Research On Some Key Technologies Of WAN Data Transmission Under Path Hopping

Ensuring the security and anonymity of data transmission in an open network environment through path hopping is an emerging research direction in network security,and has received extensive.attention,such as Moving Target Defense and Endogenous Security.The strong of path hopping security depends on the frequency of hopping,and increasing the frequency of path hopping often comes at the expense of data transmission quality.How to find a balance between the two is the core issue of the research.The weak management plane and extremely limited computing power of distributed systems cannot provide the basic guarantee for path hopping.Therefore,this research is closely related to software-defined networks and software-defined wide area networks.The paper conducts research work on reducing the impact of path hopping on data transmission quality,enhancing path hopping efficiency,and improving the performance of centralized control network updates.The exploration was conducted on solving the problem of path hopping efficiency and transmission quality,insufficient space for path hopping,and coexistence of path hopping and other network applications.The core innovations of this paper have theoretical significance and practical value for improving the security,anonymity,and scalability of hopping path data transmission.The study conducts research based on the SD-WAN system research platform POCO,and the main contributions are as follows:(1)To improve the low performance of path configuration under the centralized network update mechanism,a Control Information Batch Delivery Model(CIBDM)is proposed.CIBDM solves the inefficient delivery of control information based on packet multiplexing,ensures update consistency through data plane coordination,and arranges the delivery of update information as a whole to achieve the minimum control overhead under the optimal update completion time.At the same time,the onion routing mechanism is used to realize the secure distribution of update information.The control information data plane delivery problem is modeled as a vehicle transportation problem with time windows,and then a greedy algorithm is used to obtain the constituent elements of the update packet.Then,the CIBDM method is experimentally validated on 10 realworld deployed WAN topologies.The experimental results show that the proposed method is better than the typical network update message delivery method under the optimal update completion time,the control message processing cost,and the data plane storage consumption.(2)To enhance the transmission performance of end-to-end random hopping paths,an end-to-end Dynamic Dual-Path Routing(DDPR)data transmission mode is proposed.DDPR adopts the "master-slave path" for coordinated transmission,which solves the problem of the opposition between path hopping efficiency and transmission quality.Hop path diversity is enhanced by reducing slave path QoS requirements.Based on Information Dispersal Algorithm(IDA),the problem of out-of-order packets caused by path differences is solved.The hop path selection is modeled as the optimal multi-path transmission assignment problem under the known path intrusion probability,and the next hop path is obtained through a progressive approximation path optimal traffic assignment algorithm.The proposed method is experimentally validated on two types of path sets constructed with a low and high dissimilarity.The experimental results show that the proposed method has good data transmission stability under high-rate path hopping.(3)To solve the complex and the low transmission performance of anonymous paths based on onion routing,a Random Virtual Proxy Mutation(RVPM)anonymous communication scheme with alternate hopping of "real and virtual paths" is designed.RVPM uses the hopping method of the low frequency of real path(physical path)and high frequency of virtual path to crack the opposition between anonymous path conversion and high-performance communication.The virtual path is constructed based on the real path,which solves the problems of high control overhead and low transmission performance caused by the highspeed hopping of anonymous paths.The introduction of paths with timememory digital filtering solves the problem of fair selection of real paths using the Binary Exponential Backoff algorithm for competitive selection.The verification experimental results show that,compared with ordinary data flow communication,the method proposed in this paper only has a slight delay jitter when the real path hops,and other transmission performances do not decrease significantly.