 1582-7445
Online ISSN: 1844-7600
WorldCat: 643243560
doi: 10.4316/AECE


TRAFFIC STATS

2,578,209 unique visits
657,246 downloads
Since November 1, 2009



No robots online now


SJR SCImago RANK

SCImago Journal & Country Rank




TEXT LINKS

Anycast DNS Hosting
MOST RECENT ISSUES

 Volume 20 (2020)
 
     »   Issue 1 / 2020
 
 
 Volume 19 (2019)
 
     »   Issue 4 / 2019
 
     »   Issue 3 / 2019
 
     »   Issue 2 / 2019
 
     »   Issue 1 / 2019
 
 
 Volume 18 (2018)
 
     »   Issue 4 / 2018
 
     »   Issue 3 / 2018
 
     »   Issue 2 / 2018
 
     »   Issue 1 / 2018
 
 
 Volume 17 (2017)
 
     »   Issue 4 / 2017
 
     »   Issue 3 / 2017
 
     »   Issue 2 / 2017
 
     »   Issue 1 / 2017
 
 
  View all issues  


FEATURED ARTICLE

Supporting Location Transparent Services in a Mobile Edge Computing Environment, GILLY, K., FILIPOSKA, S., MISHEV, A.
Issue 4/2018

AbstractPlus


SAMPLE ARTICLES

Graphical Interpretation of the Extended Kalman Filter: Estimating the State-of-Charge of a Lithium Iron Phosphate Cell, CIORTEA, F., NEMES, M., HINTEA, S.
Issue 3/2018

AbstractPlus

Incorporated Decision-maker-based Multiobjective Band Selection for Pixel Classification of Hyperspectral Images, SAQUI, D., SAITO, J. H., De LIMA, D. C., Del Val CURA, L. M., ATAKY, S. T. M.
Issue 4/2019

AbstractPlus

Monofractal and Multifractal Analysis of Discharge Signals in Transformer Pressboards, CEKLI, S., UZUNOGLU, C. P., UGUR, M.
Issue 2/2018

AbstractPlus

Expansible Network-on-Chip Architecture, PIRES, I. L. P., ALVES, M. A. Z., ALBINI, L. C. P.
Issue 2/2018

AbstractPlus

Automatic Detection and Bypassing of Anti-Debugging Techniques for Microsoft Windows Environments, PARK, J., JANG, Y.-H., HONG, S., PARK, Y.
Issue 2/2019

AbstractPlus

Fault Detection Variants of the CloudBus Protocol for IoT Distributed Embedded Systems, BARKALOV, A., TITARENKO, L., ANDRZEJEWSKI, G., KRZYWICKI, K., KOLOPIENCZYK, M.
Issue 2/2017

AbstractPlus




LATEST NEWS

2019-Dec-16
Starting on the 15th of December 2019 all paper authors are required to enter their SCOPUS IDs. You may use the free SCOPUS ID lookup form to find yours in case you don't remember it.

2019-Jun-20
Clarivate Analytics published the InCites Journal Citations Report for 2018. The JCR Impact Factor of Advances in Electrical and Computer Engineering is 0.650, and the JCR 5-Year Impact Factor is 0.639.

2018-May-31
Starting today, the minimum number a pages for a paper is 8, so all submitted papers should have 8, 10 or 12 pages. No exceptions will be accepted.

2018-Jun-27
Clarivate Analytics published the InCites Journal Citations Report for 2017. The JCR Impact Factor of Advances in Electrical and Computer Engineering is 0.699, and the JCR 5-Year Impact Factor is 0.674.

Read More »


    
 

  3/2019 - 3

HPOFS: A High Performance and Secured OpenFlow Switch Architecture for FPGA

PHAM-QUOC, C. See more information about PHAM-QUOC, C. on SCOPUS See more information about PHAM-QUOC, C. on IEEExplore See more information about PHAM-QUOC, C. on Web of Science, NGO, D.-M. See more information about  NGO, D.-M. on SCOPUS See more information about  NGO, D.-M. on SCOPUS See more information about NGO, D.-M. on Web of Science, THINH, T. N. See more information about THINH, T. N. on SCOPUS See more information about THINH, T. N. on SCOPUS See more information about THINH, T. N. on Web of Science
 
Click to see author's profile in See more information about the author on SCOPUS SCOPUS, See more information about the author on IEEE Xplore IEEE Xplore, See more information about the author on Web of Science Web of Science

Download PDF pdficon (687 KB) | Citation | Downloads: 280 | Views: 404

Author keywords
field programmable gate arrays, software defined networking, computer security, high performance computing, reconfigurable architectures

References keywords
networks(12), link(12), software(10), defined(10), security(9), openflow(9), network(8), networking(7), communications(7), ddos(6)
Blue keywords are present in both the references section and the paper title.

About this article
Date of Publication: 2019-08-31
Volume 19, Issue 3, Year 2019, On page(s): 19 - 28
ISSN: 1582-7445, e-ISSN: 1844-7600
Digital Object Identifier: 10.4316/AECE.2019.03003
Web of Science Accession Number: 000486574100003
SCOPUS ID: 85072163116

Abstract
Quick view
Full text preview
Although Software Defined Networking offers many advantages, it suffers from many security issues due to centralized control. In this paper, we introduce HPOFS (High-Performance and Secured OpenFlow Switching Architecture) for FPGA which is not only able to route packets from sources to destinations according to the OpenFlow protocol but also able to protect the system against different attacks efficiently. Thanks to FPGA technology, the two processes can be scheduled in parallel; thus, the switch can work at very high throughput. We implement the first prototype version on Xilinx xc5vtx240t FPGA device with three different security functions to protect the system against DDoS attack types, including Hop-count filtering, port Ingress/Egress filtering, and SYN Flood attacks defender. While the first two protection techniques are adapted from our previous work, the SYN Flood defender core is designed and implemented with a pipeline model in this work. The core is able to protect the system against SYN Flood attacks at up to 30,000,000 packets per second with only 0.248 ms overhead. The full switch can provide throughput at up to 78.96 Gbps with only 0.0012 percent drop rate.


References | Cited By  «-- Click to see who has cited this paper

[1] Opennetworking, "Software-Defined Networking (SDN) Definition," [Online] Available: Temporary on-line reference link removed - see the PDF document

[2] T. Dargahi, A. Caponi, M. Ambrosin, G. Bianchi and M. Conti, "A Survey on the Security of Stateful SDN Data Planes," IEEE Communications Surveys & Tutorials, 2017.
[CrossRef] [Web of Science Times Cited 41] [SCOPUS Times Cited 61]


[3] S. Scott-Hayward, G. O'Callaghan and S. Sezer, "Sdn Security: A Survey," in 2013 IEEE SDN for Future Networks and Services (SDN4FNS), 2013.
[CrossRef] [SCOPUS Times Cited 227]


[4] S. Scott-Hayward, S. Natarajan and S. Sezer, "A Survey of Security in Software Defined Networks," IEEE Communications Surveys Tutorials, vol. 18, pp. 623-654, 2016.
[CrossRef] [Web of Science Times Cited 140] [SCOPUS Times Cited 208]


[5] Y. Hu, W. Wang, X. Gong, X. Que and S. Cheng, "BalanceFlow: Controller load balancing for OpenFlow networks," in 2012 IEEE 2nd International Conference on Cloud Computing and Intelligence Systems, 2012.
[CrossRef] [SCOPUS Times Cited 76]


[6] T. Koponen, M. Casado, N. Gude, J. Stribling, L. Poutievski, M. Zhu, R. Ramanathan, Y. Iwata, H. Inoue, T. Hama and others, "A distributed control platform for large-scale production networks," in Proceedings of the 9th USENIX Conference on Operating Systems Design and Implementation, 2010.

[7] G. Bianchi, M. Bonola, A. Capone and C. Cascone, "OpenState: programming platform-independent stateful openflow applications inside the switch," ACM SIGCOMM Computer Communication Review, vol. 44, pp. 44-51, 2014.
[CrossRef] [SCOPUS Times Cited 190]


[8] J. Sonchack, J. M. Smith, A. J. Aviv and E. Keller, "Enabling Practical Software-defined Networking Security Applications with OFX," in NDSS, 2016.
[CrossRef]


[9] Y. Afek, A. Bremler-Barr and L. Shafir, "Network anti-spoofing with SDN data plane," in INFOCOM 2017-IEEE Conference on Computer Communications, IEEE, 2017.
[CrossRef] [SCOPUS Times Cited 14]


[10] N. McKeown, T. Anderson, H. Balakrishnan, G. Parulkar, L. Peterson, J. Rexford, S. Shenker and J. Turner, "OpenFlow: Enabling Innovation in Campus Networks," SIGCOMM Comput. Commun. Rev., vol. 38, pp. 69-74, 3 2008.
[CrossRef] [Web of Science Times Cited 3808]


[11] C. Pham-Quoc, B. Nguyen and T. N. Thinh, "FPGA-based Multicore Architecture for Integrating Multiple DDoS Defense Mechanisms," SIGARCH Comput. Archit. News, vol. 44, pp. 14-19, 1 2017.
[CrossRef]


[12] M. C. Herbordt, T. VanCourt, Y. Gu, B. Sukhwani, A. Conti, J. Model and D. DiSabello, "Achieving high performance with FPGA-based computing," Computer, vol. 40, 2007.
[CrossRef] [Web of Science Times Cited 66] [SCOPUS Times Cited 102]


[13] T. El-Ghazawi, E. El-Araby, M. Huang, K. Gaj, V. Kindratenko and D. Buell, "The promise of high-performance reconfigurable computing," Computer, vol. 41, 2008.
[CrossRef] [Web of Science Times Cited 80] [SCOPUS Times Cited 120]


[14] K. B. Margaret Rouse, "Distributed denial of service attack," [Online] Available: Temporary on-line reference link removed - see the PDF document

[15] J. Mirkovic and P. Reiher, "A taxonomy of DDoS attack and DDoS defense mechanisms," ACM SIGCOMM Computer Communication Review, vol. 34, pp. 39-53, 2004.
[CrossRef] [Web of Science Times Cited 607] [SCOPUS Times Cited 962]


[16] S. T. Zargar, J. Joshi and D. Tipper, "A Survey of Defense Mechanisms Against Distributed Denial of Service (DDoS) Flooding Attacks," Communications Surveys Tutorials, IEEE, vol. 15, pp. 2046-2069, 4 2013.
[CrossRef] [Web of Science Times Cited 366] [SCOPUS Times Cited 554]


[17] P. Ferguson and D. Senie, "Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing," Internet RFC2827, 5 2000.

[18] Y. Xiang and W. Zhou, "Classifying DDoS packets in high-speed networks," Computer science and network security, vol. 6, pp. 107-115, 2006.

[19] T. Katashita, Y. Yamaguchi, A. Maeda and T. O. D. A. Kenji, "FPGA-based intrusion detection system for 10 gigabit ethernet," Information and systems, vol. 90, pp. 1923-1931, 2007.
[CrossRef] [Web of Science Times Cited 13] [SCOPUS Times Cited 16]


[20] X. Wang, M. Li and M. Li, "A scheme of distributed hop-count filtering of traffic," in Wireless Mobile and Computing, 2009.
[CrossRef] [SCOPUS Times Cited 11]


[21] M. Ayman, E. Imad, K. Ayman and C. Ali, "IP Spoofing Detection Using Modified Hop Count," IEEE Advanced Information Networking and Applications, 5 2014.
[CrossRef] [Web of Science Times Cited 10] [SCOPUS Times Cited 16]


[22] R. Maheshwari, C. R. Krishna and M. S. Brahma, "Defending network system against IP spoofing based distributed DoS attacks using DPHCF-RTT packet filtering technique," in Issues and Challenges in Intelligent Computing Techniques, 2014.
[CrossRef] [SCOPUS Times Cited 11]


[23] TechTerms, "SYN Flood," [Online] Available: Temporary on-line reference link removed - see the PDF document

[24] D. J. Bernstein, "Syn cookies, 1996," [Online] Available: Temporary on-line reference link removed - see the PDF document

[25] S. Shin, P. A. Porras, V. Yegneswaran, M. W. Fong, G. Gu and M. Tyson, "FRESCO: Modular Composable Security Services for Software-Defined Networks," in NDSS, 2013.

[26] S. Hong, L. Xu, H. Wang and G. Gu, "Poisoning Network Visibility in Software-Defined Networks: New Attacks and Countermeasures," in NDSS, 2015.
[CrossRef]


[27] P. Porras, S. Shin, V. Yegneswaran, M. Fong, M. Tyson and G. Gu, "A security enforcement kernel for OpenFlow networks," in Proceedings of the first workshop on Hot topics in software defined networks, 2012.
[CrossRef] [SCOPUS Times Cited 328]


[28] R. Braga, E. Mota and A. Passito, "Lightweight DDoS flooding attack detection using NOX/OpenFlow," in Local Computer Networks (LCN), 2010 IEEE 35th Conference on, 2010.
[CrossRef] [Web of Science Times Cited 288] [SCOPUS Times Cited 404]


[29] R. Mohammadi, R. Javidan and M. Conti, "SLICOTS: An SDN-Based Lightweight Countermeasure for TCP SYN Flooding Attacks," IEEE Transactions on Network and Service Management, 2017.
[CrossRef] [Web of Science Times Cited 24] [SCOPUS Times Cited 45]


[30] M. Moshref, A. Bhargava, A. Gupta, M. Yu and R. Govindan, "Flow-level state transition as a new switch primitive for SDN," in Proceedings of the third workshop on Hot topics in software defined networking, 2014.
[CrossRef] [SCOPUS Times Cited 48]


[31] S. Zhu, J. Bi, C. Sun, C. Wu and H. Hu, "Sdpa: Enhancing stateful forwarding for software-defined networking," in Network Protocols (ICNP), 2015 IEEE 23rd International Conference on, 2015.
[CrossRef] [Web of Science Times Cited 19] [SCOPUS Times Cited 22]


[32] J. Naous, D. Erickson, G. A. Covington, G. Appenzeller and N. McKeown, "Implementing an OpenFlow switch on the NetFPGA platform," in Proceedings of the 4th ACM/IEEE Symposium on Architectures for Networking and Communications Systems, 2008.
[CrossRef] [SCOPUS Times Cited 164]


[33] T. Yabe, "OpenFlow implementation on NetFPGA-10G: Design Document," [Online] Available: Temporary on-line reference link removed - see the PDF document

[34] S. Shin, V. Yegneswaran, P. Porras and G. Gu, "Avant-guard: Scalable and vigilant switch flow management in software-defined networks," in Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security, 2013.
[CrossRef] [SCOPUS Times Cited 366]


[35] M. Ambrosin, M. Conti, F. De Gaspari and R. Poovendran, "LineSwitch: Efficiently Managing Switch Flow in Software-Defined Networking While Effectively Tackling DoS Attacks," in Proceedings of the 10th ACM Symposium on Information, Computer and Communications Security, New York, NY, USA, 2015.
[CrossRef] [SCOPUS Times Cited 40]


[36] Github, "Working with SYNPROXY," [Online] Available: Temporary on-line reference link removed - see the PDF document

[37] OpenFlow, "OpenFlow Switching Reference System," [Online] Available: Temporary on-line reference link removed - see the PDF document

[38] Github, "Ryu," [Online] Available: Temporary on-line reference link removed - see the PDF document

[39] "OpenDaylight," [Online] Available: Temporary on-line reference link removed - see the PDF document

[40] M. Rouse, "Round Robin," [Online] Available: Temporary on-line reference link removed - see the PDF document

[41] "Ethernet II - Frame Types, Packet details," [Online] Available: Temporary on-line reference link removed - see the PDF document

[42] University of Cambridge, "Open Source Network Tester," [Online] Available: Temporary on-line reference link removed - see the PDF document



References Weight

Web of Science® Citations for all references: 5,462 TCR
SCOPUS® Citations for all references: 3,985 TCR

Web of Science® Average Citations per reference: 127 ACR
SCOPUS® Average Citations per reference: 93 ACR

TCR = Total Citations for References / ACR = Average Citations per Reference

We introduced in 2010 - for the first time in scientific publishing, the term "References Weight", as a quantitative indication of the quality ... Read more

Citations for references updated on 2020-05-26 22:31 in 178 seconds.




Note1: Web of Science® is a registered trademark of Clarivate Analytics.
Note2: SCOPUS® is a registered trademark of Elsevier B.V.
Disclaimer: All queries to the respective databases were made by using the DOI record of every reference (where available). Due to technical problems beyond our control, the information is not always accurate. Please use the CrossRef link to visit the respective publisher site.

Copyright ©2001-2020
Faculty of Electrical Engineering and Computer Science
Stefan cel Mare University of Suceava, Romania


All rights reserved: Advances in Electrical and Computer Engineering is a registered trademark of the Stefan cel Mare University of Suceava. No part of this publication may be reproduced, stored in a retrieval system, photocopied, recorded or archived, without the written permission from the Editor. When authors submit their papers for publication, they agree that the copyright for their article be transferred to the Faculty of Electrical Engineering and Computer Science, Stefan cel Mare University of Suceava, Romania, if and only if the articles are accepted for publication. The copyright covers the exclusive rights to reproduce and distribute the article, including reprints and translations.

Permission for other use: The copyright owner's consent does not extend to copying for general distribution, for promotion, for creating new works, or for resale. Specific written permission must be obtained from the Editor for such copying. Direct linking to files hosted on this website is strictly prohibited.

Disclaimer: Whilst every effort is made by the publishers and editorial board to see that no inaccurate or misleading data, opinions or statements appear in this journal, they wish to make it clear that all information and opinions formulated in the articles, as well as linguistic accuracy, are the sole responsibility of the author.




Website loading speed and performance optimization powered by: