Scalable Node-Centric Route Mutation for Defense of Large-Scale Software-Defined Networks
Exploiting software-defined networking techniques, randomly and instantly mutating routes can disguise strategically important infrastructure and protect the integrity of data networks. Route mutation has been to date formulated as NP-complete constraint satisfaction problem where feasible sets of r...
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Hindawi-Wiley
2017-01-01
|
| Series: | Security and Communication Networks |
| Online Access: | http://dx.doi.org/10.1155/2017/4651395 |
| id |
doaj-ba25411d8a3d4ba78ac99045bfa88d08 |
|---|---|
| record_format |
Article |
| spelling |
doaj-ba25411d8a3d4ba78ac99045bfa88d082020-11-24T23:46:18ZengHindawi-WileySecurity and Communication Networks1939-01141939-01222017-01-01201710.1155/2017/46513954651395Scalable Node-Centric Route Mutation for Defense of Large-Scale Software-Defined NetworksYang Zhou0Wei Ni1Kangfeng Zheng2Ren Ping Liu3Yixian Yang4School of Cyberspace Security, Beijing University of Posts and Telecommunications, Beijing 100876, ChinaCSIRO, Sydney, NSW 2122, AustraliaSchool of Cyberspace Security, Beijing University of Posts and Telecommunications, Beijing 100876, ChinaGlobal Big Data Technologies Centre, University of Technology Sydney, Ultimo, NSW 2007, AustraliaSchool of Cyberspace Security, Beijing University of Posts and Telecommunications, Beijing 100876, ChinaExploiting software-defined networking techniques, randomly and instantly mutating routes can disguise strategically important infrastructure and protect the integrity of data networks. Route mutation has been to date formulated as NP-complete constraint satisfaction problem where feasible sets of routes need to be generated with exponential computational complexities, limiting algorithmic scalability to large-scale networks. In this paper, we propose a novel node-centric route mutation method which interprets route mutation as a signature matching problem. We formulate the route mutation problem as a three-dimensional earth mover’s distance (EMD) model and solve it by using a binary branch and bound method. Considering the scalability, we further propose that a heuristic method yields significantly lower computational complexities with marginal loss of robustness against eavesdropping. Simulation results show that our proposed methods can effectively disguise key infrastructure by reducing the difference of historically accumulative traffic among different switches. With significantly reduced complexities, our algorithms are of particular interest to safeguard large-scale networks.http://dx.doi.org/10.1155/2017/4651395 |
| collection |
DOAJ |
| language |
English |
| format |
Article |
| sources |
DOAJ |
| author |
Yang Zhou Wei Ni Kangfeng Zheng Ren Ping Liu Yixian Yang |
| spellingShingle |
Yang Zhou Wei Ni Kangfeng Zheng Ren Ping Liu Yixian Yang Scalable Node-Centric Route Mutation for Defense of Large-Scale Software-Defined Networks Security and Communication Networks |
| author_facet |
Yang Zhou Wei Ni Kangfeng Zheng Ren Ping Liu Yixian Yang |
| author_sort |
Yang Zhou |
| title |
Scalable Node-Centric Route Mutation for Defense of Large-Scale Software-Defined Networks |
| title_short |
Scalable Node-Centric Route Mutation for Defense of Large-Scale Software-Defined Networks |
| title_full |
Scalable Node-Centric Route Mutation for Defense of Large-Scale Software-Defined Networks |
| title_fullStr |
Scalable Node-Centric Route Mutation for Defense of Large-Scale Software-Defined Networks |
| title_full_unstemmed |
Scalable Node-Centric Route Mutation for Defense of Large-Scale Software-Defined Networks |
| title_sort |
scalable node-centric route mutation for defense of large-scale software-defined networks |
| publisher |
Hindawi-Wiley |
| series |
Security and Communication Networks |
| issn |
1939-0114 1939-0122 |
| publishDate |
2017-01-01 |
| description |
Exploiting software-defined networking techniques, randomly and instantly mutating routes can disguise strategically important infrastructure and protect the integrity of data networks. Route mutation has been to date formulated as NP-complete constraint satisfaction problem where feasible sets of routes need to be generated with exponential computational complexities, limiting algorithmic scalability to large-scale networks. In this paper, we propose a novel node-centric route mutation method which interprets route mutation as a signature matching problem. We formulate the route mutation problem as a three-dimensional earth mover’s distance (EMD) model and solve it by using a binary branch and bound method. Considering the scalability, we further propose that a heuristic method yields significantly lower computational complexities with marginal loss of robustness against eavesdropping. Simulation results show that our proposed methods can effectively disguise key infrastructure by reducing the difference of historically accumulative traffic among different switches. With significantly reduced complexities, our algorithms are of particular interest to safeguard large-scale networks. |
| url |
http://dx.doi.org/10.1155/2017/4651395 |
| work_keys_str_mv |
AT yangzhou scalablenodecentricroutemutationfordefenseoflargescalesoftwaredefinednetworks AT weini scalablenodecentricroutemutationfordefenseoflargescalesoftwaredefinednetworks AT kangfengzheng scalablenodecentricroutemutationfordefenseoflargescalesoftwaredefinednetworks AT renpingliu scalablenodecentricroutemutationfordefenseoflargescalesoftwaredefinednetworks AT yixianyang scalablenodecentricroutemutationfordefenseoflargescalesoftwaredefinednetworks |
| _version_ |
1725493882052935680 |