CN105245362B - Important node information collecting method in a kind of SDN environment - Google Patents

Important node information collecting method in a kind of SDN environment Download PDF

Info

Publication number
CN105245362B
CN105245362B CN201510581282.3A CN201510581282A CN105245362B CN 105245362 B CN105245362 B CN 105245362B CN 201510581282 A CN201510581282 A CN 201510581282A CN 105245362 B CN105245362 B CN 105245362B
Authority
CN
China
Prior art keywords
node
parameter
network
represent
forward node
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201510581282.3A
Other languages
Chinese (zh)
Other versions
CN105245362A (en
Inventor
李兴华
郭佳
杨卫东
刘海
刘宏月
邓淼磊
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xidian University
Henan University of Technology
Original Assignee
Xidian University
Henan University of Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xidian University, Henan University of Technology filed Critical Xidian University
Priority to CN201510581282.3A priority Critical patent/CN105245362B/en
Publication of CN105245362A publication Critical patent/CN105245362A/en
Application granted granted Critical
Publication of CN105245362B publication Critical patent/CN105245362B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses important node information collecting method in a kind of SDN environment, for choosing important node in network, so as to carry out the monitoring of the emphasis of network service and dispose with an emphasis.The relevant information of Forwarding plane and network server is collected first, quantitative analysis then is carried out to the significance level of forward node, and then the information collection for having emphasis is carried out to network service.Wherein, selected parameter includes four parts:1) traffic;2) network topology;3) forward node liveness;4) information of network service, wherein information of network service refer to the related index of urgent degree that the service is disposed for evaluation forward node, can be chosen in its index provided according to specific network service.The present invention optimizes the information collection work of network service, while information of network service acquisition node quantity is reduced, obtains preferable service effectiveness.

Description

Important node information collecting method in a kind of SDN environment
Technical field
The present invention relates to network information processing fields, and in particular to important node information collecting method in a kind of SDN environment.
Background technology
Software defined network (Sof tware Defined Networks, SDN) is by the data forwarding in traditional network A kind of new network architecture that level is decoupled with management layer and proposed.Since SDN for network management and developer provides system The northbound interface of one programming can easily carry out network management and provide all kinds of new network services, which has obtained It is widely applied.Such as, Google applies SDN frames to improve device resource utilization rate in its backbone network;Amazon AWS leads to It crosses SDN frameworks and extensive elastic calculation cloud service is provided.
In SDN frameworks, controller Controller is not only that lower floor forward node Switch is provided as core component Data forwarding flow table also provides disparate networks basic information for upper level applications App.Therefore, how Controller is reduced Work load, improve its working efficiency, be the key that ensure the operation of SDN efficient stables.Although in the research work of existing SDN In work, the existing correlative study for reducing Controller work loads, but they are all only for a certain specific works of Controller It optimizes, there is certain limitation.Especially in large-scale network environment, when service request quantity all kinds of in SDN When increasing, these researchs can not effectively reduce the work load of Controller.This will lead to the increase of network delay, drop Its low service quality or even there is the situation of periods of network disruption.
In traditional network, the information collection work of network service is reduced, the main method for reducing network delay is to be directed to Node in network carries out importance assessment.By way of only carrying out information collection to important node, net can be greatly promoted Network performance.Traditional network node importance appraisal procedure can be roughly divided into following a few classes:(1) sequence based on node neighbour; (2) sequence based on path;(3) sequence of feature based vector;(4) sequence for removing and shrinking based on node.It is however, above-mentioned 4 quasi-tradition network node importance ranking methods are not particularly suited for SDN environment, the main reason is that:
(1) basic thought of the sort method based on node neighbour and based on path is by analysis node surrounding neighbours section The interstitial content that communication path is included between the number of point or certain two node, to determine the importance of the node.But In SDN, forwarding flow table is formulated by Controller according to whole net state and routing policy.Therefore, in SDN frameworks, only in accordance with The topology information of Forwarding plane is not sufficient to accurately evaluate the importance of forward node.
(2) sort method of feature based vector needs constantly to spread, and pass through in network-wide basis by parameter information Final result can be just obtained after one section of convergence time.But in SDN, especially in large-scale SDN, due to Controller has the whole network information, causes it that can constantly reformulate forwarding flow table.Therefore, such as according to feature based phase Adjacent sort method assesses the importance of forward node in SDN, and the algorithm will be caused to be constantly in converged state, can not It obtains effectively as a result, or even there is the situation that the algorithm enters endless loop.
(3) it is after being removed by assessing network node based on the basic thought of sort method that node removes and shrinks To the destructiveness of whole net, so that it is determined that the importance of the node.But in SDN, when there is " paralysis " in certain forward node, Controller can reformulate rapidly new forwarding flow table, it is ensured that whole Network Communication it is unimpeded.Therefore, in SDN, only work as shifting During except certain special forward node, can just have larger destructiveness to whole net.So sequence for being removed and being shunk based on node Method is also not particularly suited for SDN.
Traditional network services information collection optimization algorithm carries out network service generally using node importance index as foundation Emphasis is acquired to reach the optimization to its efficiency of service, and the importance index can be applied to other network management activities, such as Network structure safety analysis and network route management etc..Its main results is as follows:Chen et al. proposes a kind of passing Node importance sort algorithm based on half local message in system network.Kitsak et al. proposes a kind of true with K- shell decomposition methods Determine the algorithm of node importance in network.K- shell decomposition methods are combined by Hu et al. with community structure, propose a kind of improvement index, And the experiment on SIR models shows that this method is slightly good compared with the algorithm of Kitsak et al..Martin et al. is to eigenvector centrality Property algorithm is improved, and is proposed in the score value of calculate node, the score value of neighbours does not consider further that the influence of the node.Garas Et al. propose a kind of algorithm for representing weighted networks interior joint importance jointly with neighbours' quantity of node and the side right of node. Chen et al. proposes a kind of half local algorithm for directed networks, which not only allows for the quantity of neighbor node, also Consider the influence that cluster coefficients propagate information.Due to the distributed nature of traditional network architecture and shortage uniform hardware programming The property of interface so that traditional network services disposition optimization algorithm is usually there are convergence time, it is difficult to which reflection node exists in real time Importance in network, and the limitation of the network equipment is limited by parameter selection, it is difficult to comprehensively weigh the important of node Property.However problem above, the characteristic of SDN frameworks can be utilized to well solve in SDN environment.
The research of current SDN frameworks is still in the elementary step, and research direction is concentrated mainly on the advantage using SDN frameworks Solve the problems, such as it is already present under the scene based on extensive dynamic network, for Controller optimizations in SDN frames The research of problem is still in the starting stage.Existing main results are as follows:Perez et al. proposes a kind of attribute according to demand will The processing data packets work of Controller is optimized in the algorithm of data packet Fast Classification.Thorat et al. is proposed The self-regeneration work of Controller is optimized in a kind of quick self-regeneration algorithm of SDN frameworks.Malboubi etc. People proposes a kind of optimization algorithm for fine granularity flow monitoring, and Controller is produced when alleviating fine granularity flow monitoring Raw work load.The existing research about Controller optimization problems is unfolded both for particular problem so that grinds The autgmentability for studying carefully achievement is extremely limited, lacks with the algorithm research compared with high scalability.
Invention content
In view of the deficiencies of the prior art, the present invention is intended to provide important node information collecting method in a kind of SDN environment, It reduces Controller to postpone all kinds of service request responses, while improving network stabilization, further improve single The network size that Controller can be managed so as to reduce the deployment number of Controller in network, reduces The collaborative work amount of Controller.
To achieve these goals, the present invention adopts the following technical scheme that:
Important node information collecting method in a kind of SDN environment includes controller Controller and forward node, institute The method of stating includes the following steps:
S1 controllers obtain evaluating each forwarding by collecting Forwarding plane and network server into row information The parameter information of node significance level, the parameter include the traffic, network topology, forward node active degree and network service Information;
S2 is polynary according to each forward node of the obtained each corresponding parameter information compositions of forward node of step S1 Group data carry out quantitative analysis to the multi-component system data of each forward node, show that the importance of each forward node in network refers to Mark.
It should be noted that in the step S1, data volume of the traffic for forward node transmission in the unit time passes through Following formula obtains:
CNi=cni(t)-cni(t-1), i=1,2 ..., m;
Wherein, CNiRepresent forward node viTraffic parameter, cni(t) v is representediNode t moment cumulative data forwards Amount, cni(t-1) it is viNode t-1 moment cumulative data transfer amounts, m represent the interstitial content in network.
It should be noted that in the step S1, the network topology is without connected graph is mutually had no right, and is denoted as G=(V, E), Wherein V={ v1, v2..., vmBe G node set, E={ e1, e2..., enBe G line set, m and n are the node of G respectively Number and number of edges, m that is to say the forward node number in network;In addition, the adjacency matrix of G is denoted as Am×m=[aij], only as node vi With vjBetween have even side when aij=1, otherwise aij=0;
The network topology parameters specifically include following subparameter:
2.1) centrality parameter is centrifuged:
That is the maximum distance of other forward node, is obtained by following formula in a forward node to network:
ECCi=maxj(dij), i, j=(1,2 ..., m);
Wherein, ECCiRepresent forward node viCentrifugation centrality parameter, dijRepresent forward node viWith vjBetween shortest path The length of diameter, m represent the interstitial content in network;
2.2) close to centrality parameter:
That is the average distance of other forward node, is obtained by following formula in a forward node to network:
Wherein, CCiRepresent node viClose to centrality parameter, dijRepresent node viWith vjBetween shortest path length, M represents the interstitial content in network;
2.3) centrality parameter is spent:
That is neighbours' number of a forward node, is obtained by following formula:
DCi=degi, i=(1,2 ..., m)
Wherein, DCiRepresent node viDegree centrality parameter, degiRepresent node viNeighbours' number, m represented in network Interstitial content.
It should be noted that in the step S1, forward node liveness parameter specifically includes following subparameter:
3.1) data packet forwarding frequency:
The quantity for the data packet that forward node is sent, is obtained by following formula i.e. in the unit interval:
Wherein, EFiRepresent node viData packet forwarding frequency, efi(t) forward node v is representediIn t moment cumulative data Packet hop count, efi(t-1) forward node v is representediIn t-1 moment cumulative data packet hop counts, m represents the node in network Number, Δ t represent t moment and the time difference between the t-1 moment;
3.2) node request frequency:
I.e. in the unit interval, forward node sends out the number of all kinds of requests to controller, is obtained by following formula:
Wherein, QFiRepresent forward node viNode request frequency, qfi(t) forward node v is representediAdd up to send out in t moment Send the number of request, qfi(t-1) forward node v is representediAdd up to send the number asked at the t-1 moment, m represents the section in network It counts out, time differences of the Δ t between t moment and t-1 moment;
3.3) flow table modification frequency:
It represents in the unit interval, the number of the forward node flow table of modification deployment thereon under controller instruction, i.e.,:
Wherein, CFiRepresent node viFlow table modification frequency, cfi(t) v is representediNode t moment adds up time of flow table modification Number, cfi(t-1) v is representediThe node t-1 moment adds up the number of flow table modification, and m represents the interstitial content in network, when Δ t is t Carve the time difference between the t-1 moment.
It should be noted that in step S1, the information of network service parameter includes the parameter of multinomial network service, each The urgent degree that the parameter of network service disposes the service with specific reference to forward node is chosen, and represents as follows:
TSi={ Si1, Si2..., Sinoi, i=(1,2 ..., m);
TSiRepresent viThe information of network service of node, wherein Si1, Si2..., SinoiRepresent selected every network service Parameter, noi represent the sum of web service parameter included in information of network service parameter.
It should be noted that step S2 is implemented as follows:
2.1) standard parameter;
2.2) historical parametric is handled;
2.3) parameter is finally fitted, and obtains the importance index of each forward node in network.
It needs further exist for illustrating, in step 2.1), standard parameter carries out according to the following formula:
Wherein aiFor node viThe initial data of a certain parameter, xiFor node viThis standard parameter after as a result, aj For node vjThis parameter initial data.
Explanation is needed further exist for, step 2.2) is implemented as follows:
2.2.1 single treatment first) is carried out to it by weighted sum to the historical data of each parameter, i.e.,:
Wherein, Q represents one historical parametric for having already passed through processing of certain forward node, TjRepresent the forward node one - 1 historical data of jth of historical parametric, αjRepresent corresponding TjWeight, K represent for fitting information number, that is, use In the historical data of fitting and the total number of current data;
2.2.2) using Weight of Coefficient through Analytic Hierarchy Process αjAnd P, it is specific as follows:
2.2.2.1) according to timing information T={ T1, T2... Tj..., TKJudgement Matricies A:
Wherein, bijRepresent TiWith TjRelativeness, mathe-matical map are as follows:
2.2.2.2 it) will determine that each row normalization of matrix A:
2.2.2.5 feature root) is acquired:Calculate coincident indicator CI= (tmax- K)/K-1, control Aver-age Random Consistency Index carries out consistency check, if not adjusting b ifijMathe-matical map Judgment matrix A is rebuild, and jumps to step 2.2.2.1), wherein, (AW)iThe product of representing matrix A and characteristic vector W I-th of component;
It should be noted that step 2.2.2.1) in TiWith TjRelativeness bijIt empirically sets, if step Rapid 2.2.2.5) in consistency check do not pass through, then prove relativeness bijSetting it is unreasonable, so as to readjust bijNumber Mapping and again development of judgment matrix A are learned, until consistency check until.
Explanation is needed further exist for,
2.2.2.7) Q obtained by weighted sum:
Explanation is needed further exist for, step 2.3) is implemented as follows:
2.3.1) by the following formula by all parameter fittings into node importance index:
Wherein, siRepresent node viImportance index, CNiAnd CNjNode v is represented respectivelyiAnd vjTraffic parameter, TPiAnd TPjNode v is represented respectivelyiAnd vjNetwork topology parameters, VDiAnd VDjNode v is represented respectivelyiAnd vjNode liveness Parameter, TSiAnd TSjNode v is represented respectivelyiAnd vjInformation of network service parameter, λ1、λ2、λ3、λ4Node v is represented respectivelyiIt is logical Traffic parameter, network topology parameters, node liveness parameter and information of network service parameter weight;
The calculation formula of the network topology parameters, node liveness parameter and web service parameter is as follows:
Wherein, λ21、λ22And λ23Centrifugation centrality parameter in network topology parameters is represented respectively, close to centrality parameter With the weight of degree centrality parameter, λ31、λ32And λ33Respectively represent forward node liveness parameter in data packet forwarding frequency, The weight of node request frequency and flow table modification frequency, λikIt is then each web service parameter SikCorresponding weight;
2.3.2 the weight λ in each fitting formula) is determined using Principal Component AnalysisjIt is specific as follows with final fitting result:
2.3.2.1 input variable) is initialized, and generates the parameter matrix A (m × n) for recording all node input parameters, In, the initializing variable is number of parameters n, the whole network interstitial content m and forward node viParameters vi={ pi1, pi2..., pin};
2.3.2.7 the whole network fit metric) is acquired:P=[P1, P2..., Pm]T
The beneficial effects of the present invention are:
1st, the information collection of network service work is optimized, is reducing the same of information of network service acquisition node quantity When, obtain preferable service effectiveness;
2nd, with the reduction of information on services acquisition node quantity, Controller can obtain following benefit in the activity: 1) speeds of response of the Controller to all kinds of work is improved;2) the network rule that single Controller can be managed are improved indirectly Mould so as to reduce the deployment number of Controller in network, reduces collaborative work amount and the deployment of Controller The capital consumption of Controller.
Description of the drawings
Fig. 1 is the implementing procedure figure of the present invention;
Fig. 2 is the implementing procedure figure of quantitative analysis step in Fig. 1;
Fig. 3 is attack detecting program network oversampling ratio in emulation experiment to the shadow of the Controller work speeds of response It rings;
Fig. 4 is attack detecting program network oversampling ratio and the relationship of attack-response time delay;
Fig. 5 is attack detecting program network oversampling ratio and the relationship of attack detecting success rate;
Fig. 6 is relationship of the node selection percentage with selecting similarity.
Specific embodiment
Below with reference to attached drawing, the invention will be further described, it should be noted that the present embodiment is with this technology side Premised on case, detailed embodiment and specific operating process are given, but protection scope of the present invention is not limited to this reality Apply example.
As shown in Figure 1, important node information collecting method includes the following steps in a kind of SDN environment:
S1 is according to the property of SDN frames, and on the basis of scalability is ensured, selection can be with effecting reaction forward node weight The parameter for the property wanted.Wherein parameter includes four major class:1) traffic;2) network topology 3) forward node active degree;4) network takes Business information.Wherein, standard communication protocol Openflow of first three item data in SDN frames is provided interface and effectively anti- The purpose for reflecting forward node importance is chosen, and information of network service is chosen according to specific network service.
(1) traffic
The data volume that i.e. forwarding node is sent in the unit interval.Since the most basic work of forwarding node is exactly to complete The forwarding of data packet, therefore the parameter has the ability for weighing the forwarding node importance.
CNi=cni(t)-cni(t-1)
Wherein, CNiRepresent viThe traffic parameter of node, cni(t) v is representediNode t moment cumulative data transfer amount.
(2) network topology
Forward the physical connection situation of network.Since the physical connection situation of network largely determines network Ability, therefore, network topology situation can be used to weigh significance level of the forward node in network.In the present invention In, topological diagram is without mutually having no right connected graph, be denoted as G=(V, E), wherein V={ v1, v2..., vmBe G node set, E= {e1, e2..., enBe G line set, m and n are the number of nodes and number of edges of G respectively.The adjacency matrix of G is denoted as Am×m=[aij], aij=1 but and if only if node viWith vjBetween have even side, otherwise aij=0.
Due to the complexity of network topology situation, existing balancing method comprehensively can not weigh node by network topology Importance, therefore the present invention weighs it by following three kinds of parameters:
A) centrality is centrifuged:
The maximum distance of other nodes in node to network is investigated, i.e.,:
Wherein, ECCiRepresent viThe centrifugation centrality parameter of node, dijRepresent node viWith vjBetween shortest path length Degree, m represent the interstitial content in network.
B) close to centrality:
The average distance of other nodes in node to network is investigated, i.e.,:
Wherein, CCiRepresent node viClose to centrality parameter, dijRepresent node viWith vjBetween shortest path length, M represents the interstitial content in network.
C) centrality is spent:
Neighbours' number of node is investigated, i.e.,:
DCi=degi, i=(1,2 ..., m)
Wherein, DCiRepresent node viDegree centrality parameter, degiRepresent node viNeighbours' number, m represented in network Interstitial content.
(3) forward node liveness
I.e. the node participates in the degree of network activity.With reference to the concrete condition of SDN scenes, weighed with following three parameters The liveness of forwarding node:
A) data packet forwarding frequency:
In i.e. between unit, the quantity for the data packet that forward node is sent.It is a small amount of due to only being carried there are some in network The data packet of data, these data packets are usually used to the objective function for realizing various agreements, are of great significance, however to this Partial data packet forwarding work meaning can not be merely weighed by data volume.Therefore, the parameter is chosen to weigh this portion The meaning that the division of labor is made, i.e.,:
Wherein, EFiRepresent node viData packet forwarding frequency, efi(t) v is representediNode t moment cumulative data packet forwards Number, m represent the interstitial content in network.
B) node request frequency:
I.e. in the unit interval, forward node sends out the number of all kinds of requests to Controller.The parameter reflects forwarding Node, to the degree of dependence of Controller instructions, the node is shown in network activity from a side in network activity In liveness, i.e.,:
Wherein, QFiRepresent node viNode request frequency, qfi(t) v is representediNode t moment adds up to send time of request Number, m represent the interstitial content in network.
C) flow table modification frequency:
I.e. in the unit interval, the number of the forward node flow table of modification deployment thereon under Controller instructions. In SDN frames, the number that the flow table on a usual forward node is changed by Controller is more, it was demonstrated that the node takes part in More network activities.It further relates to when something goes wrong, the network activity of influence is more, therefore chooses the parameter on the node Weigh the liveness of node, i.e.,:
Wherein, CFiRepresent node viFlow table modification frequency, cfi(t) v is representediNode t moment adds up time of flow table modification Number, m represent the interstitial content in network.
(4) information of network service:
The selection of the parameter is specifically formulated, and number according to the specific network service to be optimized by network management personnel Measure it is unlimited, such as:To Network Intrusion Detection System, situation of every abnormal alarm etc. is may be configured as, uses TSi={ Si1, Si2..., SinRepresent viThe information of network service of node, wherein Si1, Si2..., SinRepresent selected every web service parameter.
S2 passes through to forward node viMulti-component system data quantitative analysis, show that the importance of each node in network refers to Mark, process is as shown in Fig. 2, include the following steps:
2.1) standard parameter;
2.2) historical parametric is handled;
2.3) parameter is finally fitted, and obtains the importance index of each forward node in network.
By the flow shown by Fig. 2, the Parameter analysis being collected into from Forwarding plane and network server is handled, is obtained Go out the quantized data of network node importance.
2.1) standard parameter
Due to otherness of the parameters in terms of numerical value performance, to make subsequent parameter processing work that can facilitate exhibition It opens, crude sampling parameter is first standardized by the present invention:
Wherein aiFor node viThe initial data of a certain parameter, xiFor the result after the standard parameter.Pass through the mark of parameter Quasi-ization processing so that the different parameter of script value range is mapped in the range of [0,1], is facilitated at the parameter of subsequent step Science and engineering is made.
2.2) historical parametric is handled
Since network activity behavior is usually expressed as the duration variation of network parameter in a period of time, the parameter Data can show the consecutive variations in sequential, therefore when evaluating the historic parameter of this kind of tool, be considered as its history Its historical data is also included in investigation range by continuity.And the traffic, forward node are active in the parameter selected by the present invention Degree and information of network service have apparent History Continuity, therefore using the historical data of this three classes parameter, are asked by weighting Single treatment is first carried out with to it, i.e.,:
Wherein, P represents one historical parametric for having already passed through processing of certain node, such as traffic volume, data packet forwarding frequency Deng, and P will be inputted as the data of this parameter and be used in the final fitting part of parameter, TjRepresent one history of the node - 1 historical data of jth of parameter, αjRepresent corresponding TjWeight.
Due to TjWith sequential precedence relationship, they are to PiInfluence power have more apparent strong or weak relation, i.e. T1To PiInfluence power Maximum and TnTo P influence powers minimum.Due to that can determine YjThe relativeness of (j=1,2 ..., n) between any two, and step analysis Method (Analytic Hierarchy Process, AHP) can be by the relativeness two-by-two between parameter by all parameter fittings Into a quantizating index, therefore the present invention selects AHP to determine weight αjAnd P, it calculates as follows:
In algorithm above, pass through T firstijTiming information initialization judgment matrix A, initialization procedure is as follows:
Wherein, bijRepresent TiWith TjRelativeness, mathe-matical map are as follows:
The characteristic vector W and characteristic root ω of judgment matrix A is calculated by matrix operation later1, ω2..., ωK, then pass through Characteristic root further verifies whether constructed judgment matrix A has the contradiction of importance index between parameter, and weight is needed if contradictory Newly the relationship two-by-two between parameter judges, the Evaluating Eigenvalues of this calculating can be applied to obtain weight α if no contradictionj, most Q is obtained eventually.
2.3) parameter is finally fitted
After standard parameter and historical parametric handle two steps, obtain parameters and be used for the number being finally fitted According in the final fit procedure of parameter, the present invention is by the following formula by all parameter fittings into node importance index:
Wherein, siRepresent node viImportance index, CNiRepresent node viTraffic parameter, TPiRepresent node vi's Network topology parameters, VDiRepresent node viNode liveness parameter, TSiRepresent node viWeb service parameter, λ represent section Point viEach parameter weight.
Further, since network topology parameters, node liveness parameter and web service parameter are acquired by multinomial subparameter, Calculation formula is as follows:
Wherein, λ21、λ22And λ23Centrifugation centrality parameter in network topology parameters is represented respectively, close to centrality parameter With the weight of degree centrality parameter, λ31、λ32And λ33Respectively represent forward node liveness parameter in data packet forwarding frequency, The weight of node request frequency and flow table modification frequency, λikIt is then each web service parameter SikCorresponding weight;
Since the parameter meaning being fitted is different, the relationship two-by-two between parameter can not be subjectively judged.And it leads Componential analysis (Principal Components Analysis, PCA) is in the situation that can not judge each parameter relativeness Under, its weight is determined according to the dispersion degree of each parameter.Therefore the present invention selects PCA to determine the weight λ in each fitting formulaj With final fitting result, algorithm is as follows:
In algorithm above, by the matrix operation to the whole network information matrix A, the eigenmatrix for obtaining matrix A leads to W, then By the data of the middle each element of eigenmatrix W, the weight λ of parameters is obtainedj, then pass through the weighted sum to parameters Obtain fitting result Pi, finally obtain the matrix P for recording the whole network node fitting result.To calculate TPiFor, initially set up the whole network Information matrix A (m × 3), matrix include the ECC of the whole network nodei、CCiAnd DCiInformation is obtained by the dispersion degree of each column data The weight λ of parameters1、λ2And λ3, the TP of node is obtained by weighted fittingiInformation.
Obtain P=[P1, P2..., Pm]TAfterwards, the method for obtaining important node can be determined on a case-by-case basis, such as by door Several former nodes are important node after limit value determines or carry out descending arrangement.
The performance of the present invention will be further described by emulation experiment below.
It is to a specific network service in emulation experiment --- the monitoring of TCP flood attacks carries out important node information Collecting work verifies effectiveness of the invention by the emulation experiment in different scales network, and process is as follows.
Experimental situation
The validity of this programme is tested in this experiment by simulation software, and environment is as follows:Test host (3.20GHz CPU, 2G memory) on the networks of three kinds of scales is simulated by mininet2.0.0 and Pox.The network of these three scales possesses respectively 100th, 200 and 300 Switch nodes and with Switch interstitial content same hosts, wherein Switch nodes and a host be straight Connect connected, the network between Switch is determined by the connected graph that program generates at random.This experiment is generated by Scapy on this basis Network context flow and simulation TCP flood attacks.The experimental arrangement work period write based on the present invention is 1min, and select The detection program for TCP flood attacks of increasing income of automatic network is fetched as specific network server, and will successfully be detected Number of times of attack as information of network service.
Analysis of experimental data
(1) TCP flood attacks program network oversampling ratio is to the relationship of the Controller work speeds of response
In SDN frames, the speed of the Controller work speeds of response directly affects the operating condition of network, and most can The information for embodying the Controller work speeds of response is exactly the speed of response that Controller communicates to network new life, and net The speed of response of network new life communication can be weighed by the response delay of ping packets first in network.Additionally due to Mininet simulated programs can not be practical display controller specific works situation, such as:CPU Expenditure Levels, memory usage feelings Condition etc., therefore in emulation experiment, this experiment selects network head ping latencies to work to weigh oversampling ratio Controller The influence that the speed of response generates, specific data are as shown in Figure 3.
By taking Fig. 3 as an example, in the network of three kinds of scales, as attack detecting program samples ratio increases, network head ping Time delay also gradually increases, and the increase of this data represents the reduction of the Controller work speeds of response.It can be seen that Attack monitoring The extensive sample activity of program can influence the speeds of response of the Controller to work.As can to attack detecting procedure service In the case that quality influences less, reduce the oversampling ratio of attack detecting program, will preferably reduce it to Controller The influence of operating rate.And when Attack monitoring program samples ratio reaches 100%, during first ping in 300 meshed networks Prolong more than 300ms, and the time delay of daily access network is left in 20ms by taking domestic large-scale website (Baidu, Sina, Netease) as an example It is right, it is seen that influenced caused by its speed of response that works Controller it is quite apparent, therefore, have it is very big it is necessary to its into Row optimization.
(2) influence of the Attack monitoring program samples ratio to its service effectiveness
Since in this experiment, what network service was chosen is that TCP flood attacks detect program, therefore Web Service Deployment ratio The relationship of example and its service effectiveness can be mapped as network samples ratio and attack detecting success rate and the attack detecting time delay that is averaged Relationship.And it in this experiment, employs and result is chosen with this programme and randomly selects knot to prove the validity of this programme The comparison of fruit, effect are as shown in Figure 4:
By taking Fig. 4 as an example, with the increase of attack detecting program oversampling ratio in a network, to the response efficiency of attack It improves for it.And this programme is compared to random fashion, plays the role of that this is more significant, and certain to improving attack-response efficiency After oversampling ratio (40%-50%), the oversampling ratio growth in this programme brings response efficiency increase rate to be greatly reduced.By This ratio that can be seen that sampling should choose again more than 40%.In addition, the success rate of network samples ratio and attack detecting Relationship is as shown in figure 5, wherein attack detecting success rate attacks the 2000 TCP floodings simulated in network by Attack monitoring program The testing result hit obtains.
By taking Fig. 5 as an example, network node oversampling ratio has preferable attack when a certain range changes (40%-100%) Detect success rate.The influence that variation of the oversampling ratio in the section successfully detects attack detecting program attack is little.Therefore, may be used By selection of this programme to important node in network, to optimize mapping out the work for network service, to reduce network service pair The influence of the Controller work speeds of response.
(3) this programme network node chooses the comparison of result and random fashion
This experiment passes through the average value of two minor node selection result similarities, to weigh the stabilization of this programme node selection Property, i.e., the present invention selects the degree of stability of network-critical node.The results are shown in Figure 6 for it, wherein selecting similarity-rough set Epicycle selection result and the average value of the ratio of last selection result same node point obtain in 1000 wheel node selections.
By taking Fig. 6 as an example, under three kinds of network sizes, selection similarity of the invention is consistently higher than stochastical sampling mode, says The bright present invention has higher stability compared to stochastical sampling, and the stability illustrates that the present invention selects the stabilization of important node Degree.Under three kinds of network sizes, the similarity that the present invention generates node selection result is basically identical, illustrates the change of network size Change and the stability of the present invention is had not significant impact.And the present invention occurs a peak in node selection percentage 40% or so Value, illustrates there are the important node of node total number mesh 40% or so in network, and the present invention can be very good to be selected Come.When selection percentage is more than 40%, the situation of change of present invention selection similarity curve is mainly by the shadow of oversampling ratio growth It rings.It is more than that decline after 40% be because with the growth of the ratio of selection in selection percentage, some importance index are relatively low and phase The node that significance level changes greatly between mutually is added into the ranks of selected node.And present invention selection similarity curve is in the later stage Growth be the generation directly when selection percentage improves.
Analysis and summary of the present invention to SDN scenes and historic survey achievement, utilize the Centralized Controller of SDN frames Controller realizes the Assessment of Important to the whole network node, and chooses important node based on this and carry out network service Information collection works.By experimental verification, the selection result can effectively reduce network service large scale deployment pair The influence of the Controller work speeds of response, and the network service of carry out important node information collection can be made to have higher service Quality.
For those skilled in the art, it can be made various corresponding according to above technical solution and design Change and deform, and all these change and deformation should be construed as being included within the protection domain of the claims in the present invention.

Claims (5)

1. important node information collecting method in a kind of SDN environment, includes controller and forward node, which is characterized in that institute The method of stating includes the following steps:
S1 controllers obtain evaluating each forwarding section by collecting Forwarding plane and network server into row information The parameter information of point significance level, the parameter include the traffic, network topology, forward node active degree and network service letter Breath;
S2 forms the multi-component system number of each forward node according to the corresponding parameter information of the obtained each forward node of step S1 According to carrying out quantitative analysis to the multi-component system data of each forward node, obtain the importance index of each forward node in network;
Step S2 is implemented as follows:
2.1) standard parameter;
2.2) historical parametric is handled;
2.3) parameter is finally fitted, and obtains the importance index of each forward node in network;
In step 2.1), standard parameter carries out according to the following formula:
Wherein aiFor node viThe initial data of a certain parameter, xiFor node viThis standard parameter after as a result, ajFor section Point vjThis parameter initial data;
Step 2.2) is implemented as follows:
2.2.1 single treatment first) is carried out to it by weighted sum to the historical data of each parameter, i.e.,:
Wherein, Q represents one treated historical parametric of certain forward node, TjRepresent the historic ginseng of the forward node one Several -1 historical datas of jth, αjRepresent corresponding TjWeight, K represent for fitting information number, i.e., for fitting The total number of historical data and current data;
2.2.2) using Weight of Coefficient through Analytic Hierarchy Process αjAnd Q, it is specific as follows:
2.2.2.1) according to timing information T={ T1, T2... Tj..., TKJudgement Matricies A:
Wherein, bijRepresent TiWith TjRelativeness, mathe-matical map are as follows:
2.2.2.2 it) will determine that each row normalization of matrix A:
2.2.2.3) matrix by rows after normalization is summed:
2.2.2.4) to vectorIt is normalized: Then characteristic vector W=[ω1, ω2..., ωK]T
2.2.2.5 feature root) is acquired:Calculate coincident indicator CI=(tmax-K)/ K-1, control Aver-age Random Consistency Index carries out consistency check, if not adjusting b ifijMathe-matical map rebuild Judgment matrix A, and jump to step 2.2.2.1), wherein, (AW)iI-th point of the product of representing matrix A and characteristic vector W Amount;
2.2.2.6) weight vector is normalized:Obtain final weights:α =[α1, α2..., αK]T
2.2.2.7) Q obtained by weighted sum:
Step 2.3) is implemented as follows:
2.3.1) by the following formula by all parameter fittings into node importance index:
Wherein, siRepresent node viImportance index, CNiAnd CNiNode v is represented respectivelyiAnd vjTraffic parameter, TPiWith TPiNode v is represented respectivelyiAnd vjNetwork topology parameters, VDiAnd VDjNode v is represented respectivelyiAnd vjNode liveness parameter, TSiAnd TSjNode v is represented respectivelyiAnd vjInformation of network service parameter, λ1、λ2、λ3、λ4Node v is represented respectivelyiThe traffic ginseng Number, network topology parameters, node liveness parameter and information of network service parameter weight;
The calculating of the network topology parameters, node liveness parameter and web service parameter is as follows:
Wherein, λ21、λ22And λ23Centrifugation centrality parameter in network topology parameters is represented respectively, close to centrality parameter and degree The weight of centrality parameter, λ31、λ32And λ33Represent that the data packet in forward node liveness parameter forwards frequency, node respectively The weight of request frequency and flow table modification frequency, λikIt is then each web service parameter SikCorresponding weight;
2.3.2 the weight λ in each fitting formula) is determined using Principal Component AnalysisjIt is specific as follows with final fitting result:
2.3.2.1 input variable) is initialized, and generates the parameter matrix A (m × n) for recording all node input parameters, wherein, The initializing variable is number of parameters n, the whole network interstitial content m and forward node viParameters vi={ pi1, pi2..., pin};
2.3.2.2) by each row normalization of parameter matrix A: bijElement for parameter matrix A;
2.3.2.3) matrix by rows after normalization is summed:
2.3.2.4) to vectorIt is normalized: And feature vector is calculated, it is denoted as W=[ω1, ω2..., ωn]T
2.3.2.5 parameters weight) is acquired:
2.3.2.6 node parameter fitting result) is acquired:
2.3.2.7 the whole network fit metric) is acquired:P=[P1, P2..., Pm]T
2. important node information collecting method in a kind of SDN environment according to claim 1, which is characterized in that the step In rapid S1, data volume of the traffic for forward node transmission in the unit time is obtained by following formula:
CNi=cni(t)-cni(t-1), i=1,2 ..., m;
Wherein, CNiRepresent forward node viTraffic parameter, cni(t) v is representediNode t moment cumulative data transfer amount, cni (t-1) it is viNode t-1 moment cumulative data transfer amounts, m represent the interstitial content in network.
3. important node information collecting method in a kind of SDN environment according to claim 1, which is characterized in that step S1 In, the network topology is without connected graph is mutually had no right, and is denoted as G=(V, E), wherein V={ v1, v2..., vmBe G set of node It closes, E={ e1, e2..., enBe G line set, m and n are the number of nodes and number of edges of G respectively, and m that is to say the forwarding section in network It counts out;In addition, the adjacency matrix of G is denoted as Am×m=[aij], only as node viWith vjBetween have even side when aij=1, otherwise aij =0;
The network topology parameters specifically include following subparameter:
2.1) centrality parameter is centrifuged:
That is the maximum distance of other forward node, is obtained by following formula in a forward node to network:
ECCi=maxj(dij), i, j=(1,2 ..., m);
Wherein, ECCiRepresent forward node viCentrifugation centrality parameter, dijRepresent forward node viWith vjBetween shortest path Length, m represent the interstitial content in network;
2.2) close to centrality parameter:
That is the average distance of other forward node, is obtained by following formula in a forward node to network:
Wherein, CCiRepresent node viClose to centrality parameter, dijRepresent node viWith vjBetween shortest path length, m generations Interstitial content in table network;
2.3) centrality parameter is spent:
That is neighbours' number of a forward node, is obtained by following formula:
DCi=degi, i=(1,2 ..., m);
Wherein, DCiRepresent node viDegree centrality parameter, degiRepresent node viNeighbours' number, m represents the node in network Number.
4. important node information collecting method in a kind of SDN environment according to claim 1, which is characterized in that step S1 In, forward node liveness parameter specifically includes following subparameter:
3.1) data packet forwarding frequency:
The quantity for the data packet that forward node is sent, is obtained by following formula i.e. in the unit interval:
Wherein, EFiRepresent node viData packet forwarding frequency, efi(t) forward node v is representediTurn in t moment cumulative data packet Send out number, efi(t-1) forward node v is representediIn t-1 moment cumulative data packet hop counts, m represents the number of nodes in network Mesh, Δ t represent t moment and the time difference between the t-1 moment;
3.2) node request frequency:
I.e. in the unit interval, forward node sends out the number of all kinds of requests to controller, is obtained by following formula:
Wherein, QFiRepresent forward node viNode request frequency, qfi(t) forward node v is representediAdd up to send in t moment and ask The number asked, qfi(t-1) forward node v is representediAdd up to send the number asked at the t-1 moment, m represents the number of nodes in network Mesh, time differences of the Δ t between t moment and t-1 moment;
3.3) flow table modification frequency:
It represents in the unit interval, the number of the forward node flow table of modification deployment thereon under controller instruction, i.e.,:
Wherein, CFiRepresent node viFlow table modification frequency, cfi(t) v is representediNode t moment adds up the number of flow table modification, cfi(t-1) v is representediThe node t-1 moment adds up the number of flow table modification, and m represents the interstitial content in network, Δ t for t moment with Time difference between the t-1 moment.
5. important node information collecting method in a kind of SDN environment according to claim 1, which is characterized in that step S1 In, the information of network service parameter includes the parameter of multinomial network service, and the parameter of each network service is with specific reference to forwarding The urgent degree of the node deployment service is chosen, and represents as follows:
TSi={ Si1, Si2..., Sinoi, i=(1,2 ..., m);
TSiRepresent viThe information of network service of node, wherein Si1, Si2..., SinoiRepresent selected every web service parameter, Noi represents the sum of web service parameter included in information of network service parameter.
CN201510581282.3A 2015-09-14 2015-09-14 Important node information collecting method in a kind of SDN environment Active CN105245362B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510581282.3A CN105245362B (en) 2015-09-14 2015-09-14 Important node information collecting method in a kind of SDN environment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510581282.3A CN105245362B (en) 2015-09-14 2015-09-14 Important node information collecting method in a kind of SDN environment

Publications (2)

Publication Number Publication Date
CN105245362A CN105245362A (en) 2016-01-13
CN105245362B true CN105245362B (en) 2018-07-03

Family

ID=55042873

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510581282.3A Active CN105245362B (en) 2015-09-14 2015-09-14 Important node information collecting method in a kind of SDN environment

Country Status (1)

Country Link
CN (1) CN105245362B (en)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106529562A (en) * 2016-09-09 2017-03-22 浙江工业大学 OSS (Open Source software) project developer prediction method based on Email networks
CN110213279B (en) * 2019-06-10 2021-11-30 安徽理工大学 Privacy protection-based dynamic network average consensus method
CN110768906B (en) * 2019-11-05 2022-08-30 重庆邮电大学 SDN-oriented energy-saving routing method based on Q learning
CN112087488B (en) * 2020-08-03 2023-08-25 山东浪潮科学研究院有限公司 Method, device, equipment and medium for determining important cloud robot nodes
CN112367692B (en) * 2020-10-29 2022-10-04 西北工业大学 Air-ground integrated vehicle networking relay selection method based on link service quality
CN112910720B (en) * 2021-05-06 2021-08-03 成都云智天下科技股份有限公司 Intelligent network scheduling method and system based on user experience quantitative index

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101853261A (en) * 2009-11-23 2010-10-06 电子科技大学 Network public-opinion behavior analysis method based on social network
CN103944748A (en) * 2014-02-17 2014-07-23 北京航空航天大学 Network-key-node self-similar-traffic generation simplification method based on genetic algorithm
CN104394202A (en) * 2014-11-13 2015-03-04 西安交通大学 A node vitality quantifying method in a mobile social network

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8504504B2 (en) * 2008-09-26 2013-08-06 Oracle America, Inc. System and method for distributed denial of service identification and prevention
US8452871B2 (en) * 2011-08-27 2013-05-28 At&T Intellectual Property I, L.P. Passive and comprehensive hierarchical anomaly detection system and method

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101853261A (en) * 2009-11-23 2010-10-06 电子科技大学 Network public-opinion behavior analysis method based on social network
CN103944748A (en) * 2014-02-17 2014-07-23 北京航空航天大学 Network-key-node self-similar-traffic generation simplification method based on genetic algorithm
CN104394202A (en) * 2014-11-13 2015-03-04 西安交通大学 A node vitality quantifying method in a mobile social network

Also Published As

Publication number Publication date
CN105245362A (en) 2016-01-13

Similar Documents

Publication Publication Date Title
CN105245362B (en) Important node information collecting method in a kind of SDN environment
CN107483487B (en) TOPSIS-based multi-dimensional network security measurement method
CN102075352A (en) Method and device for predicting network user behavior
CN104967629A (en) Network attack detection method and apparatus
CN101572623A (en) Method for comprehensively evaluating network performance based on subjective and objective combination evaluation
CN109218304B (en) Network risk blocking method based on attack graph and co-evolution
CN114513470B (en) Network flow control method, device, equipment and computer readable storage medium
CN108900513A (en) A kind of DDOS effect evaluation method based on BP neural network
CN116846565A (en) SAA-SSA-BPNN-based network security situation assessment method
Lou et al. Cyber intrusion detection through association rule mining on multi-source logs
CN106487906A (en) A kind of mobile Web application protocol changing method of context aware
CN107402851A (en) A kind of data recovery control method and device
CN104811336A (en) Intelligent optimization-based distributed network flow predicting method
CN103944748B (en) Network-key-node self-similar-traffic generation simplification method based on genetic algorithm
CN101986608B (en) Method for evaluating heterogeneous overlay network load balance degree
CN109324906A (en) The method of selection processing node in cloud computing platform
CN103825963A (en) Virtual service transition method
Chen et al. A traffic identification based on PSO-RBF neural network in peer-to-peer network
Lei et al. Optimizing traffic classification using hybrid feature selection
CN109492677A (en) Time-varying network link prediction method based on bayesian theory
Liu et al. Identifying user clicks based on dependency graph
CN111917589B (en) Power communication network resource backup method and related device
Chu et al. A new P2P traffic identification methodology based on flow statistics
Gong et al. MSTP Network Data Traffic Anomaly Optimization Detection Algorithm
CN115314500B (en) Dynamic load balancing method based on improved TOPSIS model

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant