A Trusted Transmission Scheme of SDN Based on Path Tracking Feedback

Abstract

Abstract: To address the problems with software defined network, such as the inevitable loopholes in the forwarding equipment and the lack of mechanisms for the controller to actively check network behaviors, a trusted transmission scheme of the SDN based on path tracking feedback is proposed. A transmission path trust verification mechanism based on tracking feedback is proposed in the scheme. Based on the feedback information, the credibility of the node is analyzed and the credibility of the path is evaluated. At the same time, a disjoint multi-path trusted routing algorithm DMTRA-PTF based on path tracking feedback is proposed to avoid malicious switch nodes through path tracking feedback and trusted evaluation, so as to construct disjoint multipath routing scheme to enhance the reliability of SDN transmission service. The experimental results show that the path tracking feedback mechanism can accurately identify the malicious switch with a small performance cost, and the trusted routing algorithm proposed in this paper can dynamically plan disjoint multiple trusted paths for subsequent routes, which can effectively improve the credibility of the whole network.

Key words: path tracking feedback, software defined network, trustworthiness analysis, multipath; , trusted transmission

GAO Feng, ZHUANG Yi, LIU Xiao. A Trusted Transmission Scheme of SDN Based on Path Tracking Feedback[J]. Computer and Modernization, 2022, 0(12): 102-110.

References

［1］ TSAI P W, TSAI C W, HSU C W, et al. Network monitoring in software-defined networking: A review［J］. IEEE Systems Journal, 2018,12(4):3958-3969.
［2］ CHIU Y C, LIN P C. Rapid detection of disobedient forwarding on compromised OpenFlow switches［C］// 2017 International Conference on Computing, Networking and Communications (ICNC). 2017:672-677.
［3］ GAO S, LI Z, XIAO B, et al. Security threats in the data plane of software-defined networks［J］. IEEE Network, 2018,32(4):108-113.
［4］ JIMNEZ M B, FERNNDEZ D, RIVADENEIRA J E, et al. A survey of the main security issues and solutions for the SDN architecture［J］. IEEE Access, 2021,9:122016-122038.
［5］ MIDHA S, TRIPTAHI K. Extended TLS security and defensive algorithm in OpenFlow SDN［C］// 2019 9th International Conference on Cloud Computing, Data Science & Engineering (Confluence). 2019:141-146.
［6］ REHMAN A U, AGUIAR R L, BARRACA J P. Fault-tolerance in the scope of software-defined networking (SDN)［J］. IEEE Access, 2019,7:124474-124490.
［7］ SHUKLA A, SAIDI S J, SCHMID S, et al. Toward consistent SDNs: A case for network state fuzzing［J］. IEEE Transactions on Network and Service Management, 2020,17(2):668-681.
［8］ SASAKI T, PAPPAS C, LEE T, et al.SDNsec: Forwarding accountability for the SDN data plane［C］// 2016 25th International Conference on Computer Communication and Networks (ICCCN). 2016. DOI:10.1109/ICCCN.2016.7568569.
［9］ ZHANG P, WU H, ZHANG D, et al. Verifying rule enforcement in software defined networks with REV［J］. IEEE/ACM Transactions on Networking, 2020,28(2):917-929.
［10］MOHAMMADI A A, KAZEMIAN P, PAKRAVAN M R. Detecting malicious packet drops and misroutings using Header Space Analysis［C］// 2016 8th International Symposium on Telecommunications (IST). 2016:521-526. 〖HJ0.92mm〗
［11］LI T, HOFMANN C, FRANZ E. Secure and reliable data transmission in SDN-based backend networks of industrial IoT［C］// 2020 IEEE 45th Conference on Local Computer Networks (LCN). 2020:365-368.
［12］GUILLEN L, IZUMI S, ABE T, et al. SDN implementation of multipath discovery to improve network performance in distributed storage systems［C］// 2017 13th International Conference on Network and Service Management (CNSM). 2017. DOI:10.23919/CNSM.2017.8256054.
［13］REN Q, HU T, WU J, et al. Multipath resilient routing for endogenous secure software defined networks［J］. Computer Networks, 2021,194. DOI:10.1016/j.comnet.2021.108134.
［14］GAO C F, RAJABIAN-SCHWART V, ZHANG W Y, et al. How would you like your packets delivered? An SDN-enabled open platform for QoS routing［C］// 2018 IEEE/ACM 26th International Symposium on Quality of Service (IWQoS). 2018. DOI: 10.1109/IWQoS.2018.8624137.
［15］张卫峰. 深度解析SDN:利益、战略、技术、实践［M］. 北京:电子工业出版社, 2014:68-75.〖HJ0.93mm〗
［16］TUPAKULA U, VARADHARAJAN V, KARMAKAR K K. Attack detection on the software defined networking switches［C］// 2020 6th IEEE Conference on Network Softwarization (NetSoft). 2020:262-266.
［17］HUSSEIN A, ELHAJJ I H, CHEHAB A, et al. SDN security plane: An architecture for resilient security services［C］// 2016 IEEE International Conference on Cloud Engineering Workshop (IC2EW). 2016:54-59.
［18］CHI P, KUO C, GUO J, et al. How to detect a compromised SDN switch［C］// Proceedings of the 2015 1st IEEE Conference on Network Softwarization (NetSoft). 2015. DOI:10.1109/NETSOFT.2015.7116184.
［19］XU S, WANG X, YANG G, et al. Routing optimization for cloud services in SDN-based Internet of Things with TCAM capacity constraint［J］. Journal of Communications and Networks, 2020,22(2):145-158.
［20］SHEU J P, LIN W T, CHANG G Y. Efficient TCAM rules distribution algorithms in software-defined networking［J］. IEEE Transactions on Network and Service Management, 2018,15(2):854-865.
［21］HOU A, WU C Q, FANG D, et al. Bandwidth scheduling with multiple variable node-disjoint paths in high-performance networks［C］// 2016 IEEE 35th International Performance Computing and Communications Conference (IPCCC). 2016. DOI:10.1109/PCCC.2016.7820600.
［22］ABE J O, MANTAR H A, YAYIMLI A G. K-Maximally disjoint path routing algorithms for SDN［C］// 2015 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery. 2015:499-508.
［23］PAN Q, ZHENG X. Multi-path SDN route selection subject to multi-constraints［C］// The 3rd International Conference on Cyberspace Technology (CCT 2015). 2015. DOI:10.1049/cp.2015.0818.
［24］鲁垚光,王兴伟,李福亮,等. 软件定义网络中的动态负载均衡与节能机制［J］. 计算机学报, 2020,43(10):1969-1982.
［25］卓力,张菁,赵霙頔,等. 一种面向无线视频传感器网络的多径QoS保障路由协议［J］. 电子学报, 2013(6):1122-1129.

[1]	CHEN Chen, ZHUANG Yi, GAO Zeng. QoE-driven High-availability Transmission Framework for SDN [J]. Computer and Modernization, 2023, 0(11): 62-68.
[2]	WANG Chong-yang, ZHUANG Yi. Load Balancing Algorithm of Multi-job Cluster Based on SDN and Improved CSA Algorithm [J]. Computer and Modernization, 2023, 0(11): 28-35.
[3]	LEI Yi-han, CAO Li-feng, HAN Meng-da, HAN Xue. Security Handover Architecture and Method for Software Defined Space-ground#br# Integration Network [J]. Computer and Modernization, 2023, 0(08): 119-126.
[4]	WANG Wen-wei, XIAO Jun-bi, CHENG Peng, ZHANG Yue. SDN-based DDoS Attack Defense System [J]. Computer and Modernization, 2021, 0(02): 117-121.
[5]	ZHUANG Huai-dong, DU Qing-wei. A Method of Data Center Network Dynamic Traffic Scheduling Based on SDN [J]. Computer and Modernization, 2016, 251(07): 80-86.
[6]	MA Chao1,2, CHENG Li1, KONG Ling-ling3. Performance Analysis of Traffic Anomaly Detection in Cloud-based Software-defined Network [J]. Computer and Modernization, 2015, 0(10): 92-97+102.