共查询到20条相似文献,搜索用时 0 毫秒
1.
2.
提出了将DDoS威胁识别与路由优化有机结合的软件定义网络(SDN)通信质量保障策略,即在DDoS攻击造成部分网络链路拥塞的情况下,对异常数据分组进行识别过滤,同时生成最优路径,以保障网络通信质量.首先,设计了一种SDN架构下的分布式入侵检测系统,实现了对欺骗报文、异常报文以及破坏报文3类DDoS威胁的检测识别和过滤处理.其次,实现了一种最优路径的生成算法.实验测试结果表明,部署了通信质量保障策略的SDN可有效识别并滤除DDoS攻击数据分组,且处理过程中网络平均传输时延无激增. 相似文献
3.
4.
Software‐defined networking (SDN) creates a platform to dynamically configure the networks for on‐demand services. SDN can easily control the data plane and the control plane by implementing the decoupling concept. SDN controller will regulate the traffic flow and creates the new flow label based on the packet dump received from the OpenFlow virtual switches. SDN governs both data information and control information toward the destination based on flow label, but it does not contain security measure to restrict the malicious traffic. The malicious denial‐of‐service (DoS) attack traffic is generated inside the SDN environment; it leads to the service unavailability. This paper is mainly focused on the detection of DoS attacks and also mitigates the malicious traffic by dynamically configuring the firewall. The SDN with dynamic access control list properties is emulated by mininet, and the experimental results exemplify the service unavailable gap between acceptance and rejection ratio of the packets. 相似文献
5.
6.
Zhiguo Liu Jie Zhu Jiangmei Zhang Qingli Liu 《International Journal of Satellite Communications and Networking》2020,38(1):1-15
In view of the problems of low routing efficiency, complex control process, and difficult network management in big data environment in the traditional integrated space‐terrestrial network, in the paper, we propose a satellite network architecture called software‐defined information centric satellite networking (SDICSN) based on software‐defined networking (SDN) and information‐centric networking (ICN), and we design a virtual node matrix routing algorithm (VNMR) under the SDICSN architecture. The SDICSN architecture realizes the flexibility of network management and business deployment through the features of the separation of forwarding and controlling by the SDN architecture and improves the response speed of requests in the network by the centric of “content” as the ICN idea. According to the periodicity and predictability of the satellite network, the VNMR algorithm obtains the routing matrix through the relative orientation of the source and destination nodes, thus reducing the spatial complexity of the input matrix of the Dijkstra algorithm and then reducing the time complexity of the routing algorithm. For forwarding information base (FIB), the mechanism of combination of event driven and polling can be quickly updated in real time. Finally, the advantages of the SDICSN architecture in routing efficiency, request delay, and request aggregation are verified by simulation. 相似文献
7.
Guozhen Cheng Hongchang Chen Hongchao Hu Julong Lan 《International Journal of Communication Systems》2016,29(9):1482-1499
Distributed control plane is a promising approach to scalable software‐defined networking (SDN). Live migration of switches from controllers that are overloaded to those that are underutilized may be a solution to handle peak switch traffic using available control resource. However, such migration has to be performed with a well‐designed mechanism to fully utilize available resources in all three resource dimensions: CPU, bandwidth, and memory. In this article, we first provide a resource model for SDN and reduce the switch migration decision to a centralized resource utilization maximization problem under constraints of CPU, bandwidth, and memory. Second, we show that the problem of maximizing resource utilization in an SDN is equivalent to that of maximizing game players' profits in the context of non‐cooperative game theory. Taking controllers and switches as game players and commodities respectively, the player policy is how to migrate switches among the control plane. Finally, we implement a proof of concept, called GAME‐Switch Migration (GAME‐SM). The numerical experiments using Mininet emulator validate nice properties of our game model in enhancing the performance of control plane in SDN. Copyright © 2016 John Wiley & Sons, Ltd. 相似文献
8.
9.
Software‐defined networking (SDN) acts as a centralized management unit, especially in a network with devices that operate under the transport layer of the OSI model. However, when a network with layer 7 middleboxes (MBs) is considered, current SDNs exhibit limitations. As such, to achieve a real‐centralized management unit, a new architecture is required that decouples the data and control planes of all network devices. In this report, we propose such a complementary architecture to the current SDN in which SDN‐enabled MBs are included along with contemporary SDN‐enabled switches. The management unit of this architecture improves network performance and reduces routing cost by considering the status of the MBs during flow forwarding. This unit consists of the following two parts: an SDN controller (SDNC) and a middlebox controller (MBC). The latter selects the best MBs for each flow and the former determines the best path according to its routing algorithm and provides information via the MBC. The results show that the proposed architecture improved performance because the utilization of all network devices including MBs is manageable. 相似文献
10.
目前,SDN技术已成为ICT领域的热点技术之一。本文从SDN技术标准进展、产业发展现状以及SDN对产业发展的影响等3个方面系统阐述了SDN发展的整体概况,分析了不同标准组织的标准化研究重点以及设备厂商不同的解决方案路径。 相似文献
11.
Mohamad Khattar Awad Mohammed El‐Shafei Tassos Dimitriou Yousef Rafique Mohammed Baidas Ammar Alhusaini 《International Journal of Network Management》2017,27(5)
Software‐defined networking is a promising networking paradigm for achieving programmability and centralized control in communication networks. These features simplify network management and enable innovation in network applications and services such as routing, virtual machine migration, load balancing, security, access control, and traffic engineering. The routing application can be optimized for power efficiency by routing flows and coalescing them such that the least number of links is activated with the lowest link rates. However, in practice, flow coalescing can generally overflow the flow tables, which are implemented in a size‐limited and power‐hungry ternary content addressable memory (TCAM). In this paper, a set of practical constraints is imposed to the software‐defined networking routing problem, namely, size‐limited flow table and discrete link rate constraints, to ensure applicability in real networks. Because the problem is NP‐hard and difficult to approximate, a low‐complexity particle swarm optimization–based and power‐efficient routing (PSOPR) heuristic is proposed. Performance evaluation results revealed that PSOPR achieves more than 90% of the optimal network power consumption while requiring only 0.0045% to 0.9% of the optimal computation time in real‐network topologies. In addition, PSOPR generates shorter routes than the optimal routes generated by CPLEX. 相似文献
12.
针对传统网络多路径流量调度时存在的负载均衡效能差、路径部署困难的问题,利用软件定义网络的集中控制优势,设计了一种基于分段路由的多路径流传输(Segment Routing based Multipath Flow Transmission,SRMFT)机制.首先,以实现数据流的协同最优调度为目标,建立了SRMFT最优化模型;其次,采用分段路由技术和最简段标识序列(Segment IDentify sequence,SIDs)生成算法将多路径流调度问题转化为最简SIDs的选择问题,并设计了流调度算法求解;最后,试验结果表明,同等网络流量模型下,与较典型的多路径流传输机制相比,SRMFT有效提高了网络的对分带宽,降低了短流的传输时延,同时具有较低的流表存储开销. 相似文献
13.
Channasandra Ravishankar Rajeev Gopal Nassir BenAmmar Gaguk Zakaria Xiaoling Huang 《International Journal of Satellite Communications and Networking》2021,39(1):6-28
Mega satellite constellations in low earth orbit (LEO) will provide complete global coverage; rapidly enhance overall capacity, even for unserved areas; and improve the quality of service (QoS) possible with lower signal propagation delays. Complemented by medium earth orbit (MEO) and geostationary earth orbit (GEO) satellites and terrestrial network components under a hybrid communications architecture, these constellations will enable universal 5G service across the world while supporting diverse 5G use cases. With an unobstructed line‐of‐sight visibility of approximately 3 min, a typical LEO satellite requires efficient user terminal (UT), satellite, gateway, and intersatellite link handovers. A comprehensive mobility design for mega‐constellations involves cost‐effective space and ground phased‐array antennas for responsive and seamless tracking. An end‐to‐end multilayer protocol architecture spanning space and terrestrial technologies can be used to analyze and ensure QoS and mobility. A scalable routing and traffic engineering design based on software‐defined networking adequately handles continuous variability in network topology, differentiated user demands, and traffic transport in both temporal and spatial dimensions. The space‐based networks involving mega‐constellations will be better integrated with their terrestrial counterparts by fully leveraging the multilayer 5G framework, which is the foundational feature of our hybrid architecture. 相似文献
14.
This paper presents the design and development of a new network virtualization scheme to support multitenant datacenter networking (MT‐DCN) based on software‐defined networking (SDN) technologies. Effective multitenancy supports are essential and challenging for datacenter networking designs. In this study, we propose a new network virtualization architecture framework for efficient packet forwarding in MT‐DCN. Traditionally, an internet host uses IP addresses for both host identification and location information, which causes mobile IP problems whenever the host is moved from one IP subnet to another. Unfortunately, virtual machine (VM) mobility is inevitable for cloud computing in datacenters for reasons such as server consolidation and network traffic flow optimization. To solve the problems, we decouple VM identification and location information with two independent values neither by IP addresses. We redefine the semantics of Ethernet MAC address to embed tenant ID information to the MAC address field without violating its original functionality. We also replace traditional Layer2/Layer3 two‐stage routing schemes (MAC/IP) with an all‐Layer2 packet forwarding mechanism that combines MAC addresses (for VM identification and forwarding in local server groups under an edge switch gateway) and multiprotocol label switching (MPLS) labels (for packet transportation between edge switch gateways across the core label switching network connecting all the edge gateways). To accommodate conventional IP packet architecture in a multitenant environment, SDN (OpenFlow) technology is used to handle all this complex network traffics. We verified the design concepts by a simple system prototype in which all the major system components were implemented. Based on the prototype system, we evaluated packet forwarding efficiency under the proposed network architecture and compared it with conventional IP subnet routing approaches. We also evaluated the incurred packet processing overhead caused by each of the packet routing components. 相似文献
15.
Node energy-limited and mobility,indeed,requirement of customized service,made Ad Hoc press for customization Routing.Based on the core principle of software defined networking (SDN),the control framework and the design of routing creation bran-new approach about Ad Hoc based SDN was analyzed firstly.Secondly,the hierarchical routing model was established,and the problem of routing key nodes and key link centralized selection based on service path was proposed and its algorithm was designed,which could embed customize service into physical networks via nodes mapping based network performance maximization.Finally,it corroborate the advantage of routing implement via SDN in function,performance and the whole networks utilization.Experiments show that the energy consumption of network nodes is more balanced and the overall utilization of the network is nearly 14% higher than the traditional method. 相似文献
16.
Guowei Wu Jinlei Wang Mohammad S. Obaidat Lin Yao Kuei‐Fang Hsiao 《International Journal of Communication Systems》2019,32(7)
As software‐defined networking (SDN) is a logically centralized technology, the control plane scalability in SDN is increasingly important with the network scale increasing. Load balancing and maximizing resource utilization are very critical to the control plane in SDN, while switch migration is an effective approach to achieve these two performance metrics. However, switch migration is NP‐hard problem because it belongs to the problem of combinatorial optimization. To avoid the NP‐hard problem, we propose a switch migration scheme by adopting noncooperative game to improve the control plane scalability in SDN. First, we design a novel load balancing monitoring scheme to detect the load imbalance between controllers and trigger migrating switches. Then, we use noncooperative game among controllers to decide switch migration to get the maximizing overall profits. Last, we prove that our proposed approach can get Pareto optimality. Extensive simulations prove that our method is able to achieve a more scalable control plane with load balancing and maximizing resource utilization. 相似文献
17.
18.
Likun Wang Lin Yao Zichuan Xu Guowei Wu Mohammad S. Obaidat 《International Journal of Communication Systems》2018,31(10)
Software‐defined networking that separates the control plane from the data plane is envisioned as a promising technology to enable resilient and flexible network management. Tolerating link failures is a fundamental problem in enhancing such network resilience in software‐defined networking. Reactive and proactive fault tolerant schemes for conventional networks may not well balance the fault recovery time and network performance, since the proactive scheme typically underutilizes resources and the reactive scheme usually incurs a longer recovery time. In this paper, we propose a cooperative link failure recovery scheme to find a fine‐grained trade‐off between resource utilization and recovery time by combining reactive and proactive methods. We formalize the problem of link failure recovery as a multiobjective optimization problem and devise a 2‐stage algorithm for it. The first stage of the algorithm guarantees connectivity restoration in an acceptable recovery interval based on fast failover feature supported in OpenFlow protocol, meanwhile it assigns virtual local area network tags to back up paths for achieving a lower memory consumption. The second stage of the algorithm guarantees the quality of service for different applications by adjusting the backup paths after rapid connectivity restoration. Extensive simulations highlight that cooperative link failure recovery scheme can satisfy both the carrier‐grade recovery requirements and quality of service requirements in terms of delay and network bandwidth. 相似文献
19.
The network testbed based on software defined networking (referred as SDN testbed) has attracted extensive attention in the academic and industrial circles in recent years,and there have been many valuable cases of system/platform construction.Therefore,an overview of the SDN testbed was intended to conduct in the global scope.Firstly,the advantages of the SDN testbed and the basic design principles of the large-scale SDN testbed was explored comparing with the traditional network testbed.Secondly,in-depth analysis of existing SDN testbed projects was provided from the aspects of the project objectives and progress,the key technologies,network deployment,and featured applications.Finally,the challenges faced in this field were described in terms of network slicing,light and wireless convergence,security,and reliability.Future research directions are also suggested. 相似文献