The healthcare sector holds valuable and sensitive data.The amount of this data and the need to handle,exchange,and protect it,has been increasing at a fast pace.Due to their nature,software-defined networks(SDNs)are ...The healthcare sector holds valuable and sensitive data.The amount of this data and the need to handle,exchange,and protect it,has been increasing at a fast pace.Due to their nature,software-defined networks(SDNs)are widely used in healthcare systems,as they ensure effective resource utilization,safety,great network management,and monitoring.In this sector,due to the value of thedata,SDNs faceamajor challengeposed byawide range of attacks,such as distributed denial of service(DDoS)and probe attacks.These attacks reduce network performance,causing the degradation of different key performance indicators(KPIs)or,in the worst cases,a network failure which can threaten human lives.This can be significant,especially with the current expansion of portable healthcare that supports mobile and wireless devices for what is called mobile health,or m-health.In this study,we examine the effectiveness of using SDNs for defense against DDoS,as well as their effects on different network KPIs under various scenarios.We propose a threshold-based DDoS classifier(TBDC)technique to classify DDoS attacks in healthcare SDNs,aiming to block traffic considered a hazard in the form of a DDoS attack.We then evaluate the accuracy and performance of the proposed TBDC approach.Our technique shows outstanding performance,increasing the mean throughput by 190.3%,reducing the mean delay by 95%,and reducing packet loss by 99.7%relative to normal,with DDoS attack traffic.展开更多
文章深入研究基于强化学习的流量优化与拥塞控制方法在软件定义网络(Software Defined Network,SDN)中的应用。首先,详细阐述SDN网络的架构与原理。SDN网络的灵活性和可编程性为网络管理提供了全新的范式。其次,提出了一种基于强化学习...文章深入研究基于强化学习的流量优化与拥塞控制方法在软件定义网络(Software Defined Network,SDN)中的应用。首先,详细阐述SDN网络的架构与原理。SDN网络的灵活性和可编程性为网络管理提供了全新的范式。其次,提出了一种基于强化学习的流量优化与拥塞控制方法,通过建模状态、动作、奖励等要素,实现网络流量智能调整。最后,在Mininet仿真环境中进行了实验验证。通过监测吞吐量、延迟、拥塞情况等性能指标,验证所提方法的有效性。实验结果表明,在网络性能方面,所提方法相较于传统方法取得了显著改善,具备更好的适应性和优化能力。展开更多
重点研究智慧校园网络与安全的软件定义网络(Software Defined Network,SDN)架构选择,分别讨论SDN架构应用的必要性、实现方法、网络与安全维护建议等内容。从智慧校园的集中部署、意图网络与智慧校园的融合、以零信任为核心构建网络安...重点研究智慧校园网络与安全的软件定义网络(Software Defined Network,SDN)架构选择,分别讨论SDN架构应用的必要性、实现方法、网络与安全维护建议等内容。从智慧校园的集中部署、意图网络与智慧校园的融合、以零信任为核心构建网络安全架构3个维度出发,提出保护智慧校园网络安全的建议。旨在强调SDN架构对于智慧校园建设的运行安全维护作用,以期为今后智慧校园的深化建设提供技术支持。展开更多
软件定义网络(Software Defined Network,SDN)架构是使用软件编写代码的方式构建网络,实现控制转发平面分离,并对控制平面实现集中管理.生成树协议(Spanning Tree Protocol,STP)是交换式网络的环路避免协议,通过生成树算法(Spanning Tre...软件定义网络(Software Defined Network,SDN)架构是使用软件编写代码的方式构建网络,实现控制转发平面分离,并对控制平面实现集中管理.生成树协议(Spanning Tree Protocol,STP)是交换式网络的环路避免协议,通过生成树算法(Spanning Tree Algorithm,STA),将带有环路的物理拓扑中某台设备的接口设置为阻塞状态,构建逻辑无环拓扑.该文通过Python代码编制网络拓扑文件和RYU控制器文件的方式,实施SDN中的网络环路设计,按照STA算法设计和实现STP环路避免,并在仿真实验平台运行,测试结果表明,实现了SDN网络中环路避免.展开更多
Software-defined networking(SDN)is widely used in multiple types of data center networks,and these distributed data center networks can be integrated into a multi-domain SDN by utilizing multiple controllers.However,t...Software-defined networking(SDN)is widely used in multiple types of data center networks,and these distributed data center networks can be integrated into a multi-domain SDN by utilizing multiple controllers.However,the network topology of each control domain of SDN will affect the performance of the multidomain network,so performance evaluation is required before the deployment of the multi-domain SDN.Besides,there is a high cost to build real multi-domain SDN networks with different topologies,so it is necessary to use simulation testing methods to evaluate the topological performance of the multi-domain SDN network.As there is a lack of existing methods to construct a multi-domain SDN simulation network for the tool to evaluate the topological performance automatically,this paper proposes an automated multi-domain SDN topology performance evaluation framework,which supports multiple types of SDN network topologies in cooperating to construct a multi-domain SDN network.The framework integrates existing single-domain SDN simulation tools with network performance testing tools to realize automated performance evaluation of multidomain SDN network topologies.We designed and implemented a Mininet-based simulation tool that can connect multiple controllers and run user-specified topologies in multiple SDN control domains to build and test multi-domain SDN networks faster.Then,we used the tool to perform performance tests on various data center network topologies in single-domain and multi-domain SDN simulation environments.Test results show that Space Shuffle has the most stable performance in a single-domain environment,and Fat-tree has the best performance in a multi-domain environment.Also,this tool has the characteristics of simplicity and stability,which can meet the needs of multi-domain SDN topology performance evaluation.展开更多
Software-defined networking(SDN)algorithms are gaining increas-ing interest and are making networks flexible and agile.The basic idea of SDN is to move the control planes to more than one server’s named controllers a...Software-defined networking(SDN)algorithms are gaining increas-ing interest and are making networks flexible and agile.The basic idea of SDN is to move the control planes to more than one server’s named controllers and limit the data planes to numerous sending network components,enabling flexible and dynamic network management.A distinctive characteristic of SDN is that it can logically centralize the control plane by utilizing many physical controllers.The deployment of the controller—that is,the controller placement problem(CPP)—becomes a vital model challenge.Through the advancements of blockchain technology,data integrity between nodes can be enhanced with no requirement for a trusted third party.Using the lat-est developments in blockchain technology,this article designs a novel sea turtle foraging optimization algorithm for the controller placement problem(STFOA-CPP)with blockchain-based intrusion detection in an SDN environ-ment.The major intention of the STFOA-CPP technique is the maximization of lifetime,network connectivity,and load balancing with the minimization of latency.In addition,the STFOA-CPP technique is based on the sea turtles’food-searching characteristics of tracking the odour path of dimethyl sulphide(DMS)released from food sources.Moreover,the presented STFOA-CPP technique can adapt with the controller’s count mandated and the shift to controller mapping to variable network traffic.Finally,the blockchain can inspect the data integrity,determine significantly malicious input,and improve the robust nature of developing a trust relationship between sev-eral nodes in the SDN.To demonstrate the improved performance of the STFOA-CPP algorithm,a wide-ranging experimental analysis was carried out.The extensive comparison study highlighted the improved outcomes of the STFOA-CPP technique over other recent approaches.展开更多
Smart environments offer various services,including smart cities,ehealthcare,transportation,and wearable devices,generating multiple traffic flows with different Quality of Service(QoS)demands.Achieving the desired Qo...Smart environments offer various services,including smart cities,ehealthcare,transportation,and wearable devices,generating multiple traffic flows with different Quality of Service(QoS)demands.Achieving the desired QoS with security in this heterogeneous environment can be challenging due to traffic flows and device management,unoptimized routing with resource awareness,and security threats.Software Defined Networks(SDN)can help manage these devices through centralized SDN controllers and address these challenges.Various schemes have been proposed to integrate SDN with emerging technologies for better resource utilization and security.Software Defined Wireless Body Area Networks(SDWBAN)and Software Defined Internet of Things(SDIoT)are the recently introduced frameworks to overcome these challenges.This study surveys the existing SDWBAN and SDIoT routing and security challenges.The paper discusses each solution in detail and analyses its weaknesses.It covers SDWBAN frameworks for efficient management of WBAN networks,management of IoT devices,and proposed security mechanisms for IoT and data security in WBAN.The survey provides insights into the state-of-the-art in SDWBAN and SDIoT routing with resource awareness and security threats.Finally,this study highlights potential areas for future research.展开更多
Currently,the Internet of Things(IoT)is revolutionizing communi-cation technology by facilitating the sharing of information between different physical devices connected to a network.To improve control,customization,f...Currently,the Internet of Things(IoT)is revolutionizing communi-cation technology by facilitating the sharing of information between different physical devices connected to a network.To improve control,customization,flexibility,and reduce network maintenance costs,a new Software-Defined Network(SDN)technology must be used in this infrastructure.Despite the various advantages of combining SDN and IoT,this environment is more vulnerable to various attacks due to the centralization of control.Most methods to ensure IoT security are designed to detect Distributed Denial-of-Service(DDoS)attacks,but they often lack mechanisms to mitigate their severity.This paper proposes a Multi-Attack Intrusion Detection System(MAIDS)for Software-Defined IoT Networks(SDN-IoT).The proposed scheme uses two machine-learning algorithms to improve detection efficiency and provide a mechanism to prevent false alarms.First,a comparative analysis of the most commonly used machine-learning algorithms to secure the SDN was performed on two datasets:the Network Security Laboratory Knowledge Discovery in Databases(NSL-KDD)and the Canadian Institute for Cyberse-curity Intrusion Detection Systems(CICIDS2017),to select the most suitable algorithms for the proposed scheme and for securing SDN-IoT systems.The algorithms evaluated include Extreme Gradient Boosting(XGBoost),K-Nearest Neighbor(KNN),Random Forest(RF),Support Vector Machine(SVM),and Logistic Regression(LR).Second,an algorithm for selecting the best dataset for machine learning in Intrusion Detection Systems(IDS)was developed to enable effective comparison between the datasets used in the development of the security scheme.The results showed that XGBoost and RF are the best algorithms to ensure the security of SDN-IoT and to be applied in the proposed security system,with average accuracies of 99.88%and 99.89%,respectively.Furthermore,the proposed security scheme reduced the false alarm rate by 33.23%,which is a significant improvement over prevalent schemes.Finally,tests of the algorithm for dataset selection showed that the rates of false positives and false negatives were reduced when the XGBoost and RF algorithms were trained on the CICIDS2017 dataset,making it the best for IDS compared to the NSL-KDD dataset.展开更多
Over the past few years,rapid advancements in the internet and communication technologies have led to increasingly intricate and diverse networking systems.As a result,greater intelligence is necessary to effectively ...Over the past few years,rapid advancements in the internet and communication technologies have led to increasingly intricate and diverse networking systems.As a result,greater intelligence is necessary to effectively manage,optimize,and maintain these systems.Due to their distributed nature,machine learning models are challenging to deploy in traditional networks.However,Software-Defined Networking(SDN)presents an opportunity to integrate intelligence into networks by offering a programmable architecture that separates data and control planes.SDN provides a centralized network view and allows for dynamic updates of flow rules and softwarebased traffic analysis.While the programmable nature of SDN makes it easier to deploy machine learning techniques,the centralized control logic also makes it vulnerable to cyberattacks.To address these issues,recent research has focused on developing powerful machine-learning methods for detecting and mitigating attacks in SDN environments.This paper highlighted the countermeasures for cyberattacks on SDN and how current machine learningbased solutions can overcome these emerging issues.We also discuss the pros and cons of using machine learning algorithms for detecting and mitigating these attacks.Finally,we highlighted research issues,gaps,and challenges in developing machine learning-based solutions to secure the SDN controller,to help the research and network community to develop more robust and reliable solutions.展开更多
针对传统互联网调度无法满足工业业务QoS(Quality of Service)需求的问题,文中在基于SDN的新型网络架构上提出了一种改进的路由算法,并对其中使用的Floodlight控制器模块进行扩展与修改。根据信息收集单元模块提供的带宽信息与链路发现...针对传统互联网调度无法满足工业业务QoS(Quality of Service)需求的问题,文中在基于SDN的新型网络架构上提出了一种改进的路由算法,并对其中使用的Floodlight控制器模块进行扩展与修改。根据信息收集单元模块提供的带宽信息与链路发现模块提供的网络拓扑信息,路由计算模块对进入的数据流计算出更优化的最短路径。仿真实验结果表明,改进后的路由算法有效降低了数据的传输时延,增强了网络的稳定性。展开更多
文章主要设计一种软件定义网络(Software Defined Network,SDN)管理系统平台,首先分析系统的用户需求,其次提出其整体框架、模块设计以及数据库设计,并进行系统测试。文章所设计的平台能够优化网络维护的流程,提升网络管理员开展日常网...文章主要设计一种软件定义网络(Software Defined Network,SDN)管理系统平台,首先分析系统的用户需求,其次提出其整体框架、模块设计以及数据库设计,并进行系统测试。文章所设计的平台能够优化网络维护的流程,提升网络管理员开展日常网络维护工作的效率。展开更多
One of the challenges of Informationcentric Networking(ICN)is finding the optimal location for caching content and processing users’requests.In this paper,we address this challenge by leveraging Software-defined Netw...One of the challenges of Informationcentric Networking(ICN)is finding the optimal location for caching content and processing users’requests.In this paper,we address this challenge by leveraging Software-defined Networking(SDN)for efficient ICN management.To achieve this,we formulate the problem as a mixed-integer nonlinear programming(MINLP)model,incorporating caching,routing,and load balancing decisions.We explore two distinct scenarios to tackle the problem.Firstly,we solve the problem in an offline mode using the GAMS environment,assuming a stable network state to demonstrate the superior performance of the cacheenabled network compared to non-cache networks.Subsequently,we investigate the problem in an online mode where the network state dynamically changes over time.Given the computational complexity associated with MINLP,we propose the software-defined caching,routing,and load balancing(SDCRL)algorithm as an efficient and scalable solution.Our evaluation demonstrates that the SDCRL algorithm significantly reduces computational time while maintaining results that closely resemble those achieved by GAMS.展开更多
铁路应急通信网络由于涉及业务多、技术种类多,在实现快速搭建的问题上面临比较大的挑战。如何实现应急通信网络的快速搭建,同时满足多种业务、多场景下的不同需求,保证通信网络的稳定性与有效性成为一个值得关注的研究话题。软件定义网...铁路应急通信网络由于涉及业务多、技术种类多,在实现快速搭建的问题上面临比较大的挑战。如何实现应急通信网络的快速搭建,同时满足多种业务、多场景下的不同需求,保证通信网络的稳定性与有效性成为一个值得关注的研究话题。软件定义网络(Software Defined Networking,SDN)提出的控制层与数据层分离的新思想为研究提供新的方向。提出在应急通信中引入SDN技术,构建基于SDN的融合应急通信网络,实现网络的集中控制、状态感知、按需路由等相关功能,提高网络的稳定性与效率。展开更多
基金extend their appreciation to Researcher Supporting Project Number(RSPD2023R582)King Saud University,Riyadh,Saudi Arabia.
文摘The healthcare sector holds valuable and sensitive data.The amount of this data and the need to handle,exchange,and protect it,has been increasing at a fast pace.Due to their nature,software-defined networks(SDNs)are widely used in healthcare systems,as they ensure effective resource utilization,safety,great network management,and monitoring.In this sector,due to the value of thedata,SDNs faceamajor challengeposed byawide range of attacks,such as distributed denial of service(DDoS)and probe attacks.These attacks reduce network performance,causing the degradation of different key performance indicators(KPIs)or,in the worst cases,a network failure which can threaten human lives.This can be significant,especially with the current expansion of portable healthcare that supports mobile and wireless devices for what is called mobile health,or m-health.In this study,we examine the effectiveness of using SDNs for defense against DDoS,as well as their effects on different network KPIs under various scenarios.We propose a threshold-based DDoS classifier(TBDC)technique to classify DDoS attacks in healthcare SDNs,aiming to block traffic considered a hazard in the form of a DDoS attack.We then evaluate the accuracy and performance of the proposed TBDC approach.Our technique shows outstanding performance,increasing the mean throughput by 190.3%,reducing the mean delay by 95%,and reducing packet loss by 99.7%relative to normal,with DDoS attack traffic.
文摘文章深入研究基于强化学习的流量优化与拥塞控制方法在软件定义网络(Software Defined Network,SDN)中的应用。首先,详细阐述SDN网络的架构与原理。SDN网络的灵活性和可编程性为网络管理提供了全新的范式。其次,提出了一种基于强化学习的流量优化与拥塞控制方法,通过建模状态、动作、奖励等要素,实现网络流量智能调整。最后,在Mininet仿真环境中进行了实验验证。通过监测吞吐量、延迟、拥塞情况等性能指标,验证所提方法的有效性。实验结果表明,在网络性能方面,所提方法相较于传统方法取得了显著改善,具备更好的适应性和优化能力。
文摘重点研究智慧校园网络与安全的软件定义网络(Software Defined Network,SDN)架构选择,分别讨论SDN架构应用的必要性、实现方法、网络与安全维护建议等内容。从智慧校园的集中部署、意图网络与智慧校园的融合、以零信任为核心构建网络安全架构3个维度出发,提出保护智慧校园网络安全的建议。旨在强调SDN架构对于智慧校园建设的运行安全维护作用,以期为今后智慧校园的深化建设提供技术支持。
文摘软件定义网络(Software Defined Network,SDN)架构是使用软件编写代码的方式构建网络,实现控制转发平面分离,并对控制平面实现集中管理.生成树协议(Spanning Tree Protocol,STP)是交换式网络的环路避免协议,通过生成树算法(Spanning Tree Algorithm,STA),将带有环路的物理拓扑中某台设备的接口设置为阻塞状态,构建逻辑无环拓扑.该文通过Python代码编制网络拓扑文件和RYU控制器文件的方式,实施SDN中的网络环路设计,按照STA算法设计和实现STP环路避免,并在仿真实验平台运行,测试结果表明,实现了SDN网络中环路避免.
基金This work was supported by the Fundamental Research Funds for the Central Universities(2021RC239)the Postdoctoral Science Foundation of China(2021 M690338)+3 种基金the Hainan Provincial Natural Science Foundation of China(620RC562,2019RC096,620RC560)the Scientific Research Setup Fund of Hainan University(KYQD(ZR)1877)the Program of Hainan Association for Science and Technology Plans to Youth R&D Innovation(QCXM201910)the National Natural Science Foundation of China(61802092,62162021).
文摘Software-defined networking(SDN)is widely used in multiple types of data center networks,and these distributed data center networks can be integrated into a multi-domain SDN by utilizing multiple controllers.However,the network topology of each control domain of SDN will affect the performance of the multidomain network,so performance evaluation is required before the deployment of the multi-domain SDN.Besides,there is a high cost to build real multi-domain SDN networks with different topologies,so it is necessary to use simulation testing methods to evaluate the topological performance of the multi-domain SDN network.As there is a lack of existing methods to construct a multi-domain SDN simulation network for the tool to evaluate the topological performance automatically,this paper proposes an automated multi-domain SDN topology performance evaluation framework,which supports multiple types of SDN network topologies in cooperating to construct a multi-domain SDN network.The framework integrates existing single-domain SDN simulation tools with network performance testing tools to realize automated performance evaluation of multidomain SDN network topologies.We designed and implemented a Mininet-based simulation tool that can connect multiple controllers and run user-specified topologies in multiple SDN control domains to build and test multi-domain SDN networks faster.Then,we used the tool to perform performance tests on various data center network topologies in single-domain and multi-domain SDN simulation environments.Test results show that Space Shuffle has the most stable performance in a single-domain environment,and Fat-tree has the best performance in a multi-domain environment.Also,this tool has the characteristics of simplicity and stability,which can meet the needs of multi-domain SDN topology performance evaluation.
文摘Software-defined networking(SDN)algorithms are gaining increas-ing interest and are making networks flexible and agile.The basic idea of SDN is to move the control planes to more than one server’s named controllers and limit the data planes to numerous sending network components,enabling flexible and dynamic network management.A distinctive characteristic of SDN is that it can logically centralize the control plane by utilizing many physical controllers.The deployment of the controller—that is,the controller placement problem(CPP)—becomes a vital model challenge.Through the advancements of blockchain technology,data integrity between nodes can be enhanced with no requirement for a trusted third party.Using the lat-est developments in blockchain technology,this article designs a novel sea turtle foraging optimization algorithm for the controller placement problem(STFOA-CPP)with blockchain-based intrusion detection in an SDN environ-ment.The major intention of the STFOA-CPP technique is the maximization of lifetime,network connectivity,and load balancing with the minimization of latency.In addition,the STFOA-CPP technique is based on the sea turtles’food-searching characteristics of tracking the odour path of dimethyl sulphide(DMS)released from food sources.Moreover,the presented STFOA-CPP technique can adapt with the controller’s count mandated and the shift to controller mapping to variable network traffic.Finally,the blockchain can inspect the data integrity,determine significantly malicious input,and improve the robust nature of developing a trust relationship between sev-eral nodes in the SDN.To demonstrate the improved performance of the STFOA-CPP algorithm,a wide-ranging experimental analysis was carried out.The extensive comparison study highlighted the improved outcomes of the STFOA-CPP technique over other recent approaches.
基金supporting this research through the Post-Doctoral Fellowship Scheme under Grant Q.J130000.21A2.06E03 and Q.J130000.2409.08G77.
文摘Smart environments offer various services,including smart cities,ehealthcare,transportation,and wearable devices,generating multiple traffic flows with different Quality of Service(QoS)demands.Achieving the desired QoS with security in this heterogeneous environment can be challenging due to traffic flows and device management,unoptimized routing with resource awareness,and security threats.Software Defined Networks(SDN)can help manage these devices through centralized SDN controllers and address these challenges.Various schemes have been proposed to integrate SDN with emerging technologies for better resource utilization and security.Software Defined Wireless Body Area Networks(SDWBAN)and Software Defined Internet of Things(SDIoT)are the recently introduced frameworks to overcome these challenges.This study surveys the existing SDWBAN and SDIoT routing and security challenges.The paper discusses each solution in detail and analyses its weaknesses.It covers SDWBAN frameworks for efficient management of WBAN networks,management of IoT devices,and proposed security mechanisms for IoT and data security in WBAN.The survey provides insights into the state-of-the-art in SDWBAN and SDIoT routing with resource awareness and security threats.Finally,this study highlights potential areas for future research.
文摘Currently,the Internet of Things(IoT)is revolutionizing communi-cation technology by facilitating the sharing of information between different physical devices connected to a network.To improve control,customization,flexibility,and reduce network maintenance costs,a new Software-Defined Network(SDN)technology must be used in this infrastructure.Despite the various advantages of combining SDN and IoT,this environment is more vulnerable to various attacks due to the centralization of control.Most methods to ensure IoT security are designed to detect Distributed Denial-of-Service(DDoS)attacks,but they often lack mechanisms to mitigate their severity.This paper proposes a Multi-Attack Intrusion Detection System(MAIDS)for Software-Defined IoT Networks(SDN-IoT).The proposed scheme uses two machine-learning algorithms to improve detection efficiency and provide a mechanism to prevent false alarms.First,a comparative analysis of the most commonly used machine-learning algorithms to secure the SDN was performed on two datasets:the Network Security Laboratory Knowledge Discovery in Databases(NSL-KDD)and the Canadian Institute for Cyberse-curity Intrusion Detection Systems(CICIDS2017),to select the most suitable algorithms for the proposed scheme and for securing SDN-IoT systems.The algorithms evaluated include Extreme Gradient Boosting(XGBoost),K-Nearest Neighbor(KNN),Random Forest(RF),Support Vector Machine(SVM),and Logistic Regression(LR).Second,an algorithm for selecting the best dataset for machine learning in Intrusion Detection Systems(IDS)was developed to enable effective comparison between the datasets used in the development of the security scheme.The results showed that XGBoost and RF are the best algorithms to ensure the security of SDN-IoT and to be applied in the proposed security system,with average accuracies of 99.88%and 99.89%,respectively.Furthermore,the proposed security scheme reduced the false alarm rate by 33.23%,which is a significant improvement over prevalent schemes.Finally,tests of the algorithm for dataset selection showed that the rates of false positives and false negatives were reduced when the XGBoost and RF algorithms were trained on the CICIDS2017 dataset,making it the best for IDS compared to the NSL-KDD dataset.
文摘Over the past few years,rapid advancements in the internet and communication technologies have led to increasingly intricate and diverse networking systems.As a result,greater intelligence is necessary to effectively manage,optimize,and maintain these systems.Due to their distributed nature,machine learning models are challenging to deploy in traditional networks.However,Software-Defined Networking(SDN)presents an opportunity to integrate intelligence into networks by offering a programmable architecture that separates data and control planes.SDN provides a centralized network view and allows for dynamic updates of flow rules and softwarebased traffic analysis.While the programmable nature of SDN makes it easier to deploy machine learning techniques,the centralized control logic also makes it vulnerable to cyberattacks.To address these issues,recent research has focused on developing powerful machine-learning methods for detecting and mitigating attacks in SDN environments.This paper highlighted the countermeasures for cyberattacks on SDN and how current machine learningbased solutions can overcome these emerging issues.We also discuss the pros and cons of using machine learning algorithms for detecting and mitigating these attacks.Finally,we highlighted research issues,gaps,and challenges in developing machine learning-based solutions to secure the SDN controller,to help the research and network community to develop more robust and reliable solutions.
文摘针对传统互联网调度无法满足工业业务QoS(Quality of Service)需求的问题,文中在基于SDN的新型网络架构上提出了一种改进的路由算法,并对其中使用的Floodlight控制器模块进行扩展与修改。根据信息收集单元模块提供的带宽信息与链路发现模块提供的网络拓扑信息,路由计算模块对进入的数据流计算出更优化的最短路径。仿真实验结果表明,改进后的路由算法有效降低了数据的传输时延,增强了网络的稳定性。
文摘One of the challenges of Informationcentric Networking(ICN)is finding the optimal location for caching content and processing users’requests.In this paper,we address this challenge by leveraging Software-defined Networking(SDN)for efficient ICN management.To achieve this,we formulate the problem as a mixed-integer nonlinear programming(MINLP)model,incorporating caching,routing,and load balancing decisions.We explore two distinct scenarios to tackle the problem.Firstly,we solve the problem in an offline mode using the GAMS environment,assuming a stable network state to demonstrate the superior performance of the cacheenabled network compared to non-cache networks.Subsequently,we investigate the problem in an online mode where the network state dynamically changes over time.Given the computational complexity associated with MINLP,we propose the software-defined caching,routing,and load balancing(SDCRL)algorithm as an efficient and scalable solution.Our evaluation demonstrates that the SDCRL algorithm significantly reduces computational time while maintaining results that closely resemble those achieved by GAMS.
文摘铁路应急通信网络由于涉及业务多、技术种类多,在实现快速搭建的问题上面临比较大的挑战。如何实现应急通信网络的快速搭建,同时满足多种业务、多场景下的不同需求,保证通信网络的稳定性与有效性成为一个值得关注的研究话题。软件定义网络(Software Defined Networking,SDN)提出的控制层与数据层分离的新思想为研究提供新的方向。提出在应急通信中引入SDN技术,构建基于SDN的融合应急通信网络,实现网络的集中控制、状态感知、按需路由等相关功能,提高网络的稳定性与效率。