网络与信息安全学报 ›› 2021, Vol. 7 ›› Issue (3): 72-84.doi: 10.11959/j.issn.2096-109x.2021060

• 专栏Ⅱ:SDN与云计算安全 • 上一篇    下一篇

考虑拜占庭属性的SDN安全控制器多目标优化部署方案

王涛, 陈鸿昶   

  1. 信息工程大学,河南 郑州 450001
  • 修回日期:2021-03-01 出版日期:2021-06-15 发布日期:2021-06-01
  • 作者简介:王涛(1993- ),男,山东临朐人,信息工程大学博士生,主要研究方向为SDN安全
    陈鸿昶(1964- ),男,河南新密人,信息工程大学教授、博士生导师,主要研究方向为未来网络体系结构、人工智能
  • 基金资助:
    国家重点研发计划(2018YFB0804004);国家自然科学基金(62072467);国家自然科学基金(61521003)

Multi-objective optimization placement strategy for SDN security controller considering Byzantine attributes

Tao WANG, Hongchang CHEN   

  1. Information Engineering University, Zhengzhou 450001, China
  • Revised:2021-03-01 Online:2021-06-15 Published:2021-06-01
  • Supported by:
    The National Key R&D Program of China(2018YFB0804004);The National Natural Science Foundation of China(62072467);The National Natural Science Foundation of China(61521003)

摘要:

通过赋予软件定义网络分布式控制平面拜占庭属性可以有效提高其安全性。在实现拜占庭属性过程中,控制器部署的数量、位置,以及交换机与控制器之间的连接关系会直接影响全局网络关键性能指标。为此,提出了一种考虑拜占庭属性的 SDN 安全控制器多目标优化部署方案。首先,构建了综合考量交互时延、同步时延、负载差异程度和控制器部署数量等优化指标的拜占庭控制器部署问题(MOSBCPP)模型;然后,针对该模型个性化设计了包括控制器部署策略初始化函数、变异函数,快速非支配排序函数及精英策略选择函数等在内的NASG-II求解算法。相关仿真结果表明,该部署方案能够在有效降低交互时延、同步时延、负载差异程度和控制器部署数量等性能指标的同时提高控制平面安全性。

关键词: 软件定义网络安全, 分布式控制平面, 拜占庭属性, 控制器部署, 多目标优化

Abstract:

By giving the software defined network distributed control plane Byzantine attributes, its security can be effectively improved.In the process of realizing Byzantine attributes, the number and location of controllers, and the connection relationship between switches and controllers can directly affect the key network performance.Therefore, a controller multi-objective optimization placement strategy for SDN security controllers considering Byzantine attributes was proposed.Firstly, a Byzantine controller placement problem (MOSBCPP) model that comprehensively considered interaction delay, synchronization delay, load difference and the number of controllers was constructed.Then, a solution algorithm based on NASG-II was designed for this model, which included the initialization function, the mutation function, the fast non-dominated sorting function and the elite strategy selection function.Simulation results show that this strategy can effectively reduce interaction delay, synchronization delay, load difference and the number of controllers, while improving control plane security.

Key words: software defined network security, distributed control plane, Byzantine attributes, controller placement, multi-objective optimization

中图分类号: 

No Suggested Reading articles found!