Mimetic defense-based network function deploying method in software defined network

A software-defined network and network function technology, applied in the field of network function deployment based on mimic defense, can solve problems such as network impact, service paralysis, economic loss, etc., and achieve the effect of enhancing security, increasing attack difficulty and attack cost

Active Publication Date: 2019-04-05
河南信大网御科技有限公司
View PDF3 Cites 34 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

If the process is hacked, it will have a serious impact o

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Mimetic defense-based network function deploying method in software defined network
  • Mimetic defense-based network function deploying method in software defined network
  • Mimetic defense-based network function deploying method in software defined network

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0037] To improve the reliability and robustness of network function deployment under the software-defined network architecture, according to the above-mentioned mimic defense technology, such as figure 1 As shown, the present invention provides a network function deployment method based on mimic defense in a software-defined network, comprising the following steps:

[0038] Step 1. Deploy virtual network functions on the data plane through virtualization technology.

[0039] Preferably, the data plane includes a physical device layer constructed by an OpenFlow switch and a virtual function layer constructed by different network functions such as network address translation, firewall, and load balancing.

[0040] Step 2, build heterogeneous executive pool, scheduler and arbiter components on the control plane based on the mimic architecture.

[0041] preferred, such as figure 2 As shown, the scheduler has an input parameter and an output parameter, the input parameter is th...

Embodiment 2

[0062] The difference between this embodiment and Embodiment 1 is that: the function orchestrator is an NFV orchestrator, and the controller is an SDN controller.

[0063] The existing mainstream NFV orchestrators are Womano, Tacker and Mano, and the mainstream SDN controllers are Ryu, Floodlight, OpenDaylight and ONOS. Therefore, in the process of constructing the heterogeneous executive pool, the heterogeneity of the heterogeneous executives in the heterogeneous executive pool can be realized based on the diversity of the controller and the function orchestrator.

[0064] In addition, the degree of heterogeneity of the heterogeneous execution entities in the heterogeneous execution entity pool can be increased through various combinations of the controller and the function orchestrator.

Embodiment 3

[0066] The difference between this embodiment and embodiment 1 and embodiment 2 is: as Figure 5 shown and Figure 6 As shown, in step 4, after the arbiter divides the N heterogeneous executives into normal heterogeneous executives and abnormal heterogeneous executives, the arbiter also sends abnormal heterogeneous executive information as the ruling result to The scheduler, the scheduler cleans the abnormal heterogeneous execution body according to the ruling result of the arbiter.

[0067] In this embodiment, through the arbiter's abnormal perception of the heterogeneous executives inside the system during the adjudication process, the scheduler can reduce the selection probability of abnormal heterogeneous executives, and further enhance the security of the scheduler's dynamic scheduling.

[0068] For example, for some network core services, due to their high security requirements, when the arbiter finds that there is an exception in a heterogeneous executive body, the inf...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a mimetic defense-based network function deploying method in a software defined network. The method comprises the following steps: 1, virtual network functions are deployed on adata plane through a virtualization technology; 2, based on a mimetic architecture, a heterogeneous executor pool, a dispatcher and an adjudicator part are constructed on a control plane; 3, the dispatcher performs dynamic dispatching on heterogeneous executors in the heterogeneous executor pool based on business requirements of an application plane, and a business deployment strategy flow tablefile is generated; 4, the adjudicator adjudicates the business deployment strategy flow table file and outputs the number of the selected heterogeneous executor to the heterogeneous executor pool; and5, the heterogeneous executor pool controls the selected heterogeneous executor to issue the business deployment strategy flow table file to the data plane according to the number of the selected heterogeneous executor, and the business deployment strategy flow table file is guided to complete deployment of the network functions through the virtual network functions.

Description

technical field [0001] The invention relates to the field of computer networks, in particular to a method for deploying network functions based on mimicry defense in a software-defined network. Background technique [0002] Software Defined Networking (SDN) is a new type of open network architecture with three characteristics: separation of control and forwarding, virtualization of device resources, and general-purpose hardware and software programmable. It has attracted extensive attention from academia and industry. . [0003] In recent years, with the emergence and application of Network Function Virtualization (Network Function Virtualization, NFV) technology, NFV technology is usually used to implement various network function devices, and can build resource pools for various network service functions. [0004] By combining SDN and NFV technology, users and operators can identify business requirements through NFV technology, create various virtual network functions (Vi...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L12/24
CPCH04L41/0803H04L63/0428H04L63/1441H04L63/20
Inventor 郭义伟鲍尚策张建军冯志峰李兴龙杨树村邵文超
Owner 河南信大网御科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap