Xinhui Zhao, Zehui Wu, Xiaobin Song, Qingxian Wang
{"title":"用着色分布模型分析整个软件定义网络的安全性","authors":"Xinhui Zhao, Zehui Wu, Xiaobin Song, Qingxian Wang","doi":"10.1002/cpe.5541","DOIUrl":null,"url":null,"abstract":"Software Definition Network (SDN) has three features as separation of control and forwarding, unified management of configuration, and dynamic programming, which have greatly improved flexibility of network deployment and dynamics of network management, as well as efficiency of network transmission. However, its security problem is quite outstanding. This paper proposes a new security defense method based on coloring distribution model, which aims at the shortcomings of the current research that does not change the weak security, certainty, statics, and isomorphism of SDN. Motivated by the idea of moving target defense, our method abstracts network topology of SDN using coloring theory and realizes diversified deployment of controllers and switches, thus improving the security of network itself without changing the structure of SDN. Simulation results show that our method can prevent denial of service (DOS) attacks against controllers and switches and at the same time effectively block the worm, which is one of the most threat of smart city, propagation via switches.","PeriodicalId":214565,"journal":{"name":"Concurr. Comput. Pract. Exp.","volume":"37 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Secure analysis on entire software-defined network using coloring distribution model\",\"authors\":\"Xinhui Zhao, Zehui Wu, Xiaobin Song, Qingxian Wang\",\"doi\":\"10.1002/cpe.5541\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Software Definition Network (SDN) has three features as separation of control and forwarding, unified management of configuration, and dynamic programming, which have greatly improved flexibility of network deployment and dynamics of network management, as well as efficiency of network transmission. However, its security problem is quite outstanding. This paper proposes a new security defense method based on coloring distribution model, which aims at the shortcomings of the current research that does not change the weak security, certainty, statics, and isomorphism of SDN. Motivated by the idea of moving target defense, our method abstracts network topology of SDN using coloring theory and realizes diversified deployment of controllers and switches, thus improving the security of network itself without changing the structure of SDN. Simulation results show that our method can prevent denial of service (DOS) attacks against controllers and switches and at the same time effectively block the worm, which is one of the most threat of smart city, propagation via switches.\",\"PeriodicalId\":214565,\"journal\":{\"name\":\"Concurr. Comput. Pract. Exp.\",\"volume\":\"37 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1900-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Concurr. Comput. Pract. Exp.\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1002/cpe.5541\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Concurr. Comput. Pract. Exp.","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1002/cpe.5541","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Secure analysis on entire software-defined network using coloring distribution model
Software Definition Network (SDN) has three features as separation of control and forwarding, unified management of configuration, and dynamic programming, which have greatly improved flexibility of network deployment and dynamics of network management, as well as efficiency of network transmission. However, its security problem is quite outstanding. This paper proposes a new security defense method based on coloring distribution model, which aims at the shortcomings of the current research that does not change the weak security, certainty, statics, and isomorphism of SDN. Motivated by the idea of moving target defense, our method abstracts network topology of SDN using coloring theory and realizes diversified deployment of controllers and switches, thus improving the security of network itself without changing the structure of SDN. Simulation results show that our method can prevent denial of service (DOS) attacks against controllers and switches and at the same time effectively block the worm, which is one of the most threat of smart city, propagation via switches.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
