面向針對性攻擊的SDVN控制層魯棒性方案
2022年電子技術應用第2期
毛 明1,伊 鵬1,張 震1,馬 云2
1.解放軍戰略支援部隊信息工程大學,河南 鄭州450001;2.68002部隊,甘肅 蘭州730000
摘要: 將軟件定義網絡應用于車聯網能顯著提升其性能,但該方法也面臨傳統SDN要應對的安全問題。基于軟件定義車聯網體系架構中控制平面可能面臨的針對性節點攻擊問題,提出一種魯棒的控制器放置方法。該方法結合傳統的SDN控制平面部署問題,首先將控制平面魯棒性問題建模為交換機與控制器的連通冗余性問題,提升交換機在極端情形下與控制器的連通性;其次設計一個魯棒性指標,以衡量控制平面魯棒性。仿真結果表明,該方法的魯棒性要優于基于時延可靠性的部署方案。
中圖分類號: TN919.2;TP393.0
文獻標識碼: A
DOI:10.16157/j.issn.0258-7998.211741
中文引用格式: 毛明,伊鵬,張震,等. 面向針對性攻擊的SDVN控制層魯棒性方案[J].電子技術應用,2022,48(2):45-50,77.
英文引用格式: Mao Ming,Yi Peng,Zhang Zhen,et al. Robust control plane scheme in SDVN toward targeted attack[J]. Application of Electronic Technique,2022,48(2):45-50,77.
文獻標識碼: A
DOI:10.16157/j.issn.0258-7998.211741
中文引用格式: 毛明,伊鵬,張震,等. 面向針對性攻擊的SDVN控制層魯棒性方案[J].電子技術應用,2022,48(2):45-50,77.
英文引用格式: Mao Ming,Yi Peng,Zhang Zhen,et al. Robust control plane scheme in SDVN toward targeted attack[J]. Application of Electronic Technique,2022,48(2):45-50,77.
Robust control plane scheme in SDVN toward targeted attack
Mao Ming1,Yi Peng1,Zhang Zhen1,Ma Yun2
1.People′s Liberation Army Strategic Support Force Information Engineering University,Zhengzhou 450001,China; 2.68002 Troops,Lanzhou 730000,China
Abstract: Applying software-defined networking to the Internet of Vehicles can significantly improve its performance. However, this method also faces security issues that traditional SDN has to deal with. This paper proposes a robust controller placement method based on the targeted node attack problem that the control plane may face in the software-defined vehicular networking architecture. This method combines the traditional SDN control plane deployment problem. Firstly, the control plane robustness problem is modeled as the connectivity redundancy problem between the switch and the controller. Secondly, a robustness metric is designed to measure the robustness of the control plane. The simulation results demonstrate that the robustness of this method is better than the deployment scheme based on delay reliability.
Key words : software-defined vehicular networking(SDVN);controller placement;robustness;targeted attack
0 引言
隨著車聯網的蓬勃發展,車載自組織網絡(Vehicular Ad-hoc Network,VANET)受到工業界和學術界的極大關注。VANET中異構無線技術靈活性、可編程性、共存性的特點,以及5G架構中的資源管理等可利用SDN(Software-Defined Networking)的方式來實現[1]。
軟件定義車聯網(Software-Defined Vehicular Networking,SDVN)結構組成與SDN相似。其中控制平面由管理和控制整個網絡的SDN控制器組成,數據平面由各種交換設備組成,在節點間實現數據轉發。數據平面又分為上層數據平面和下層數據平面。上層數據平面包括支持OpenFlow協議的交換機和路由器,以及無線接入設施,如路邊單元、基站等;下層數據平面由車輛終端用戶配備的車載單元組成。與SDN類似,盡管分布式控制平面[2]已成為SDVN架構的主流設計,將控制功能集中于控制層仍然存在遭受惡意攻擊的風險。
以軟件定義方式解決車聯網安全問題有效且富有挑戰性,其不僅要解決傳統VANET的安全問題[3-4],同時也要解決上層數據平面以上的安全問題。
本文詳細內容請下載:http://m.viuna.cn/resource/share/2000003966。
作者信息:
毛 明1,伊 鵬1,張 震1,馬 云2
(1.解放軍戰略支援部隊信息工程大學,河南 鄭州450001;2.68002部隊,甘肅 蘭州730000)
此內容為AET網站原創,未經授權禁止轉載。