Software defined networking (SDN), a new networking paradigm that separates the network data plane from the control plane, has been considered as a flexible, layered, modular, and efficient approach to managing and controlling networks ranging from wired, infrastructure-based wireless (e.g., cellular wireless networks, WiFi, wireless mesh net- works), to infrastructure-less wireless networks (e.g. mobile ad-hoc networks, vehicular ad-hoc networks) as well as to offering new types of services and to evolving the Internet architecture. Most work has focused on the SDN application in traditional and wired and/or infrastructure based networks.
Wireless networks have become increasingly more heterogeneous. Secure and collab- orative operation of mobile wireless ad-hoc networks poses significant challenges due to the decentralized nature of mobile ad hoc wireless networks, mobility of nodes, and re- source constraints. Recent developments in software defined networking shed new light on how to control and manage an ad hoc wireless network. Given the wide deployment and availability of heterogeneous wireless technologies, the control and management of ad hoc wireless networks with the new software defined networking paradigm is offered more flexibility and opportunities to deal with trust and security issues and to enable new features and services.
This dissertation focuses on the SDN MANET architecture design issues for provid- ing secure collaborative operation. Specifically, (I) We have proposed four design options for software defined secure collaborative ad hoc wireless network architecture. The de- sign options are organized into (a) centralized SDN controller architecture with controller replication and (b) distributed SDN controller architecture. While these proposed architec- ture options exhibit different characteristics, many common challenges are shared amongst these options. Challenges include fault-tolerance, scalability, efficiency, and security. The unstructured nature of ad hoc wireless networks exacerbates these challenges. We have studied the pros and cons of these different design options and their applicability in differ- ent practical scenarios via simulations. (II) Establishing the initial trust among participating devices in an SDN based wireless mobile ad hoc network will serve as a basis for enabling ensuing secure communication of the network. We proposed and studied trusted virtual certificate authorities (VCAs) based local infrastructure for supporting device mutual au- thentication to support secure communications/operations in SDN based MANETs, and therefore, relieving the MANETs of the need to rely on an external public key infrastruc- ture (PKI). We examined the ways in which this VCA based infrastructure can be integrated with the four SDN based MANET architecture design options. (III) Finally, we provided theoretically analysis of designing and incorporating an IDS/IPS system in an SDN based MANET.