CN105245362A - SDN (Software Defined Network) environment important node information acquisition method - Google Patents
SDN (Software Defined Network) environment important node information acquisition method Download PDFInfo
- Publication number
- CN105245362A CN105245362A CN201510581282.3A CN201510581282A CN105245362A CN 105245362 A CN105245362 A CN 105245362A CN 201510581282 A CN201510581282 A CN 201510581282A CN 105245362 A CN105245362 A CN 105245362A
- Authority
- CN
- China
- Prior art keywords
- node
- parameter
- network
- forward node
- represent
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses an SDN (Software Defined Network) environment important node information acquisition method. The method is used for selecting important nodes in a network so as to carry out key monitoring and key deployment on network services. The method includes the following steps that: related information of a forwarding plane and a network service program are collected; and the important degrees of forwarding nodes are subjected to quantitative analysis, and then, focused information acquisition can be performed on the network services. According to the method, selected parameters include the following four parts: 1) communication traffic; 2) network topology; 3) forwarding node liveness; and 4) network service information, wherein the network service information is indexes related to the evaluation of the urgent degree of the deployment of the services by the forwarding nodes and can be selected from indexes provided by specific network services according to the specific network services. With the method of the invention adopted, the information acquisition work of the network services is optimized, and the number of network service information acquisition nodes can be decreased, and excellent service effects can be obtained.
Description
Technical field
The present invention relates to network information processing field, be specifically related to important node information collecting method in a kind of SDN environment.
Background technology
Software defined network (SoftwareDefinedNetworks, SDN) is a kind of new network architecture data retransmission aspect in legacy network and management layer decoupling zero proposed.Due to SDN for network management and developer provide unified northbound interface of programming, can carry out network management easily and provide all kinds of new network service, this framework is widely used.As, Google applies SDN framework to improve device resource utilance in its backbone network; Amazon AWS provides extensive elastic calculation cloud service by SDN framework.
In SDN framework, controller Controller is not only lower floor forward node Switch as core component and provides data retransmission stream table, also for upper level applications App provides disparate networks Back ground Information.Therefore, how reducing the work load of Controller, improve its operating efficiency, is the key ensureing that SDN efficient stable runs.Although in the research work of existing SDN, the existing correlative study reducing Controller work load, they are all only optimized for a certain particular job of Controller, have certain limitation.Especially, in large-scale network environment, when in SDN during all kinds of service request increasing number, these researchs effectively can not reduce the work load of Controller.This will cause the increase of network delay, reduces its service quality, and even occurs the situation of periods of network disruption.
In legacy network, reduce the information work of network service, the main method reducing network delay carries out importance assessment for the node in network.By only carrying out the mode of information gathering to important node, greatly network performance can be promoted.Traditional network node importance appraisal procedure can be roughly divided into following a few class: (1) is based on the sequence of node neighbour; (2) based on the sequence in path; (3) sequence of feature based vector; (4) to remove based on node and the sequence of shrinking.But above-mentioned 4 quasi-tradition network node importance ranking methods are not also suitable for SDN environment, and its main cause is:
(1) be the interstitial content comprised by communication path between the number of analysis node surrounding neighbours node or certain two node based on node neighbour with based on the basic thought of the sort method in path, determine the importance of this node.But in SDN, forwarding flow table is formulated according to whole net state and routing policy by Controller.Therefore, in SDN framework, the topology information only according to Forwarding plane is not sufficient to the importance evaluating forward node exactly.
(2) sort method of feature based vector needs constantly to spread in network-wide basis through parameter information, and just can obtain final result after one section of convergence time.But in SDN, especially in large-scale SDN, because Controller has the whole network information, cause it can constantly reformulate forwarding flow table.Therefore, the importance of sort method to SDN repeating node as adjacent according to feature based is assessed, and this algorithm will be caused always to be in converged state, cannot draw effective result, and even occur that this algorithm enters the situation of endless loop.
(3) to remove based on node and the basic thought of sort method that shrinks is removed the rear destructiveness to whole net by critic network node, thus determine the importance of this node.But in SDN, when " paralysis " appears in certain forward node, Controller can reformulate rapidly new forwarding flow table, guarantees the unimpeded of whole Network Communication.Therefore, in SDN, only having when removing some special forward node, just can have larger destructiveness to whole netting gear.So, remove based on node and the sort method that shrinks also and be not suitable for SDN.
Traditional network services information gathering optimized algorithm generally with node importance index for foundation, carry out the emphasis collection of network service to reach the optimization to its efficiency of service, and this importance index can be applicable to other network management activities, as network structure safety analysis and network route management etc.Its main results is as follows: the people such as Chen propose a kind of in legacy network the node importance sort algorithm based on half local message.The people such as Kitsak propose a kind of algorithm of K-shell decomposition method determination node importance in network.K-shell decomposition method combines with community structure by the people such as Hu, proposes a kind of improvement index, and the experiment on SIR model to show the method slightly good compared with the algorithm of the people such as Kitsak.The people such as Martin improve eigenvector centrality algorithm, and propose when the score value of computing node, the score value of its neighbours no longer considers the impact of this node.The algorithm jointly representing weighted networks interior joint importance is weighed on the limit that the people such as Garas propose a kind of neighbours' quantity with node and node.The people such as Chen propose a kind of half local algorithm for directed networks, and this algorithm not only considers the quantity of neighbor node, also contemplate the impact of cluster coefficients on Information Communication.Due to the distributed nature of traditional network architecture and the character of shortage uniform hardware DLL (dynamic link library), traditional network services disposition optimization algorithm is made usually to there is convergence time, be difficult to reflect node importance in a network in real time, and on Selecting parameter, be limited by the restriction of the network equipment, be difficult to the importance weighing node all sidedly.But above problem, the characteristic of SDN framework can be utilized in SDN environment to solve well.
The research of current SDN framework is still in the elementary step, and research direction mainly concentrates on and utilizes the advantage of SDN framework to solve based on problem already present under the scene of extensive dynamic network, for the research of Controller optimization problem in SDN framework still in the starting stage.Existing main results is as follows: the people such as Perez propose a kind of attribute according to demand by the algorithm of packet Fast Classification, is optimized the processing data packets work of Controller.The people such as Thorat propose a kind of quick self-regeneration algorithm of SDN framework, are optimized the self-regeneration work of Controller.The people such as Malboubi propose a kind of optimized algorithm for fine granularity flow monitoring, the work load produced Controller when alleviating fine granularity flow monitoring.The existing research about Controller optimization problem is all launch for particular problem, makes the autgmentability of achievement in research very limited, lacks the algorithm research had compared with high scalability.
Summary of the invention
For the deficiencies in the prior art, the present invention aims to provide important node information collecting method in a kind of SDN environment, at reduction Controller, all kinds of service request response is postponed, while improving network stabilization, the network size that the single Controller of further raising can manage, thus the deployment number of Controller in minimizing network, reduce the collaborative work amount of Controller.
To achieve these goals, the present invention adopts following technical scheme:
Important node information collecting method in a kind of SDN environment, comprise controller Controller and forward node, described method comprises the steps:
S1 controller is by carrying out information to Forwarding plane and network server, and obtain the parameter information for evaluating each forward node significance level, described parameter comprises the traffic, network topology, forward node active degree and information of network service;
The parameter information that each forward node that S2 obtains according to step S1 is corresponding forms many tuple data of each forward node, carries out quantitative analysis, draw the importance index of each forward node in network to many tuple data of each forward node.
It should be noted that, in described step S1, the traffic is the data volume that in the unit time, forward node sends, and is obtained by following formula:
CN
i=cn
i(t)-cn
i(t-1),i=1,2,…,m;
Wherein, CN
irepresent forward node v
itraffic parameter, cn
it () represents v
inode t cumulative data transfer amount, cn
i(t-1) be v
inode t-1 moment cumulative data transfer amount, m represents the interstitial content in network.
It should be noted that, in described step S1, described network topology is without having no right connected graph mutually, being designated as G=(V, E), wherein V={v
1, v
2..., v
mbe the node set of G, E={e
1, e
2..., e
nfor gathering on the limit of G, m and n is nodes and the limit number of G respectively, and m that is to say the forward node number in network; In addition, the adjacency matrix of G is designated as A
m × m=[a
ij], only as node v
iwith v
jbetween have connect limit time a
ij=1, otherwise a
ij=0;
Described network topology parameters specifically comprises following subparameter:
2.1) centrifugal centrality parameter:
The i.e. ultimate range of other forward node in a forward node to network, is drawn by following formula:
ECC
i=max
j(d
ij),i,j=(1,2,…,m);
Wherein, ECC
irepresent forward node v
icentrifugal centrality parameter, d
ijrepresent forward node v
iwith v
jbetween the length of shortest path, m represents the interstitial content in network;
2.2) close to centrality parameter:
The i.e. average distance of other forward node in a forward node to network, is obtained by following formula:
Wherein, CC
irepresent node v
iclose to centrality parameter, d
ijrepresent node v
iwith v
jbetween the length of shortest path, m represents the interstitial content in network;
2.3) centrality parameter is spent:
I.e. neighbours' number of a forward node, is obtained by following formula:
DC
i=deg
i,i=(1,2,…,m)
Wherein, DC
irepresent node v
idegree centrality parameter, deg
irepresent node v
ineighbours' number, m represents the interstitial content in network.
It should be noted that, in described step S1, forward node liveness parameter specifically comprises following subparameter:
3.1) packet forwards frequency:
Namely the quantity of packet that in the unit interval, forward node sends, is obtained by following formula:
Wherein, EF
irepresent node v
ipacket forward frequency, ef
it () represents forward node v
iat t cumulative data Packet forwarding number of times, ef
i(t-1) forward node v is represented
iat t-1 moment cumulative data Packet forwarding number of times, m represents the interstitial content in network, and Δ t represents the time difference between t and t-1 moment;
3.2) node request frequency:
Namely, in the unit interval, forward node sends the number of times of all kinds of request to controller, is obtained by following formula:
Wherein, QF
irepresent forward node v
inode request frequency, qf
it () represents forward node v
ithe number of times sent request is added up, qf in t
i(t-1) forward node v is represented
iadd up the number of times sent request in the t-1 moment, m represents the interstitial content in network, and Δ t is the time difference between t and t-1 moment;
3.3) stream table Modification Frequency:
In the representation unit time, the number of times of stream table is thereon disposed in forward node amendment under controller instruction, that is:
Wherein, CF
irepresent node v
istream table Modification Frequency, cf
it () represents v
inode t adds up the number of times of stream table amendment, cf
i(t-1) v is represented
ithe node t-1 moment adds up the number of times that stream table is revised, and m represents the interstitial content in network, and Δ t is the time difference between t and t-1 moment.
It should be noted that, in step S1, described information of network service parameter comprises the parameter of multinomial network service, and the urgent degree that the parameter of every network service specifically disposes this service according to forward node is chosen, and is expressed as follows:
TS
i={S
i1,S
i2,…,S
inoi},i=(1,2,…,m);
TS
irepresent v
ithe information of network service of node, wherein S
i1, S
i2..., S
inoievery web service parameter selected by expression, noi represents the sum of the web service parameter comprised in information of network service parameter.
It should be noted that, step S2 is implemented as follows:
2.1) standard parameter;
2.2) historical parametric process;
2.3) the final matching of parameter, obtains the importance index of each forward node in network.
It should be noted that further, step 2.1) in, standard parameter carries out according to the following formula:
Wherein a
ifor node v
ithe initial data of a certain parameter, x
ifor node v
ithis standard parameter after result, a
jfor node v
jthe initial data of this parameter.
It should be noted that further, step 2.2) be implemented as follows:
2.2.1) first single treatment is carried out by weighted sum to it to the historical data of every parameter, that is:
Wherein, Q represents certain forward node one treated historical parametric, T
jrepresent jth-1 historical data of this forward node historical parametric, α
jrepresent corresponding T
jweight, K represents the number of the information for matching, namely for the historical data of matching and total number of current data;
2.2.2) Weight of Coefficient through Analytic Hierarchy Process α is adopted
jand P, specific as follows:
2.2.2.1) according to time sequence information T={T
1, T
2... T
j..., T
kjudgement Matricies A:
Wherein, b
ijrepresent T
iwith T
jrelativeness, its mathe-matical map is as follows:
and
2.2.2.2) by each row normalization of judgment matrix A:
2.2.2.3) by the matrix by rows summation after normalization:
2.2.2.4) to vector
Be normalized:
Then characteristic vector W=[ω
1, ω
2..., ω
k]
t;
2.2.2.5) try to achieve feature root:
calculate coincident indicator CI=(t
max-K)/K-1, contrast Aver-age Random Consistency Index carries out consistency check, if do not passed through, adjusts b
ijmathe-matical map rebuild judgment matrix A, and jump to step 2.2.2.1), wherein, (AW)
ii-th component of the product of representing matrix A and characteristic vector W;
It should be noted that, step 2.2.2.1) middle T
iwith T
jrelativeness b
ijempirically arrange, if step 2.2.2.5) in consistency check do not pass through, then prove relativeness b
ijarrange unreasonable, thus readjust b
ijmathe-matical map and development of judgment matrix A again, till consistency check is passed through.
It should be noted that further,
2.2.2.6) to weight vector normalization:
Obtain final weights: α=[α
1, α
2..., α
k]
t;
2.2.2.7) Q is obtained by weighted sum:
It should be noted that further, step 2.3) be implemented as follows:
2.3.1) by following formula, all parameter fittings are become node importance index:
Wherein, s
irepresentation node v
iimportance index, CN
iand CN
jrepresentation node v respectively
iand v
jtraffic parameter, TP
iand TP
jrepresentation node v respectively
iand v
jnetwork topology parameters, VD
iand VD
jrepresentation node v respectively
iand v
jnode liveness parameter, TS
iand TS
jrepresentation node v respectively
iand v
jinformation of network service parameter, λ
1, λ
2, λ
3, λ
4representation node v respectively
itraffic parameter, network topology parameters, node liveness parameter and information of network service parameter weight;
The computing formula of described network topology parameters, node liveness parameter and web service parameter is as follows:
Wherein, λ
21, λ
22and λ
23represent the centrifugal centrality parameter in network topology parameters, weight close to centrality parameter and degree centrality parameter respectively, λ
31, λ
32and λ
33represent that the packet in forward node liveness parameter forwards the weight of frequency, node request frequency and stream table Modification Frequency respectively, λ
ikbe then each web service parameter S
ikcorresponding weight;
2.3.2) employing PCA determines the weight λ in each matching formula
jwith final fitting result, specific as follows:
2.3.2.1) initialization input variable, and generate the parameter matrix A (m × n) recording all node input parameters, wherein, described initializing variable is number of parameters n, the whole network interstitial content m and forward node v
iparameters v
i={ p
i1, p
i2..., p
in;
2.3.2.2) by each row normalization of parameter matrix A:
B
ijfor the element of parameter matrix A;
2.3.2.3) by the matrix by rows summation after normalization:
2.3.2.4) to vector
be normalized:
And calculated characteristics is vectorial, be denoted as W=[ω
1, ω
2..., ω
n]
t
2.3.2.5) try to achieve parameters weight:
2.3.2.6) try to achieve node parameter fitting result:
2.3.2.7) the whole network fit metric is tried to achieve: P=[P
1, P
2..., P
m]
t.
Beneficial effect of the present invention is:
1, the information gathering work of network service is optimized, while minimizing information of network service acquisition node quantity, obtains good service effectiveness;
2, along with the minimizing of information on services acquisition node quantity, Controller can obtain following benefit in this activity: 1) improve Controller to the speed of response of all kinds of work; 2) indirectly improve the network size that single Controller can manage, thus reduce the deployment number of Controller in network, reduce the collaborative work amount of Controller and dispose the capital consumption of Controller.
Accompanying drawing explanation
Fig. 1 is implementing procedure figure of the present invention;
Fig. 2 is the implementing procedure figure of quantitative analysis step in Fig. 1;
Fig. 3 is that in emulation experiment, attack detecting program network oversampling ratio to work the impact of the speed of response on Controller;
Fig. 4 is the relation of attack detecting program network oversampling ratio and attack-response time delay;
Fig. 5 is the relation of attack detecting program network oversampling ratio and attack detecting success rate;
Fig. 6 is sensor selection problem ratio and the relation selecting similarity.
Embodiment
Below with reference to accompanying drawing, the invention will be further described, it should be noted that, the present embodiment, premised on the technical program, give detailed execution mode and concrete operating process, but protection scope of the present invention is not limited to the present embodiment.
As shown in Figure 1, in a kind of SDN environment, important node information collecting method comprises the steps:
S1 is according to the character of SDN framework, and on the basis ensureing extensibility, choosing can the parameter of effecting reaction forward node importance.Wherein parameter comprises four large classes: the 1) traffic; 2) network topology 3) forward node active degree; 4) information of network service.Wherein, the interface that first three items data provide according to the standard communication protocol Openflow in SDN framework is chosen with the object of effective reflection forward node importance, and information of network service is chosen according to concrete network service.
(1) traffic
Namely the data volume that in the unit interval, this forwarding node sends.The most basic work due to forwarding node has been exactly the forwarding of packet, and therefore this parameter has the ability weighing this forwarding node importance.
CN
i=cn
i(t)-cn
i(t-1)
Wherein, CN
irepresent v
ithe traffic parameter of node, cn
it () represents v
inode t cumulative data transfer amount.
(2) network topology
The i.e. physical connection situation of transmission network.Physical connection situation due to network determines the ability of network to a great extent, and therefore, network topology situation can be used to the significance level of a measurement forward node in network.In the present invention, topological diagram is without having no right connected graph mutually, being designated as G=(V, E), wherein V={v
1, v
2..., v
mbe the node set of G, E={e
1, e
2..., e
nfor gathering on the limit of G, m and n is nodes and the limit number of G respectively.The adjacency matrix of G is designated as A
m × m=[a
ij], a
ij=1 but and if only if node v
iwith v
jbetween have and connect limit, otherwise a
ij=0.
Due to the complexity of network topology situation, existing balancing method comprehensively cannot weigh node importance by network topology, and therefore the present invention is weighed it by following three kinds of parameters:
A) centrifugal centrality:
Investigate the ultimate range of other nodes in node to network, that is:
Wherein, ECC
irepresent v
ithe centrifugal centrality parameter of node, d
ijrepresent node v
iwith v
jbetween the length of shortest path, m represents the interstitial content in network.
B) close to centrality:
Investigate the average distance of other nodes in node to network, that is:
Wherein, CC
irepresent node v
iclose to centrality parameter, d
ijrepresent node v
iwith v
jbetween the length of shortest path, m represents the interstitial content in network.
C) centrality is spent:
Investigate neighbours' number of node, that is:
DC
i=deg
i,i=(1,2,…,m)
Wherein, DC
irepresent node v
idegree centrality parameter, deg
irepresent node v
ineighbours' number, m represents the interstitial content in network.
(3) forward node liveness
The i.e. degree of this node participation network activity.In conjunction with the concrete condition of SDN scene, weigh the liveness of forwarding node by following three parameters:
A) packet forwards frequency:
Namely between unit, the quantity of the packet that forward node sends.Owing to there is the packet that some only carry low volume data in network, these packets are usually used to the objective function realizing various agreement, significant, but the work meaning forwarded this part packet cannot be simple is weighed by data volume.Therefore, this parameter is chosen to weigh the meaning of this part work, that is:
Wherein, EF
irepresent node v
ipacket forward frequency, ef
it () represents v
inode t cumulative data Packet forwarding number of times, m represents the interstitial content in network.
B) node request frequency:
Namely, in the unit interval, forward node sends the number of times of all kinds of request to Controller.This parameter reflects forward node degree of dependence to Controller instruction in network activity, shows the liveness of this node network activity, that is: from a side
Wherein, QF
irepresent node v
inode request frequency, qf
it () represents v
inode t adds up the number of times sent request, and m represents the interstitial content in network.
C) stream table Modification Frequency:
Namely, in the unit interval, the number of times of stream table is thereon disposed in forward node amendment under Controller instruction.In SDN framework, the number of times that the stream table on a usual forward node is revised by Controller is more, proves that this node take part in more network activitys.And then illustrate when this node goes wrong, the network activity of impact is more, therefore chooses this parameter to weigh the liveness of node, that is:
Wherein, CF
irepresent node v
istream table Modification Frequency, cf
it () represents v
inode t adds up the number of times of stream table amendment, and m represents the interstitial content in network.
(4) information of network service:
The network service chosen according to specifically optimizing of this parameter, specifically formulated, and quantity is not limit by network management personnel, as: to Network Intrusion Detection System, the situation etc. of every abnormal alarm can be set to, use TS
i={ S
i1, S
i2..., S
inrepresent v
ithe information of network service of node, wherein S
i1, S
i2..., S
inevery web service parameter selected by expression.
S2 passes through forward node v
ithe quantitative analysis of many tuple data, draw the importance index of each node in network, its process as shown in Figure 2, comprises the steps:
2.1) standard parameter;
2.2) historical parametric process;
2.3) the final matching of parameter, obtains the importance index of each forward node in network.
By the flow process shown by Fig. 2, by the Parameter analysis process of collecting from Forwarding plane and network server, draw the quantized data of network node importance.
2.1) standard parameter
Due to the otherness of parameters in numerical value performance, for enabling follow-up parameter processing work conveniently launch, crude sampling parameter is first carried out standardization by the present invention:
Wherein a
ifor node v
ithe initial data of a certain parameter, x
ifor the result after this standard parameter.By the standardization of parameter, the Parameter Mapping making script span different, in [0,1] scope, facilitates the parameter processing work of subsequent step.
2.2) historical parametric process
Because network activity behavior is usually expressed as network parameter continuation change in a period of time, the data of this parameter can show the consecutive variations in sequential, therefore evaluate this kind of there is historical parameter time, its History Continuity should be considered, also include its historical data in investigation scope.And in parameter selected by the present invention, the traffic, forward node liveness and information of network service have obvious History Continuity, therefore utilize the historical data of this three classes parameter, first carry out single treatment by weighted sum to it, that is:
Wherein, P represents certain node one treated historical parametric, and as traffic volume, packet forward frequency etc., and the data input as this parameter uses at the final fitting part of parameter by P, T
jrepresent jth-1 historical data of this node historical parametric, α
jrepresent corresponding T
jweight.
Due to T
jhave sequential precedence relationship, they are to P
iinfluence power have more obvious strong or weak relation, i.e. T
1to P
imaximum and the T of influence power
nminimum to P influence power.Due to can Y be determined
j(j=1,2 ... n) relativeness between any two, and all parameter fittings can be become a quantizating index by the relativeness between two between parameter by analytic hierarchy process (AHP) (AnalyticHierarchyProcess, AHP), therefore the present invention selects AHP to determine weight α
jand P, be calculated as follows:
In above algorithm, first pass through T
ijtime sequence information initialization judgment matrix A, its initialization procedure is as follows:
Wherein, b
ijrepresent T
iwith T
jrelativeness, its mathe-matical map is as follows:
and
Characteristic vector W and the characteristic root ω of judgment matrix A is calculated afterwards by matrix operation
1, ω
2..., ω
k, then verify whether constructed judgment matrix A has the contradiction of importance index between parameter further by characteristic root, if contradictory, need again to judge the relation between two between parameter, if there is no contradiction, this characteristic root calculated can be applied and try to achieve weight α
j, finally obtain Q.
2.3) the final matching of parameter
After standard parameter and historical parametric process two steps, obtain the data of parameters for final matching, at the final fit procedure of parameter, all parameter fittings are become node importance index by following formula by the present invention:
Wherein, s
irepresentation node v
iimportance index, CN
irepresentation node v
itraffic parameter, TP
irepresentation node v
inetwork topology parameters, VD
irepresentation node v
inode liveness parameter, TS
irepresentation node v
iweb service parameter, λ representation node v
ithe weight of each parameter.
In addition, because network topology parameters, node liveness parameter and web service parameter are tried to achieve by multinomial subparameter, its computing formula is as follows:
Wherein, λ
21, λ
22and λ
23represent the centrifugal centrality parameter in network topology parameters, weight close to centrality parameter and degree centrality parameter respectively, λ
31, λ
32and λ
33represent that the packet in forward node liveness parameter forwards the weight of frequency, node request frequency and stream table Modification Frequency respectively, λ
ikbe then each web service parameter S
ikcorresponding weight;
Due to different by the parameter meaning of matching, the relation between two between parameter therefore subjectively cannot be judged.And PCA (PrincipalComponentsAnalysis, PCA) is when judging each parameter relativeness, determine its weight according to the dispersion degree of each parameter.Therefore the present invention weight λ of selecting PCA to determine in each fitting formula
jwith final fitting result, its algorithm is as follows:
In above algorithm, by the matrix operation to the whole network information matrix A, the eigenmatrix obtaining matrix A leads to W, then passes through the data of each element in eigenmatrix W, draws the weight λ of parameters
j, then by obtaining fitting result P to the weighted sum of parameters
i, finally obtain the matrix P recording the whole network node fitting result.To calculate TP
ifor example, first set up the whole network information matrix A (m × 3), matrix comprises the ECC of the whole network node
i, CC
iand DC
iinformation, draws the weight λ of parameters by the dispersion degree of each column data
1, λ
2and λ
3, the TP of node is obtained by weighted fitting
iinformation.
Obtain P=[P
1, P
2..., P
m]
tafter, show that the method for important node can be determined on a case-by-case basis, as determine by threshold value or after carrying out descending before several nodes be important node.
Below will be further described performance of the present invention by emulation experiment.
In emulation experiment, being to a concrete network service---important node information gathering work is carried out in the monitoring of TCP flood attack, and by the validity of the present invention of the Simulation experiments validate in different scales network, its process is as follows.
Experimental situation
This experiment tests the validity of this programme by simulation software, and its environment is as follows: the network of experiment main frame (3.20GHzCPU, 2G internal memory) being simulated three kinds of scales by mininet2.0.0 and Pox.The network of these three kinds of scales have respectively 100,200 and 300 Switch nodes and with Switch interstitial content same host, wherein Switch node is directly connected with a main frame, and the network between Switch is determined by the connected graph of program stochastic generation.This experiment produces network context flow and simulation TCP flood attack by Scapy on this basis.The experimental arrangement work period of writing based on the present invention is 1min, and the trace routine choosing the TCP flood attack of increasing income of automatic network is as concrete network server, and using the number of times of attack that successfully detects as information of network service.
Analysis of experimental data
(1) TCP flood attack program network oversampling ratio is to the relation of the Controller work speed of response
In SDN framework, the speed of the Controller work speed of response directly affects the ruuning situation of network, and the information best embodying the Controller work speed of response is exactly the speed of response of Controller to network new life communication, and the response delay that the speed of response of network new life communication is wrapped by ping first in network is weighed.In addition due to the specific works situation of display controller that cannot be actual at mininet simulated program, as: CPU Expenditure Levels, memory usage situation etc., therefore in emulation experiment, the impact that this experiment selects the first ping latency of network to produce to weigh oversampling ratio the Controller work speed of response, its concrete data as shown in Figure 3.
For Fig. 3, in the network of three kinds of scales, along with attack detecting program samples ratio increases, the first ping latency of network also increases gradually, and the increase of these data represents the reduction of the Controller work speed of response.The extensive sample activity of visible Attack monitoring program can affect the speed of response of Controller to work.If when little to attack trace routine quality of service impacts, reduce the oversampling ratio of attack detecting program, its impact on Controller operating rate can be reduced preferably.And when Attack monitoring program samples ratio reaches 100%, first ping latency in 300 meshed networks is more than 300ms, and the time delay of daily accesses network for domestic large-scale website (Baidu, Sina, Netease) at about 20ms, the visible impact that it causes the Controller work speed of response is quite obvious, therefore, very large necessity being optimized it is had.
(2) Attack monitoring program samples ratio is on the impact of its service effectiveness
Due in this experiment, what network service was chosen is TCP flood attack trace routine, and therefore the relation of Web Service Deployment ratio and its service effectiveness can be mapped as the relation of network samples ratio and attack detecting success rate and average attack detecting time delay.And in this experiment, in order to prove the validity of this programme, have employed the contrast choosing result and random selecting result with this programme, its effect as shown in Figure 4:
For Fig. 4, along with the increase of attack detecting program oversampling ratio in a network, it also improves for it to the response efficiency attacked.And this programme is compared to random fashion, have this to act on more significantly to raising attack-response efficiency, and after certain oversampling ratio (40%-50%), the oversampling ratio growth in this programme bring response efficiency increase rate significantly to reduce.This shows, the ratio of sampling should choose again more than 40%.In addition, as shown in Figure 5, wherein attack detecting success rate is obtained the testing result of simulate in network 2000 TCP flood attacks by Attack monitoring program the relation of the success rate of network samples ratio and attack detecting.
For Fig. 5, network node oversampling ratio is (40%-100%) when certain limit changes, and has good attack detecting success rate.The impact that the change of oversampling ratio in this interval successfully detects attack to attack trace routine is little.Therefore, by the selection of this programme to important node in network, carry out mapping out the work of optimized network service, to reduce the impact of network service on the Controller work speed of response.
(3) this programme network node chooses the contrast of result and random fashion
This experiment, by the mean value of twice sensor selection problem result similarity, weighs the stability of this programme sensor selection problem, and namely the present invention selects the degree of stability of network-critical node.As shown in Figure 6, the mean value wherein selecting similarity-rough set 1000 to take turns the ratio of epicycle selection result and last selection result same node point in sensor selection problem obtains its result.
For Fig. 6, under three kinds of network sizes, selection similarity of the present invention, all the time higher than stochastical sampling mode, illustrate that the present invention has higher stability compared to stochastical sampling, and this stability illustrates that the present invention selects the degree of stability of important node.Under three kinds of network sizes, the similarity that the present invention produces node selection result is basically identical, illustrates that the change of network size does not have a significant effect to stability of the present invention.And there is a peak value when sensor selection problem ratio about 40% in the present invention, the important node that there is node total number order about 40% is described in network, and the present invention can well be chosen.When selection percentage is more than 40%, the present invention selects the situation of change of similarity curve mainly by the impact that oversampling ratio increases.It declines after selection percentage is more than 40% is because along with the growth choosing ratio, and lower and significance level changes greatly each other node of some importance index is added into the ranks of selected node.And the present invention selects similarity curve to be directly produce because selection percentage improves in the growth in later stage.
The present invention, to the analysis and summary of SDN scene and historic survey achievement, utilizes the Centralized Controller Controller of SDN framework, realizes the Assessment of Important to the whole network node, and choose the information gathering work that important node carries out network service based on this.Demonstrate this by experiment to choose result and effectively can reduce network service large scale deployment and to work the impact of the speed of response on Controller, the network service carrying out important node information gathering can be made again to have higher service quality.
For a person skilled in the art, according to above technical scheme and design, various corresponding change and distortion can be made, and all these change and distortion all should be included within the protection range of the claims in the present invention.
Claims (9)
1. an important node information collecting method in SDN environment, comprises controller and forward node, it is characterized in that, described method comprises the steps:
S1 controller is by carrying out information to Forwarding plane and network server, and obtain the parameter information for evaluating each forward node significance level, described parameter comprises the traffic, network topology, forward node active degree and information of network service;
The parameter information that each forward node that S2 obtains according to step S1 is corresponding forms many tuple data of each forward node, carries out quantitative analysis, draw the importance index of each forward node in network to many tuple data of each forward node.
2. important node information collecting method in a kind of SDN environment according to claim 1, is characterized in that, in described step S1, the traffic is the data volume that in the unit time, forward node sends, and is obtained by following formula:
CN
i=cn
i(t)-cn
i(t-1),i=1,2,…,m;
Wherein, CN
irepresent forward node v
itraffic parameter, cn
it () represents v
inode t cumulative data transfer amount, cn
i(t-1) be v
inode t-1 moment cumulative data transfer amount, m represents the interstitial content in network.
3. important node information collecting method in a kind of SDN environment according to claim 1, is characterized in that, in step S1, described network topology is without having no right connected graph mutually, being designated as G=(V, E), wherein V={v
1, v
2..., v
mbe the node set of G, E={e
1, e
2..., e
nfor gathering on the limit of G, m and n is nodes and the limit number of G respectively, and m that is to say the forward node number in network; In addition, the adjacency matrix of G is designated as A
m × m=[a
ij], only as node v
iwith v
jbetween have connect limit time a
ij=1, otherwise a
ij=0;
Described network topology parameters specifically comprises following subparameter:
2.1) centrifugal centrality parameter:
The i.e. ultimate range of other forward node in a forward node to network, is drawn by following formula:
ECC
i=max
j(d
ij),i,j=(1,2,…,m);
Wherein, ECC
irepresent forward node v
icentrifugal centrality parameter, d
ijrepresent forward node v
iwith v
ibetween the length of shortest path, m represents the interstitial content in network;
2.2) close to centrality parameter:
The i.e. average distance of other forward node in a forward node to network, is obtained by following formula:
Wherein, CC
irepresent node v
iclose to centrality parameter, d
ijrepresent node v
iwith v
jbetween the length of shortest path, m represents the interstitial content in network;
2.3) centrality parameter is spent:
I.e. neighbours' number of a forward node, is obtained by following formula:
DC
i=deg
i,i=(1,2,…,m);
Wherein, DC
irepresent node v
idegree centrality parameter, deg
irepresent node v
ineighbours' number, m represents the interstitial content in network.
4. important node information collecting method in a kind of SDN environment according to claim 1, is characterized in that, in step S1, forward node liveness parameter specifically comprises following subparameter:
3.1) packet forwards frequency:
Namely the quantity of packet that in the unit interval, forward node sends, is obtained by following formula:
Wherein, EF
irepresent node v
ipacket forward frequency, ef
it () represents forward node v
iat t cumulative data Packet forwarding number of times, ef
i(t-1) forward node v is represented
iat t-1 moment cumulative data Packet forwarding number of times, m represents the interstitial content in network, and Δ t represents the time difference between t and t-1 moment;
3.2) node request frequency:
Namely, in the unit interval, forward node sends the number of times of all kinds of request to controller, is obtained by following formula:
Wherein, QF
irepresent forward node v
inode request frequency, qf
it () represents forward node v
ithe number of times sent request is added up, qf in t
i(t-1) forward node v is represented
iadd up the number of times sent request in the t-1 moment, m represents the interstitial content in network, and Δ t is the time difference between t and t-1 moment;
3.3) stream table Modification Frequency:
In the representation unit time, the number of times of stream table is thereon disposed in forward node amendment under controller instruction, that is:
Wherein, CF
irepresent node v
istream table Modification Frequency, cf
it () represents v
inode t adds up the number of times of stream table amendment, cf
i(t-1) v is represented
ithe node t-1 moment adds up the number of times that stream table is revised, and m represents the interstitial content in network, and Δ t is the time difference between t and t-1 moment.
5. important node information collecting method in a kind of SDN environment according to claim 1, it is characterized in that, in step S1, described information of network service parameter comprises the parameter of multinomial network service, the urgent degree that the parameter of every network service specifically disposes this service according to forward node is chosen, and is expressed as follows:
TS
i={S
i1,S
i2,…,S
inoi},i=(1,2,…,m);
TS
irepresent v
ithe information of network service of node, wherein S
i1, S
i2..., S
inoievery web service parameter selected by expression, noi represents the sum of the web service parameter comprised in information of network service parameter.
6. important node information collecting method in a kind of SDN environment according to claim 1, it is characterized in that, step S2 is implemented as follows:
2.1) standard parameter;
2.2) historical parametric process;
2.3) the final matching of parameter, obtains the importance index of each forward node in network.
7. important node information collecting method in a kind of SDN environment according to claim 6, is characterized in that, step 2.1) in, standard parameter carries out according to the following formula:
Wherein a
ifor node v
ithe initial data of a certain parameter, x
ifor node v
ithis standard parameter after result, a
jfor node v
ithe initial data of this parameter.
8. important node information collecting method in a kind of SDN environment according to claim 6, is characterized in that, step 2.2) be implemented as follows:
2.2.1) first single treatment is carried out by weighted sum to it to the historical data of every parameter, that is:
Wherein, Q represents certain forward node treated historical parametric, T
jrepresent jth-1 historical data of this forward node historical parametric, α
jrepresent corresponding T
jweight, K represents the number of the information for matching, namely for the historical data of matching and total number of current data;
2.2.2) Weight of Coefficient through Analytic Hierarchy Process α is adopted
jand Q, specific as follows:
2.2.2.1) according to time sequence information T={T
1, T
2... T
j..., T
kjudgement Matricies A:
Wherein, b
ijrepresent T
iwith T
jrelativeness, its mathe-matical map is as follows:
and
2.2.2.2) by each row normalization of judgment matrix A:
2.2.2.3) by the matrix by rows summation after normalization:
2.2.2.4) to vector
be normalized:
Then characteristic vector W=[ω
1, ω
2..., ω
k]
t;
2.2.2.5) try to achieve feature root:
calculate coincident indicator CI=(t
max-K)/K-1, contrast Aver-age Random Consistency Index carries out consistency check, if do not passed through, adjusts b
ijmathe-matical map rebuild judgment matrix A, and jump to step 2.2.2.1), wherein, (AW)
ii-th component of the product of representing matrix A and characteristic vector W;
2.2.2.6) to weight vector normalization:
Obtain final weights: α=[α
1, α
2..., α
k]
t;
2.2.2.7) Q is obtained by weighted sum:
9. important node information collecting method in a kind of SDN environment according to claim 6, is characterized in that, step 2.3) be implemented as follows:
2.3.1) by following formula, all parameter fittings are become node importance index:
Wherein, s
irepresentation node v
iimportance index, CN
iand CN
jrepresentation node v respectively
iand v
jtraffic parameter, TP
iand TP
jrepresentation node v respectively
iand v
jnetwork topology parameters, VD
iand VD
jrepresentation node v respectively
iand v
jnode liveness parameter, TS
iand TS
jrepresentation node v respectively
iand v
jinformation of network service parameter, λ
1, λ
2, λ
3, λ
4representation node v respectively
itraffic parameter, network topology parameters, node liveness parameter and information of network service parameter weight;
Being calculated as follows of described network topology parameters, node liveness parameter and web service parameter:
Wherein, λ
21, λ
22and λ
23represent the centrifugal centrality parameter in network topology parameters, weight close to centrality parameter and degree centrality parameter respectively, λ
31, λ
32and λ
33represent that the packet in forward node liveness parameter forwards the weight of frequency, node request frequency and stream table Modification Frequency respectively, λ
ikbe then each web service parameter S
ikcorresponding weight;
2.3.2) employing PCA determines the weight λ in each matching formula
jwith final fitting result, specific as follows:
2.3.2.1) initialization input variable, and generate the parameter matrix A (m × n) recording all node input parameters, wherein, described initializing variable is number of parameters n, the whole network interstitial content m and forward node v
iparameters v
i={ p
i1, p
i2..., p
in;
2.3.2.2) by each row normalization of parameter matrix A:
B
ijfor the element of parameter matrix A;
2.3.2.3) by the matrix by rows summation after normalization:
2.3.2.4) to vector
be normalized:
And calculated characteristics is vectorial, be denoted as W=[ω
1, ω
2..., ω
n]
t
2.3.2.5) try to achieve parameters weight:
2.3.2.6) try to achieve node parameter fitting result:
2.3.2.7) the whole network fit metric is tried to achieve: P=[P
1, P
2..., P
m]
t.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510581282.3A CN105245362B (en) | 2015-09-14 | 2015-09-14 | Important node information collecting method in a kind of SDN environment |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510581282.3A CN105245362B (en) | 2015-09-14 | 2015-09-14 | Important node information collecting method in a kind of SDN environment |
Publications (2)
Publication Number | Publication Date |
---|---|
CN105245362A true CN105245362A (en) | 2016-01-13 |
CN105245362B CN105245362B (en) | 2018-07-03 |
Family
ID=55042873
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510581282.3A Active CN105245362B (en) | 2015-09-14 | 2015-09-14 | Important node information collecting method in a kind of SDN environment |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN105245362B (en) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106529562A (en) * | 2016-09-09 | 2017-03-22 | 浙江工业大学 | OSS (Open Source software) project developer prediction method based on Email networks |
CN110213279A (en) * | 2019-06-10 | 2019-09-06 | 安徽理工大学 | Dynamic network based on secret protection is averagely known together algorithm |
CN110768906A (en) * | 2019-11-05 | 2020-02-07 | 重庆邮电大学 | SDN-oriented energy-saving routing method based on Q learning |
CN112087488A (en) * | 2020-08-03 | 2020-12-15 | 济南浪潮高新科技投资发展有限公司 | Method, device, equipment and medium for determining important cloud robot nodes |
CN112367692A (en) * | 2020-10-29 | 2021-02-12 | 西北工业大学 | Air-ground integrated vehicle networking relay selection method based on link service quality |
CN112910720A (en) * | 2021-05-06 | 2021-06-04 | 成都云智天下科技股份有限公司 | Intelligent network scheduling method and system based on user experience quantitative index |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101853261A (en) * | 2009-11-23 | 2010-10-06 | 电子科技大学 | Network public-opinion behavior analysis method based on social network |
US20130054783A1 (en) * | 2011-08-27 | 2013-02-28 | At&T Intellectual Property I, L.P. | Passive and comprehensive hierarchical anomaly detection system and method |
CN103944748A (en) * | 2014-02-17 | 2014-07-23 | 北京航空航天大学 | Network-key-node self-similar-traffic generation simplification method based on genetic algorithm |
US20140223562A1 (en) * | 2008-09-26 | 2014-08-07 | Oracle International Corporation | System and Method for Distributed Denial of Service Identification and Prevention |
CN104394202A (en) * | 2014-11-13 | 2015-03-04 | 西安交通大学 | A node vitality quantifying method in a mobile social network |
-
2015
- 2015-09-14 CN CN201510581282.3A patent/CN105245362B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20140223562A1 (en) * | 2008-09-26 | 2014-08-07 | Oracle International Corporation | System and Method for Distributed Denial of Service Identification and Prevention |
CN101853261A (en) * | 2009-11-23 | 2010-10-06 | 电子科技大学 | Network public-opinion behavior analysis method based on social network |
US20130054783A1 (en) * | 2011-08-27 | 2013-02-28 | At&T Intellectual Property I, L.P. | Passive and comprehensive hierarchical anomaly detection system and method |
CN103944748A (en) * | 2014-02-17 | 2014-07-23 | 北京航空航天大学 | Network-key-node self-similar-traffic generation simplification method based on genetic algorithm |
CN104394202A (en) * | 2014-11-13 | 2015-03-04 | 西安交通大学 | A node vitality quantifying method in a mobile social network |
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106529562A (en) * | 2016-09-09 | 2017-03-22 | 浙江工业大学 | OSS (Open Source software) project developer prediction method based on Email networks |
CN110213279A (en) * | 2019-06-10 | 2019-09-06 | 安徽理工大学 | Dynamic network based on secret protection is averagely known together algorithm |
CN110213279B (en) * | 2019-06-10 | 2021-11-30 | 安徽理工大学 | Privacy protection-based dynamic network average consensus method |
CN110768906A (en) * | 2019-11-05 | 2020-02-07 | 重庆邮电大学 | SDN-oriented energy-saving routing method based on Q learning |
CN112087488A (en) * | 2020-08-03 | 2020-12-15 | 济南浪潮高新科技投资发展有限公司 | Method, device, equipment and medium for determining important cloud robot nodes |
CN112087488B (en) * | 2020-08-03 | 2023-08-25 | 山东浪潮科学研究院有限公司 | Method, device, equipment and medium for determining important cloud robot nodes |
CN112367692A (en) * | 2020-10-29 | 2021-02-12 | 西北工业大学 | Air-ground integrated vehicle networking relay selection method based on link service quality |
CN112910720A (en) * | 2021-05-06 | 2021-06-04 | 成都云智天下科技股份有限公司 | Intelligent network scheduling method and system based on user experience quantitative index |
Also Published As
Publication number | Publication date |
---|---|
CN105245362B (en) | 2018-07-03 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN105245362A (en) | SDN (Software Defined Network) environment important node information acquisition method | |
Liu et al. | A comparative study of network robustness measures | |
CN107682195B (en) | Communication network robustness evaluation method based on combination of complex network and big data | |
Karami et al. | An anfis-based cache replacement method for mitigating cache pollution attacks in named data networking | |
CN108040062B (en) | Network security situation assessment method based on evidence reasoning rule | |
CN107483487B (en) | TOPSIS-based multi-dimensional network security measurement method | |
Soe et al. | Rule generation for signature based detection systems of cyber attacks in iot environments | |
CN101572623A (en) | Method for comprehensively evaluating network performance based on subjective and objective combination evaluation | |
CN109218304B (en) | Network risk blocking method based on attack graph and co-evolution | |
CN107276793B (en) | Node importance measurement method based on probability jump random walk | |
CN102075352A (en) | Method and device for predicting network user behavior | |
CN108900513B (en) | DDOS effect evaluation method based on BP neural network | |
CN101783752A (en) | Network security quantitative estimation method based on network topology characteristic | |
CN113422695A (en) | Optimization method for improving robustness of topological structure of Internet of things | |
Chwalinski et al. | Detection of application layer DDoS attacks with clustering and Bayes factors | |
CN108965287B (en) | Virus propagation control method based on limited temporary edge deletion | |
CN103944748B (en) | Network-key-node self-similar-traffic generation simplification method based on genetic algorithm | |
Zhang et al. | K-coverage: A monitor node selection algorithm for diffusion source localizations | |
CN101986608A (en) | Method for evaluating heterogeneous overlay network load balance degree | |
CN103825963A (en) | Virtual service transition method | |
CN113162793A (en) | Environment-aware node importance measurement method for network measurement | |
CN115643108B (en) | Safety assessment method, system and product for industrial Internet edge computing platform | |
Batsakis et al. | Practical passive lossy link inference | |
CN106603294A (en) | Comprehensive vulnerability assessment method based on power communication network structure and state | |
Lei et al. | Optimizing traffic classification using hybrid feature selection |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |