Software-defined networking(SDN)enables the separation of control and data planes,allowing for centralized control and management of the network.Without adequate access control methods,the risk of unau-thorized access...Software-defined networking(SDN)enables the separation of control and data planes,allowing for centralized control and management of the network.Without adequate access control methods,the risk of unau-thorized access to the network and its resources increases significantly.This can result in various security breaches.In addition,if authorized devices are attacked or controlled by hackers,they may turn into malicious devices,which can cause severe damage to the network if their abnormal behaviour goes undetected and their access privileges are not promptly restricted.To solve those problems,an anomaly detection and access control mechanism based on SDN and neural networks is proposed for cloud-edge collaboration networks.The system employs the Attribute Based Access Control(ABAC)model and smart contract for fine-grained control of device access to the network.Furthermore,a cloud-edge collaborative Key Performance Indicator(KPI)anomaly detection method based on the Gated Recurrent Unit and Generative Adversarial Nets(GRU-GAN)is designed to discover the anomaly devices.An access restriction mechanism based on reputation value and anomaly detection is given to prevent anomalous devices.Experiments show that the proposed mechanism performs better anomaly detection on several datasets.The reputation-based access restriction effectively reduces the number of malicious device attacks.展开更多
基金supported in part by the National Natural Science Foundation of China under Grant 62162018 and Grant 61861013in part by the Innovation Research Team Project of Guangxi Natural Science Foundation 2019GXNSFGA245004.
文摘Software-defined networking(SDN)enables the separation of control and data planes,allowing for centralized control and management of the network.Without adequate access control methods,the risk of unau-thorized access to the network and its resources increases significantly.This can result in various security breaches.In addition,if authorized devices are attacked or controlled by hackers,they may turn into malicious devices,which can cause severe damage to the network if their abnormal behaviour goes undetected and their access privileges are not promptly restricted.To solve those problems,an anomaly detection and access control mechanism based on SDN and neural networks is proposed for cloud-edge collaboration networks.The system employs the Attribute Based Access Control(ABAC)model and smart contract for fine-grained control of device access to the network.Furthermore,a cloud-edge collaborative Key Performance Indicator(KPI)anomaly detection method based on the Gated Recurrent Unit and Generative Adversarial Nets(GRU-GAN)is designed to discover the anomaly devices.An access restriction mechanism based on reputation value and anomaly detection is given to prevent anomalous devices.Experiments show that the proposed mechanism performs better anomaly detection on several datasets.The reputation-based access restriction effectively reduces the number of malicious device attacks.