Research On The Scheduling And Decision-making Mechanism Of Mimic Network Operating System

In recent years,Software Defined Network(SDN)has been developing rapidly because of its features of centralized control,decoupling of control and data plane and programmability,and gradually becoming the focus of current research.However,with the application and deployment in practice,the security issues of SDN,especially its control plane,have become increasingly prominent.First,as the centralized control node in SDN,the fact that vulnerability exists is unavoidable.Second,as the core component of SDN,it is responsible for the logical control function of whole network,so its vulnerability and importance make it easy to become the preferred target to attack.At present,the design of secure controller and multi-controller architecture are the main research ideas to solve the security problem on SDN control plane.The existing methods have achieved some success in enhancing SDN control security,but the following shortcomings still exist: 1)because the vulnerability is inevitable and unknown,the first method will have to fix the vulnerability all the time,which is passive defense;2)most of the existing multi-controller architectures use the same type of controllers,which may lead to security risks of common vulnerabilities,and the static structure existing architectures cannot cope with advanced persistent threats(APT).This dissertation is supported by the Foundation for Innovative Research Groups of the National Natural Science Foundation of China(61521003)---―Research on the basic theory of cyberspace mimic defense‖.We design and implement a SDN control plane architecture with endogenous security features---Mimic Network Operating System(MNOS),an active defense architecture based on mimic security defense to deal with the problems above.The main contributions are as follows.1.In order to solve the dynamic scheduling problem of heterogeneous controllers in MNOS,a negative feedback scheduling strategy based on the biological population model is proposed to increase the probability of selecting a reliable and trusted controller.First,model the attacker(predator)controller and MNOS(heterogeneous pool)as a biological population,and then determine the schedule weight according to the number of attacks of each type of controller;secondly,update the attack number information of each controller,and then form a kind of adaptive feedback scheduling mode;finally,an evaluation method of scheduling strategy is proposed,and simulation results verify the effectiveness of our method.2.To improve the correctness of the decision,this paper proposes a decision-making mechanism based on the game theory model.In general,the mimic defense uses the simple majority-bases decision mechanism,which hasn't taken the historical information into account,so there is still room for improvement when considering the existence of a malicious controller and a certain prior knowledge of the case.We model the attackers and defenders(MNOS)as a zero-sum game,and then solve Nash equilibrium to obtain the optimal solution.Experimental simulation shows that compared with simple majority-bases decision mechanism,this method can effectively increase the correctness of the decision.At the same time,in order to solve the delay problem caused by the decision mechanism,we put forward an optimization method to reduce the delay cost.3.The MNOS principle verification system is initially implemented in this paper.First,we design the implementation architecture and mimic control protocol,and then develop agent module on Ryu,ONOS,and Floodlight,and last,realize the scheduling and decision-making function of MNOS.The test results show that the system can effectively cope with the single point of failure and have the intrusion tolerant ability.