A Research On Dynamic Mining Method Of Network Policy Based On Fusion Of Control And Data Plane

With the vigorous development of information technologies such as 5G networks and cloud computing,the scale of the network has become larger and larger,which has brought great challenges to network management.As the "skeleton" of the network architecture,network policies are of great significance in guiding network configuration,verifying the network,and analyzing the network,and can effectively guarantee the efficiency of network management.Therefore,mining network policies from router configuration files has received more and more attention from scholars.However,traditional single-plane network policy mining methods have poor performance in increasingly complex network environments,and cannot comprehensively analyze the network topology of possible faulty links.Aiming at the above problems,thesis proposes a network policy mining method that integrates control and data planes.The research goal is to optimize the performance of network policy mining,and to extract network policies from network topologies that may have faults.The main research contents and innovative work of thesis are as follows:The network policy mining theory is studied.Aiming at the network topology with possible faulty links,a fault model is proposed.The network topology is abstractly represented by the link set and the upper limit of the maximum faulty link,and the relationship of the fault model "capturing" the data plane is defined.The problem of solving a network policy for a given fault model is formulated and transformed into solving a network policy set that conforms to all data planes captured by the fault model.A single-plane network policy mining method is designed.Aiming at the network policy mining method of data plane analysis,thesis proposes a policy analysis method based on graph theory.Through weight-based policy-aware sampling,prefix tree pruning,data plane analysis based on forwarding graph and dominator tree,a set of policies conforming to the current data plane is obtained.Aiming at the network policy mining method for control plane verification,thesis proposes a policy verification method based on SMT(Satisfiability Modulo Theories).Model and symbolize network elements such as packets,routing processes,and their interactions.Then a topologybased pruning algorithm is used to reduce the size of the policy set.Finally,the symbolic network model and network strategy are input into the SMT solver to verify the establishment of the strategy.A dynamic fusion network policy mining method is proposed.The limitations of single-plane network policy mining methods are analyzed,and the inevitable defects of such methods are pointed out.The feasibility of algorithm fusion is analyzed from the algorithm flow and structure,the strategy mining algorithm of dynamic fusion is designed,and the performance improvement of fusion algorithm is theoretically demonstrated.Finally,a comparative experiment is designed to evaluate the effectiveness of the algorithm,the evaluation of pruning efficiency,and the evaluation of algorithm fusion efficiency.The simulation results show that the network policy mining algorithm based on the fusion of control and data planes proposed in thesis can effectively mine the network policies in the network configuration.The fusion algorithm can improve the performance by 143% in the same network scenario.