SDN-based optimal security service path construction mechanism

被引：0

作者：

Liu Y. ^{[1
]}

Chen X. ^{[1
]}

Lu Y. ^{[1
]}

Qiao W. ^{[1
]}

机构：

[1] Equipment Simulation Training Center, Army Engineering Univ., Shijiazhuang

来源：

Xi'an Dianzi Keji Daxue Xuebao/Journal of Xidian University | 2019年 / 46卷 / 01期

关键词：

Breadth first search algorithm; Integer linear programming; Security service path; Software-defined networking;

D O I：

10.19665/j.issn1001-2400.2019.01.025

中图分类号：

学科分类号：

摘要：

In view of the fact that existing security service path optimization methods lack a comprehensive consideration of the specific security requirements and the underlying resource status, a dynamic construction mechanism of security service path based on the heuristic breadth first search algorithm is proposed. First, the overall structure of the dynamic construction of the security service path based on the software-defined networking is given, and the integer linear programming is introduced to model this problem. Second, a model solving algorithm is proposed, which mainly adopts the "first select after search" method to solve the security service path construction problem which considers both the specific security needs and the underlying resource status. Finally, simulation results show that the proposed construction mechanism is better than the compared method in terms of the performance index. © 2019, The Editorial Board of Journal of Xidian University. All right reserved.

引用

页码：158 / 165

页数：7

共 8 条

[1] Zuo Q., Chen M., Wang X., Et al., Online Traffic Anomaly Detection Method for SDN, Journal of Xidian Univerisity, 42, 1, pp. 155-160, (2015)
[2] Lee W., Kim N., Security Policy Scheme for an Efficient Security Architecture in Software-Defined Networking, Information, 8, 2, (2017)
[3] Liu Y., Zhang H.Q., Liu J., Et al., A New Approach for Delivering Customized Security Everywhere: Security Service Chain, Security and Communication Networks, 2017, (2017)
[4] Sendi A.S., Jarraya Y., Pourzandi M., Et al., Efficient Provisioning of Security Service Function Chaining Using Network Security Defense Patterns, IEEE Transactions on Services Computing, (2016)
[5] Basile C., Pitscheider C., Risso F., Et al., Towards the Dynamic Provision of Virtualized Security Services, Communications in Computer and Information Science: 530, pp. 65-76, (2015)
[6] Park Y., Chandaliya P., Muralidharan A., Et al., Dynamic Defense Provision via Network Functions Virtualization, Proceedings of the 2017 ACM International Workshop on Security in Software Defined Networks and Network Function Virtualization, pp. 43-46, (2017)
[7] Bonakdarpour B., Bozga M., Jaber M., Et al., A Framework for Automated Distributed Implementation of Component-based Models, Distributed Computing, 25, 5, pp. 383-409, (2012)
[8] Sahhaf S., Tavernier W., Rost M., Et al., Network Service Chaining with Optimized Network Function Embedding Supporting Service Decompositions, Computer Networks, 93, pp. 492-505, (2015)

← 1 →