一种基于路径跟踪反馈的SDN网络可信传输方案  被引量：2

作　　者：高枫 庄毅[1] 刘骁 GAO Feng;ZHUANG Yi;LIU Xiao(College of Computer Science and Technology,Nanjing University of Aeronautics and Astronautics,Nanjing 211106,China;Shanghai Aerospace Electronic Technology Institute,Shanghai 201109,China)

机构地区：[1]南京航空航天大学计算机科学与技术学院,江苏南京211106 [2]上海航天电子技术研究所,上海201109

出　　处：《计算机与现代化》2022年第12期102-110,共9页Computer and Modernization

基　　金：国家自然科学基金资助项目(61572253)。

摘　　要：针对软件定义网络(SDN)中的转发设备存在不可避免的漏洞和后门、缺乏主动监测或被动检查网络行为的机制等问题,提出一种基于路径跟踪反馈的SDN网络可信传输方案,设计基于跟踪反馈的传输路径可信验证机制,依据反馈信息分析节点的可信性,以此评估路径的可信度;同时,提出一种基于路径跟踪反馈的不相交多路径可信路由算法DMTRA-PTF,能够通过路径跟踪反馈和可信评估引导新的路径及时规避恶意交换机节点,构造不相交多路径路由方案以增强SDN网络传输服务的可信性。对比实验结果表明,路径跟踪反馈机制能够以较小的性能代价准确识别恶意交换机,提出的可信路由算法能够以此为后续路由动态规划不相交多条可信路径,有效提升网络整体的可信性。To address the problems with software defined network, such as the inevitable loopholes in the forwarding equipment and the lack of mechanisms for the controller to actively check network behaviors, a trusted transmission scheme of the SDN based on path tracking feedback is proposed. A transmission path trust verification mechanism based on tracking feedback is proposed in the scheme. Based on the feedback information, the credibility of the node is analyzed and the credibility of the path is evaluated. At the same time, a disjoint multi-path trusted routing algorithm DMTRA-PTF based on path tracking feedback is proposed to avoid malicious switch nodes through path tracking feedback and trusted evaluation, so as to construct disjoint multipath routing scheme to enhance the reliability of SDN transmission service. The experimental results show that the path tracking feedback mechanism can accurately identify the malicious switch with a small performance cost, and the trusted routing algorithm proposed in this paper can dynamically plan disjoint multiple trusted paths for subsequent routes, which can effectively improve the credibility of the whole network.

关 键 词：路径跟踪反馈 软件定义网络 可信性分析 多路径 可信传输 

分 类 号：TP393[自动化与计算机技术—计算机应用技术]