A Trusted Transmission Scheme of SDN Based on Path Tracking Feedback

Abstract

Abstract: To address the problems with software defined network, such as the inevitable loopholes in the forwarding equipment and the lack of mechanisms for the controller to actively check network behaviors, a trusted transmission scheme of the SDN based on path tracking feedback is proposed. A transmission path trust verification mechanism based on tracking feedback is proposed in the scheme. Based on the feedback information, the credibility of the node is analyzed and the credibility of the path is evaluated. At the same time, a disjoint multi-path trusted routing algorithm DMTRA-PTF based on path tracking feedback is proposed to avoid malicious switch nodes through path tracking feedback and trusted evaluation, so as to construct disjoint multipath routing scheme to enhance the reliability of SDN transmission service. The experimental results show that the path tracking feedback mechanism can accurately identify the malicious switch with a small performance cost, and the trusted routing algorithm proposed in this paper can dynamically plan disjoint multiple trusted paths for subsequent routes, which can effectively improve the credibility of the whole network.

Key words: path tracking feedback, software defined network, trustworthiness analysis, multipath, , trusted transmission

GAO Feng, ZHUANG Yi, LIU Xiao. A Trusted Transmission Scheme of SDN Based on Path Tracking Feedback[J]. Computer and Modernization, 2022, 0(12): 102-110.

References ［25］

［1］	TSAI P W, TSAI C W, HSU C W, et al. Network monitoring in software-defined networking: A review［J］. IEEE Systems Journal, 2018,12(4):3958-3969.
［2］	CHIU Y C, LIN P C. Rapid detection of disobedient forwarding on compromised OpenFlow switches［C］// 2017 International Conference on Computing, Networking and Communications (ICNC). 2017:672-677.
［3］	GAO S, LI Z, XIAO B, et al. Security threats in the data plane of software-defined networks［J］. IEEE Network, 2018,32(4):108-113.
［4］	JIMNEZ M B, FERNNDEZ D, RIVADENEIRA J E, et al. A survey of the main security issues and solutions for the SDN architecture［J］. IEEE Access, 2021,9:122016-122038.
［5］	MIDHA S, TRIPTAHI K. Extended TLS security and defensive algorithm in OpenFlow SDN［C］// 2019 9th International Conference on Cloud Computing, Data Science & Engineering (Confluence). 2019:141-146.
［6］	REHMAN A U, AGUIAR R L, BARRACA J P. Fault-tolerance in the scope of software-defined networking (SDN)［J］. IEEE Access, 2019,7:124474-124490.
［7］	SHUKLA A, SAIDI S J, SCHMID S, et al. Toward consistent SDNs: A case for network state fuzzing［J］. IEEE Transactions on Network and Service Management, 2020,17(2):668-681.
［8］	SASAKI T, PAPPAS C, LEE T, et al.SDNsec: Forwarding accountability for the SDN data plane［C］// 2016 25th International Conference on Computer Communication and Networks (ICCCN). 2016. DOI:10.1109/ICCCN.2016.7568569.
［9］	ZHANG P, WU H, ZHANG D, et al. Verifying rule enforcement in software defined networks with REV［J］. IEEE/ACM Transactions on Networking, 2020,28(2):917-929.
［10］	MOHAMMADI A A, KAZEMIAN P, PAKRAVAN M R. Detecting malicious packet drops and misroutings using Header Space Analysis［C］// 2016 8th International Symposium on Telecommunications (IST). 2016:521-526. 〖HJ0.92mm〗
［11］	LI T, HOFMANN C, FRANZ E. Secure and reliable data transmission in SDN-based backend networks of industrial IoT［C］// 2020 IEEE 45th Conference on Local Computer Networks (LCN). 2020:365-368.
［12］	GUILLEN L, IZUMI S, ABE T, et al. SDN implementation of multipath discovery to improve network performance in distributed storage systems［C］// 2017 13th International Conference on Network and Service Management (CNSM). 2017. DOI:10.23919/CNSM.2017.8256054.
［13］	REN Q, HU T, WU J, et al. Multipath resilient routing for endogenous secure software defined networks［J］. Computer Networks, 2021,194. DOI:10.1016/j.comnet.2021.108134.
［14］	GAO C F, RAJABIAN-SCHWART V, ZHANG W Y, et al. How would you like your packets delivered? An SDN-enabled open platform for QoS routing［C］// 2018 IEEE/ACM 26th International Symposium on Quality of Service (IWQoS). 2018. DOI: 10.1109/IWQoS.2018.8624137.
［15］	张卫峰. 深度解析SDN:利益、战略、技术、实践［M］. 北京:电子工业出版社, 2014:68-75.〖HJ0.93mm〗
［16］	TUPAKULA U, VARADHARAJAN V, KARMAKAR K K. Attack detection on the software defined networking switches［C］// 2020 6th IEEE Conference on Network Softwarization (NetSoft). 2020:262-266.
［17］	HUSSEIN A, ELHAJJ I H, CHEHAB A, et al. SDN security plane: An architecture for resilient security services［C］// 2016 IEEE International Conference on Cloud Engineering Workshop (IC2EW). 2016:54-59.
［18］	CHI P, KUO C, GUO J, et al. How to detect a compromised SDN switch［C］// Proceedings of the 2015 1st IEEE Conference on Network Softwarization (NetSoft). 2015. DOI:10.1109/NETSOFT.2015.7116184.
［19］	XU S, WANG X, YANG G, et al. Routing optimization for cloud services in SDN-based Internet of Things with TCAM capacity constraint［J］. Journal of Communications and Networks, 2020,22(2):145-158.
［20］	SHEU J P, LIN W T, CHANG G Y. Efficient TCAM rules distribution algorithms in software-defined networking［J］. IEEE Transactions on Network and Service Management, 2018,15(2):854-865.
［21］	HOU A, WU C Q, FANG D, et al. Bandwidth scheduling with multiple variable node-disjoint paths in high-performance networks［C］// 2016 IEEE 35th International Performance Computing and Communications Conference (IPCCC). 2016. DOI:10.1109/PCCC.2016.7820600.
［22］	ABE J O, MANTAR H A, YAYIMLI A G. K-Maximally disjoint path routing algorithms for SDN［C］// 2015 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery. 2015:499-508.
［23］	PAN Q, ZHENG X. Multi-path SDN route selection subject to multi-constraints［C］// The 3rd International Conference on Cyberspace Technology (CCT 2015). 2015. DOI:10.1049/cp.2015.0818.
［24］	鲁垚光,王兴伟,李福亮,等. 软件定义网络中的动态负载均衡与节能机制［J］. 计算机学报, 2020,43(10):1969-1982.
［25］	卓力,张菁,赵霙頔,等. 一种面向无线视频传感器网络的多径QoS保障路由协议［J］. 电子学报, 2013(6):1122-1129.

[1]	PENG Sui, XU Liang, ZHANG Zhi-qiang, LOU Yuan-yuan, YU Hao, QIN Xiao-hui. Probabilistic Voltage Stability Evaluation Algorithm Based on Mixed Vine Copula and ILHS [J]. Computer and Modernization, 2022, 0(12): 6-12.
[2]	WANG Ying-ying, ZHUANG Yi, SUN Yi-fan. Reliability Evaluation Model of BP Neural Network Based on Particle Swarm Optimization [J]. Computer and Modernization, 2022, 0(12): 42-49.
[3]	WEN Zi-xin, LI Shao-ying, WANG Bin-cheng, LIU Bo, . Face Clustering Method Based on Nearest Neighborhood Aggregation [J]. Computer and Modernization, 2022, 0(12): 81-87.
[4]	MIAO Zi-jing, MEI Xin. Chinese Event Detection Based on Multi-lexicon Feature Augmentation [J]. Computer and Modernization, 2022, 0(09): 13-18.
[5]	HUANG Yi-hu, YU Ya-nan. Anti-collision Shortest Path Planning Based on Improved Dijkstra Algorithm [J]. Computer and Modernization, 2022, 0(08): 20-24.
[6]	ZENG Yi-bin, GE Hong. Cross-modal Retrieval Based on Context Fusion and Multi-similarity Learning [J]. Computer and Modernization, 2022, 0(08): 50-56.
[7]	BIAN Zhi-yong, NIU Li-ping. Non-synchronous OFDM Network Location Technology Based on Multipath Environment [J]. Computer and Modernization, 2022, 0(04): 86-91.
[8]	YANG Zhen, ZHU Qiang-qiang, PENG Xiao-bao, YIN Zhi-jian, WEN Hai-qiao, HUANG Chun-hua. Industrial Safety Helmet Detection Algorithm Based on Depth Cascade Model [J]. Computer and Modernization, 2022, 0(01): 91-97.
[9]	ZHANG Tian-xi, WANG Li-peng, FU Jun-jun, CUI Ci, JIN Meng-lu. Certificateless Signcryption Scheme Based on Blockchain [J]. Computer and Modernization, 2022, 0(01): 120-126.
[10]	ZHAO Cong-hui, FENG Qing-sheng. Rotation Invariant Texture Extraction of Wheel Tread Based on DT-CWT and SVM [J]. Computer and Modernization, 2021, 0(12): 85-90.
[11]	ZHANG Xiao-fang, FENG Hui-fang. Dynamic Optimal Path Planning Based on Trajectory Big Data [J]. Computer and Modernization, 2021, 0(11): 82-88.
[12]	DIAO Shuo. Tabu Search for Target Localization in Grid Map [J]. Computer and Modernization, 2021, 0(10): 8-14.
[13]	LI Wen-quan, XU Su-ping. Tourism Resource Information Database System Based on Geographic Information [J]. Computer and Modernization, 2021, 0(08): 100-103.
[14]	WU Cong-yun, LIU Bin, LI Hai-yong, XU Xiao-feng. Intelligent Test System of Terminal Equipment of Relay Protection Information System [J]. Computer and Modernization, 2021, 0(07): 1-5.
[15]	LI Juan. Dynamic Load Balancing Algorithm for Heterogeneous Clusters Based on Internet of Things Technology#br# [J]. Computer and Modernization, 2021, 0(04): 104-108.