Securing Local Area Networks with OpenFlow

 |  Login

Show simple item record

dc.contributor Aalto-yliopisto fi
dc.contributor Aalto University en
dc.contributor.advisor Kiravuo, Timo Chowdhury, Fahad 2016-03-29T10:49:13Z 2016-03-29T10:49:13Z 2015
dc.description.abstract In the traditional network architecture, the data flow is controlled by switches and routers which make it difficult to meet the ever growing requirements of the present network environment. The popularity of network virtualization and cloud services, and a rapid growth of mobile devices and contents have made the control of the network challenging and complicated. Software Defined Networking (SDN) paradigm offers a suitable solution by separating the forwarding hardware from the control decisions with the use of a logically centralized programmable controller. OpenFlow protocol is the present SDN standard to facilitate communication between the switch and the controller. SDN controllers can use OpenFlow protocol to modify the flow table of the switches to control and manage the flow of packets in the network. Firewall has become an integral part of every network infrastructure and play a major role in preserving network security. Firewalls prevent the network from unauthorized external access by implementing security policies. The capability of the OpenFlow architecture to control the network traffic creates an opportunity to replace the traditional firewall with software based programmable firewall. In this thesis work, the possibility of enhancing network security with an OpenFlow based firewall is demonstrated. A python based OpenFlow controller known as POX has been used to design and implement a firewall. The implemented firewall examines the incoming packets against the preset firewall rules to filters packets. The rules have been based on the source and destination MAC/IP addresses to prevent unauthorized communication between the hosts, and to restrain an intruder from gaining access to the network. The rules have also been based on physical port number to prevent specific types of service on a host. Analysis is carried out to evaluate the functionality and the performance of the firewall in a virtual network. Although the analysis have been carried out in a virtual environment, the results show that the firewall is successfully able to carry out the designed security functionality such as blocking traffic based on predefined rules. It also illustrates the prospects of additional research and improvement; the firewall module could be further developed to deal with more complex security issues and be deployed in real environment. en
dc.format.extent 68+8
dc.language.iso en en
dc.title Securing Local Area Networks with OpenFlow en
dc.type G2 Pro gradu, diplomityö fi Sähkötekniikan korkeakoulu fi
dc.subject.keyword OpenFlow en
dc.subject.keyword software defined networking en
dc.subject.keyword firewall en
dc.subject.keyword network security en
dc.subject.keyword POX en
dc.identifier.urn URN:NBN:fi:aalto-201603291504
dc.programme.major Tietoverkkotekniikka fi
dc.programme.mcode S3029 fi
dc.type.ontasot Master's thesis en
dc.type.ontasot Diplomityö fi
dc.contributor.supervisor Manner, Jukka
dc.programme TLT - Master’s Programme in Communications Engineering (TS2005) fi
dc.location P1 fi

Files in this item

Files Size Format View

There are no files associated with this item.

This item appears in the following Collection(s)

Show simple item record

Search archive

Advanced Search

article-iconSubmit a publication


My Account