Main Article Content
Secure Network Monitoring using Software Defined Networking (SDN) with Ryu Controller
Abstract
Secure network monitoring is critical for detecting and combating threats in real-time especially in today's fast changing cybersecurity terrain. Software defined network (SDN) is an approach to network management that provides visibility, programmability and flexibility. In this work, the implementation of secure network monitoring using the Ryu Controller within a simulated environment created with Mininet on Ubuntu was investigated. Specifically, Mininet was used to set-up a star topology which consists of 8 hosts (h1–h8), including 3 server hosts (h1–h3) and 5 client hosts (h4–h8), along with 1 switch (s1) and a controller. A stateful firewall security measure was implemented leveraging the Ryu Controller's centralized control and programmability. The proposed firewall was evaluated using functional testing such as traffic blocking, malicious packet detection and NAT handling. This work significantly improves resilience against volumetric Denial-of-Service (DoS) attacks through even distribution of traffic across network hosts and disallowing unauthorized communications. Experimental results show the effectiveness of SDN-based monitoring in sustaining network availability and continued service. By adopting SDN technologies, the cybersecurity posture of institutions and organizations can be enhanced by improving their threat detection and incidence response capabilities thereby mitigating the risks associated with modern cyber threats and network vulnerabilities. This approach offers valuable insights for future network monitoring and management and future work may explore the integration of advanced machine learning (CTI Analysis) to further enhance network performance