Vadassery, Safal Harshan (2024) Securing SDN: Implementing ETLS and Dynamic Flow Management in OpenFlow. Masters thesis, Dublin, National College of Ireland.
Preview |
PDF (Master of Science)
Download (928kB) | Preview |
Preview |
PDF (Configuration Manual)
Download (1MB) | Preview |
Abstract
The following paper discusses implementation and evaluation of encrypted OpenFlow communication in an SDN environment. Since SDN is continuously evolving, it is very necessary to secure communication between the control plane and data plane. I am using GNS3, a very popular network simulation tool, to create a very close-to-real test environment. Open vSwitch works under this setting as a virtual switch infrastructure, while Ryu controller serves as the SDN controller. My main goal is to configure and secure the OpenFlow messages exchanged between these components using TLS encryption. It is a standard for securing data transmission over networks. The whole process—from setting up GNS3, incorporating OVS instances, step-by-step configuring OVS bridges and ports, to ensuring the implemented topology works within GNS3—is well explained in the report. We then install and configure the Ryu controller itself, including developing a simple Ryu application that will be in charge of every OpenFlow switch. One of the most critical aspects of this setup is how to generate and manage SSL certificates. This is how to create a Certificate Authority, generate certificates for the Ryu controller and the OVS instances, and then sign these certificates to create a trusted link. As a final exercise in the series, capture and analyze network traffic to check encrypted communication for proof of successful TLS encryption implementation in SDN communication. These results underline the feasibility and high security gain for securing SDN communication and give valuable insights into the practical implementation of secure SDN environments.
Item Type: | Thesis (Masters) |
---|---|
Supervisors: | Name Email Monaghan, Mark UNSPECIFIED |
Uncontrolled Keywords: | GNS3; OpenFlow; Software Defined Network (SDN); OVSwitches; TLS/SSL; Ryu Controller |
Subjects: | Q Science > QA Mathematics > Electronic computers. Computer science T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science Q Science > QA Mathematics > Computer software > Computer Security T Technology > T Technology (General) > Information Technology > Computer software > Computer Security |
Divisions: | School of Computing > Master of Science in Cyber Security |
Depositing User: | Ciara O'Brien |
Date Deposited: | 31 Jul 2025 13:09 |
Last Modified: | 31 Jul 2025 13:09 |
URI: | https://norma.ncirl.ie/id/eprint/8382 |
Actions (login required)
![]() |
View Item |