Research Of Secure And Reliable Network Control Method Of SDN/OpenFlow Network On Cloud Environment

With the Internet facing more and more pressure in scalability,mobility and se-curity,software-defined network is born at the right moment.It is a kind of network architecture which seperates data controlling and data forwarding to meet current and future needs of the evolution,and it has become an important direction to lead the fu-ture development of the Internet.OpenFlow,as the actual landing technology of SDN architecture,controls,manages and optimizes network resources by automatically for-warding application layer policies to data layer flow rules.With its birth,the traditional network architecture was influenced a lot,and OpenFlow is gradually accepted by the major manufacturers and academias.SDN/OpenFlow has been widely used in the net-work of cloud platform because it has a high degree of flexibility and mobility.On the one hand,cloud computing and SDN/OpenFlow technology solve some of the tradi-tional problems in the past decade.On the other hand,it also brings some new prob-lems.In this paper,the security issues based on SDN/OpenFlow network and cloud computing have been deeply studied,and the main work is as follows:1.Rules consistent update technology based on the delay of SDN/OpenFlow has been proposed.Because we can not accurately identify the emergence of network flow rules inconsistent in cloud platform based on SDN/OpenFlow network and many of the existing solvments is time-consuming,this paper presents a consistency verification al-gorithm based on flow table rules.The algorithm establishes a dynamic programming model by calculating the delay among the relevant nodes.Through this model,the con-sistency of the transmission path among nodes is checked to find an optimal path,and there is no inconsistency problem of flow table rules on the path.In order to verify the validity of the scheme,the application is established in the NOX controller and the rules of the convective table are verified.2.This paper proposes a lightweight Denial of Service(DDoS)attack detection technology based on SOM.Flood-based distributed denial of service(DDoS)attack detection is one of the major challenges of today's Internet security,a serious threat to similar to the public cloud platform and other public service facilities.Aiming at this problem,this paper presents a lightweight DDoS attack detection method based on traffic characteristics to solve the above challenges.The scheme is implemented in an SDN/OpenFlow network based on a Nox controller,where the OpenFlow switch main-tains all active streams in the flow table.All the characteristic information is collected by the NOX controller,and then these feature data are processed by SOM neural net-work.Compared with other existing methods,this scheme does not need to deal with a large number of feature information,and can effectively detect the attack data stream.The feasibility and effectiveness of the above methods are verified by experiments,which can provide powerful technical support for cloud platform management based on SDN/OpenFlow.