《電子技術(shù)應(yīng)用》
您所在的位置:首頁 > 通信与网络 > 设计应用 > 面向针对性攻击的SDVN控制层鲁棒性方案
面向针对性攻击的SDVN控制层鲁棒性方案
2022年电子技术应用第2期
毛 明1,伊 鹏1,张 震1,马 云2
1.解放军战略支援部队信息工程大学,河南 郑州450001;2.68002部队,甘肃 兰州730000
摘要: 将软件定义网络应用于车联网能显著提升其性能,但该方法也面临传统SDN要应对的安全问题。基于软件定义车联网体系架构中控制平面可能面临的针对性节点攻击问题,提出一种鲁棒的控制器放置方法。该方法结合传统的SDN控制平面部署问题,首先将控制平面鲁棒性问题建模为交换机与控制器的连通冗余性问题,提升交换机在极端情形下与控制器的连通性;其次设计一个鲁棒性指标,以衡量控制平面鲁棒性。仿真结果表明,该方法的鲁棒性要优于基于时延可靠性的部署方案。
中圖分類號(hào): TN919.2;TP393.0
文獻(xiàn)標(biāo)識(shí)碼: A
DOI:10.16157/j.issn.0258-7998.211741
中文引用格式: 毛明,伊鵬,張震,等. 面向針對性攻擊的SDVN控制層魯棒性方案[J].電子技術(shù)應(yīng)用,2022,48(2):45-50,77.
英文引用格式: Mao Ming,Yi Peng,Zhang Zhen,et al. Robust control plane scheme in SDVN toward targeted attack[J]. Application of Electronic Technique,2022,48(2):45-50,77.
Robust control plane scheme in SDVN toward targeted attack
Mao Ming1,Yi Peng1,Zhang Zhen1,Ma Yun2
1.People′s Liberation Army Strategic Support Force Information Engineering University,Zhengzhou 450001,China; 2.68002 Troops,Lanzhou 730000,China
Abstract: Applying software-defined networking to the Internet of Vehicles can significantly improve its performance. However, this method also faces security issues that traditional SDN has to deal with. This paper proposes a robust controller placement method based on the targeted node attack problem that the control plane may face in the software-defined vehicular networking architecture. This method combines the traditional SDN control plane deployment problem. Firstly, the control plane robustness problem is modeled as the connectivity redundancy problem between the switch and the controller. Secondly, a robustness metric is designed to measure the robustness of the control plane. The simulation results demonstrate that the robustness of this method is better than the deployment scheme based on delay reliability.
Key words : software-defined vehicular networking(SDVN);controller placement;robustness;targeted attack

0 引言

    隨著車聯(lián)網(wǎng)的蓬勃發(fā)展,車載自組織網(wǎng)絡(luò)(Vehicular Ad-hoc Network,VANET)受到工業(yè)界和學(xué)術(shù)界的極大關(guān)注。VANET中異構(gòu)無線技術(shù)靈活性、可編程性、共存性的特點(diǎn),以及5G架構(gòu)中的資源管理等可利用SDN(Software-Defined Networking)的方式來實(shí)現(xiàn)[1]。

軟件定義車聯(lián)網(wǎng)(Software-Defined Vehicular Networking,SDVN)結(jié)構(gòu)組成與SDN相似。其中控制平面由管理和控制整個(gè)網(wǎng)絡(luò)的SDN控制器組成,數(shù)據(jù)平面由各種交換設(shè)備組成,在節(jié)點(diǎn)間實(shí)現(xiàn)數(shù)據(jù)轉(zhuǎn)發(fā)。數(shù)據(jù)平面又分為上層數(shù)據(jù)平面和下層數(shù)據(jù)平面。上層數(shù)據(jù)平面包括支持OpenFlow協(xié)議的交換機(jī)和路由器,以及無線接入設(shè)施,如路邊單元、基站等;下層數(shù)據(jù)平面由車輛終端用戶配備的車載單元組成。與SDN類似,盡管分布式控制平面[2]已成為SDVN架構(gòu)的主流設(shè)計(jì),將控制功能集中于控制層仍然存在遭受惡意攻擊的風(fēng)險(xiǎn)。

    以軟件定義方式解決車聯(lián)網(wǎng)安全問題有效且富有挑戰(zhàn)性,其不僅要解決傳統(tǒng)VANET的安全問題[3-4],同時(shí)也要解決上層數(shù)據(jù)平面以上的安全問題。




本文詳細(xì)內(nèi)容請下載:http://m.ihrv.cn/resource/share/2000003966




作者信息:

毛  明1,伊  鵬1,張  震1,馬  云2

(1.解放軍戰(zhàn)略支援部隊(duì)信息工程大學(xué),河南 鄭州450001;2.68002部隊(duì),甘肅 蘭州730000)




wd.jpg

此內(nèi)容為AET網(wǎng)站原創(chuàng),未經(jīng)授權(quán)禁止轉(zhuǎn)載。

相關(guān)內(nèi)容