Chinese Journal of Network and Information Security ›› 2017, Vol. 3 ›› Issue (11): 40-49.doi: 10.11959/j.issn.2096-109x.2017.00211
• Academic paper • Previous Articles Next Articles
Zhen-ping LU(),Fu-cai CHEN,Guo-zhen CHENG
Revised:
2017-09-20
Online:
2017-11-01
Published:
2017-11-30
Supported by:
CLC Number:
Zhen-ping LU,Fu-cai CHEN,Guo-zhen CHENG. Secure control plane for SDN using Bayesian Stackelberg games[J]. Chinese Journal of Network and Information Security, 2017, 3(11): 40-49.
"
概率分布 | 随机策略的收益 | 博弈均衡策略的收益 | 收益增益 |
0,0,1 | ?2.5 | ?0.85 | 1.65 |
0,0.2,0.8 | ?2 | ?0.54 | 1.46 |
0,0.4,0.6 | ?1.5 | ?0.15 | 1.35 |
0,0.6,0.4 | ?1 | 0.22 | 1.22 |
0,0.8,0.2 | ?0.5 | 0.61 | 1.11 |
0,1,0 | 0 | 1 | 1 |
0.2,0,0.8 | ?2.5 | ?0.7 | 1.8 |
0.2,0.2,0.6 | ?2 | ?0.48 | 1.52 |
0.2,0.4,0.4 | ?1.5 | ?0.27 | 1.23 |
0.2,0.6,0.2 | ?1 | 0.05 | 1.05 |
0.2,0.8,0 | ?0.5 | 0.53 | 1.03 |
0.4,0,0.6 | ?2.5 | ?0.32 | 2.18 |
0.4,0.2,0.4 | ?2 | ?0.1 | 2.1 |
0.4,0.4,0.2 | ?1.5 | 0.11 | 1.61 |
0.4,0.6,0 | ?1 | 1 | 2 |
0.6,0,0.4 | ?2.5 | 0.06 | 2.56 |
0.6,0.2,0.2 | ?2 | 0.57 | 2.57 |
0.6,0.4,0 | ?1.5 | 1.5 | 3 |
0.8,0,0.2 | ?2.5 | 1.07 | 3.07 |
0.8,0.2,0 | ?2 | 2 | 4 |
1,0,0 | ?2.5 | 2.5 | 5 |
[1] | KREUTZ D , RAMOS F M V , VERISSIMO P . Towards secure and dependable software-defined networks[C]// ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking. 2013:55-60. |
[2] | SHIN S , SONG Y , LEE T , et al. Rosemary:a robust,secure,and high-performance network operating system[C]// ACM Conference on Computer and Communications Security. 2014:78-89. |
[3] | LENG J , ZHOU Y , ZHANG J , et al. An inference attack model for flow table capacity and usage:exploiting the vulnerability of flow table overflow in software-defined network[J]. Water Air & Soil Pollution, 2015,85(3): 1413-1418. |
[4] | SONCHACK J , AVIV A J , KELLER E . Timing SDN control planes to infer network configurations[C]// ACM International Workshop on Security in Software Defined Networks & Network Function Virtualization. 2016. |
[5] | LEE S , YOON C , SHIN S . The smaller,the shrewder:a simple malicious application can kill an entire SDN environment[C]// ACM International Workshop on Security in Software Defined Networks& Network Function Virtualization. 2016. |
[6] | MORZHOV S , ALEKSEEV I , NIKITINSKIY M . Firewall applica-tion for Floodlight SDN controller[C]// The International Siberian Conference on Control and Communications. 2016. |
[7] | SHIN S , SNOS Y , LEE T , et al. Rosemary:a robust,secure,and high-performance network operating system[J]. 2014: 78-89. |
[8] | TOOTOONCHIAN A , GANJALI Y . HyperFlow:a distributed control plane for OpenFlow[C]// Internet Network Management Conference on Research on Enterprise Networking. 2010:3. |
[9] | SHERWOOD R , GIBB G , YAP K K , et al. FlowVisor:a network virtualization layer[J]. 2009. |
[10] | YEGANEH S H , GANJALI Y . Kandoo:a framework for efficient and scalable offloading of control applications[C]// The Workshop on Hot Topics in Software Defined Networks. 2012:19-24. |
[11] | KOPONEN T , CASADO M , GUDE N , et al. Onix:a distributed control platform for large-scale production networks[C]// Usenix Symposium on Operating Systems Design and Implementa-tion(OSDI 2010). 2010:351-364. |
[12] | DIXIT A , FANG H , MUKHERJEE S , et al. Towards an elastic distributed SDN controller[C]// The 1st Workshop on Hot Topics in Software Defined Networking (HotSDN 2013). 2013:7-12. |
[13] | BERDE P , GEROLA M ,and HART J , et al. ONOS:towards an open,distributed SDN OS[C]// The Workshop on Hot Topics in Software Defined Networking. 2014:1-6. |
[14] | LI H , LI P , GUO S , et al. Byzantine-resilient secure software-defined networks with multiple controllers in cloud[C]// 2014 IEEE International Conference on Communications (ICC 2014). 2014:695-700. |
[15] | ELDEFRAWY K , KACZMAREK T . Byzantine fault tolerant soft-ware-defined networking (SDN) controllers[C]// IEEE Computer Society International Conference on Computers,Software & Ap-plications. 2016:208-213. |
[16] | LEE C , SHIN S . SHIELD:an automated framework for static analysis of SDN applications[C]// ACM International Workshop on Security in Software Defined Networks & Network Function Virtu-alization. 2016:29-34. |
[17] | WILCZEWSKI . Security considerations for equipment controllers and SDN[C]// 2016 IEEE International Telecommunications Energy Conference (INTELEC). 2016:1-5. |
[18] | AHMAD I , NAMAL S , YLIANTTILA M , et al. Security in soft-ware defined networks:a survey[J]. IEEE Communications Sur-veys & Tutorials, 2015,17(4): 1. |
[19] | PORRAS P , SHIN S , YEGNESWARAN V , et al. A security en-forcement kernel for OpenFlow networks[C]// The First Workshop on Hot Topics in Software Defined Networks. 2012:121-126. |
[20] | SONCHACK J , AVIV A J , KELLER E , et al. Enabling practical software-defined networking security applications with OFX[C]// Network and Distributed System Security Symposium. 2016. |
[21] | MEDVED J , VARGA R , TKACIK A , et al. OpenDaylight:towards a model-driven SDN controller architecture[C]// IEEE International Symposium on World of Wireless,Mobile and Multimedia Net-works. 2014:1-6. |
[22] | WANG T , LIU F , GUO J , et al. Dynamic SDN controller assign-ment in data center networks:Stable matching with transfers[C]// IEEE Conference on Computer Communications. 2016:1-9. |
[23] | LU Z P , CHEN F C , et al. Poster:a secure control plane with dynamic multi-NOS for SDN[C]// NDSS Posters. 2017. |
[24] | LEE S , YOON C . DELTA:a security assessment framework for software-defined networks[C]// Network and Distributed System Security Symposium. 2017. |
[25] | KIEKINTVELD C , MARECKI J , TAMBE M . Approximation methods for infinite bayesian stackelberg games:Modeling distri-butional payoff uncertainty[C]// The 10th International Conference on Autonomous Agents and Multiagent Systems. 2011:1005-1012. |
[26] | PARUCHURI P , PEARCE J P . Playing games for security:an efficient exact algorithm for solving bayesian stackelberg games[C]// The 7th International Joint Conference on Autonomous Agents and Multiagent Systems (AAMAS'08). 2008:985-902. |
DAVID Jorm. 44CON LONDON 2015 Presentations[EB/OL]. . | |
[28] | PITA J , JAIN M , TAMBE M , et al. Robust solutions to stackelberg games:addressing bounded rationality and limited observations in human cognition[J]. Artificial Intelligence, 2010,174(15): 1142-1171. |
[1] | Heli WANG, Qiao YAN. Selfish mining detection scheme based on the characters of transactions [J]. Chinese Journal of Network and Information Security, 2023, 9(2): 104-114. |
[2] | Dong LI, Yanni HAO, Shenghui PENG, Ruijie ZI, Ximeng LIU. Network security of the National Natural Science Foundation of China: today and prospects [J]. Chinese Journal of Network and Information Security, 2022, 8(6): 92-101. |
[3] | Fukang XING, Zheng ZHANG, Ran SUI, Sheng QU, Xinsheng JI. Qualitative modeling and analysis of attack surface for process multi-variant execution software system [J]. Chinese Journal of Network and Information Security, 2022, 8(5): 121-128. |
[4] | Zenan WANG, Jiahao LI, Chaohong TAN, Dechang PI. Design and analysis of intelligent service chain system for network security resource pool [J]. Chinese Journal of Network and Information Security, 2022, 8(4): 175-181. |
[5] | Shijie TANG, Fang YUAN, Jun LI, Yong DING, Huiyong WANG. Review on security risks of key components in industrial control system [J]. Chinese Journal of Network and Information Security, 2022, 8(3): 1-17. |
[6] | Xinya WANG, Guang HUA, Hao JIANG, Haijian ZHANG. Survey on intellectual property protection for deep learning model [J]. Chinese Journal of Network and Information Security, 2022, 8(2): 1-14. |
[7] | Yang WANG, Guangming TANG, Shuo WANG, Jiang CHU. Defense mechanism of SDN application layer against DDoS attack based on API call management [J]. Chinese Journal of Network and Information Security, 2022, 8(2): 73-87. |
[8] | Tao WANG, Hongchang CHEN. Multi-objective optimization placement strategy for SDN security controller considering Byzantine attributes [J]. Chinese Journal of Network and Information Security, 2021, 7(3): 72-84. |
[9] | Chenglei ZHANG, Yulong FU, Hui LI, Jin CAO. Research on security scenarios and security models for 6G networking [J]. Chinese Journal of Network and Information Security, 2021, 7(1): 28-45. |
[10] | Qi WU,Hongchang CHEN. Low failure recovery cost controller placement strategy in software defined networks [J]. Chinese Journal of Network and Information Security, 2020, 6(6): 97-104. |
[11] | QIN Yuhai,LIU Luyuan,GAO Haohang,LIU Shengqiao,DONG Han. Innovative professional skills competition to create a police practice talents [J]. Chinese Journal of Network and Information Security, 2019, 5(3): 75-80. |
[12] | Hao HU, Yuling LIU, Yuchen ZHANG, Hongqi ZHANG. Survey of attack graph based network security metric [J]. Chinese Journal of Network and Information Security, 2018, 4(9): 1-16. |
[13] | Juntai HU,Zhenyu WU,Xiao FU,Yichao WANG. Game model based security strategy of heterogeneous controllers in the cloud [J]. Chinese Journal of Network and Information Security, 2018, 4(9): 52-59. |
[14] | Binghao YAN,Guodong HAN. Combinatorial intrusion detection model based on deep recurrent neural network and improved SMOTE algorithm [J]. Chinese Journal of Network and Information Security, 2018, 4(7): 48-59. |
[15] | Wenyan LIU,Shumin HUO,Qing TONG,Miao ZHANG,Chao QI. Research on models of network security evaluation and analysis [J]. Chinese Journal of Network and Information Security, 2018, 4(4): 1-11. |
Viewed | ||||||
Full text |
|
|||||
Abstract |
|
|||||
|