Loading…
Route Guardian: Constructing Secure Routing Paths in Software-Defined Networking
Software-Defined Networking(SDN) decouples the control plane and the data plane in network switches and routers, which enables the rapid innovation and optimization of routing and switching configurations. However,traditional routing mechanisms in SDN, based on the Dijkstra shortest path, do not tak...
Saved in:
| Published in: | 清华大学学报:自然科学英文版 2017, Vol.22 (4), p.400-412 |
|---|---|
| Main Authors: | , , , , , |
| Format: | Article |
| Language: | English |
| Subjects: | |
| Online Access: | Get full text |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| cited_by | |
|---|---|
| cites | |
| container_end_page | 412 |
| container_issue | 4 |
| container_start_page | 400 |
| container_title | 清华大学学报:自然科学英文版 |
| container_volume | 22 |
| creator | Mengmeng Wang Jianwei Liu Jian Mao Haosu Cheng Jie Chen Chan Qi |
| description | Software-Defined Networking(SDN) decouples the control plane and the data plane in network switches and routers, which enables the rapid innovation and optimization of routing and switching configurations. However,traditional routing mechanisms in SDN, based on the Dijkstra shortest path, do not take the capacity of nodes into account, which may lead to network congestion. Moreover, security resource utilization in SDN is inefficient and is not addressed by existing routing algorithms. In this paper, we propose Route Guardian, a reliable securityoriented SDN routing mechanism, which considers the capabilities of SDN switch nodes combined with a Network Security Virtualization framework. Our scheme employs the distributed network security devices effectively to ensure analysis of abnormal traffic and malicious node isolation. Furthermore, Route Guardian supports dynamic routing reconfiguration according to the latest network status. We prototyped Route Guardian and conducted theoretical analysis and performance evaluation. Our results demonstrate that this approach can effectively use the existing security devices and mechanisms in SDN. |
| format | article |
| fullrecord | <record><control><sourceid>chongqing</sourceid><recordid>TN_cdi_chongqing_primary_673587639</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><cqvip_id>673587639</cqvip_id><sourcerecordid>673587639</sourcerecordid><originalsourceid>FETCH-chongqing_primary_6735876393</originalsourceid><addsrcrecordid>eNqNykkKwjAAheEgCtbhDsF9IBqb1HWdViKt-xLatI1DohkoXsWzeCevYAsewNX7H3w9EMwjFiFGMe23jTFDeDFfDsHI2jPGhIaMBCBJtHcC7jw3heTq837BWCvrjM-dVBVMRe6NgJ3q7pG72kKpYKpL13Aj0FqUUokCHoRrtLm0aAIGJb9aMf3tGMy2m1O8R3mtVfVoRXY38sbNM6OMhBGjZEX-Ql9CmUG8</addsrcrecordid><sourcetype>Publisher</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype></control><display><type>article</type><title>Route Guardian: Constructing Secure Routing Paths in Software-Defined Networking</title><source>IEEE Xplore All Journals</source><creator>Mengmeng Wang;Jianwei Liu;Jian Mao;Haosu Cheng;Jie Chen;Chan Qi</creator><creatorcontrib>Mengmeng Wang;Jianwei Liu;Jian Mao;Haosu Cheng;Jie Chen;Chan Qi</creatorcontrib><description>Software-Defined Networking(SDN) decouples the control plane and the data plane in network switches and routers, which enables the rapid innovation and optimization of routing and switching configurations. However,traditional routing mechanisms in SDN, based on the Dijkstra shortest path, do not take the capacity of nodes into account, which may lead to network congestion. Moreover, security resource utilization in SDN is inefficient and is not addressed by existing routing algorithms. In this paper, we propose Route Guardian, a reliable securityoriented SDN routing mechanism, which considers the capabilities of SDN switch nodes combined with a Network Security Virtualization framework. Our scheme employs the distributed network security devices effectively to ensure analysis of abnormal traffic and malicious node isolation. Furthermore, Route Guardian supports dynamic routing reconfiguration according to the latest network status. We prototyped Route Guardian and conducted theoretical analysis and performance evaluation. Our results demonstrate that this approach can effectively use the existing security devices and mechanisms in SDN.</description><identifier>ISSN: 1007-0214</identifier><identifier>EISSN: 1878-7606</identifier><language>eng</language><subject>Dijkstra ; SDN ; 安全路由 ; 最短路径 ; 网络交换机 ; 网络安全设备 ; 路由机制 ; 软件定义</subject><ispartof>清华大学学报:自然科学英文版, 2017, Vol.22 (4), p.400-412</ispartof><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Uhttp://image.cqvip.com/vip1000/qk/85782X/85782X.jpg</thumbnail><link.rule.ids>314,780,784,4022</link.rule.ids></links><search><creatorcontrib>Mengmeng Wang;Jianwei Liu;Jian Mao;Haosu Cheng;Jie Chen;Chan Qi</creatorcontrib><title>Route Guardian: Constructing Secure Routing Paths in Software-Defined Networking</title><title>清华大学学报:自然科学英文版</title><addtitle>Tsinghua Science and Technology</addtitle><description>Software-Defined Networking(SDN) decouples the control plane and the data plane in network switches and routers, which enables the rapid innovation and optimization of routing and switching configurations. However,traditional routing mechanisms in SDN, based on the Dijkstra shortest path, do not take the capacity of nodes into account, which may lead to network congestion. Moreover, security resource utilization in SDN is inefficient and is not addressed by existing routing algorithms. In this paper, we propose Route Guardian, a reliable securityoriented SDN routing mechanism, which considers the capabilities of SDN switch nodes combined with a Network Security Virtualization framework. Our scheme employs the distributed network security devices effectively to ensure analysis of abnormal traffic and malicious node isolation. Furthermore, Route Guardian supports dynamic routing reconfiguration according to the latest network status. We prototyped Route Guardian and conducted theoretical analysis and performance evaluation. Our results demonstrate that this approach can effectively use the existing security devices and mechanisms in SDN.</description><subject>Dijkstra</subject><subject>SDN</subject><subject>安全路由</subject><subject>最短路径</subject><subject>网络交换机</subject><subject>网络安全设备</subject><subject>路由机制</subject><subject>软件定义</subject><issn>1007-0214</issn><issn>1878-7606</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2017</creationdate><recordtype>article</recordtype><recordid>eNqNykkKwjAAheEgCtbhDsF9IBqb1HWdViKt-xLatI1DohkoXsWzeCevYAsewNX7H3w9EMwjFiFGMe23jTFDeDFfDsHI2jPGhIaMBCBJtHcC7jw3heTq837BWCvrjM-dVBVMRe6NgJ3q7pG72kKpYKpL13Aj0FqUUokCHoRrtLm0aAIGJb9aMf3tGMy2m1O8R3mtVfVoRXY38sbNM6OMhBGjZEX-Ql9CmUG8</recordid><startdate>2017</startdate><enddate>2017</enddate><creator>Mengmeng Wang;Jianwei Liu;Jian Mao;Haosu Cheng;Jie Chen;Chan Qi</creator><scope>2RA</scope><scope>92L</scope><scope>CQIGP</scope><scope>~WA</scope></search><sort><creationdate>2017</creationdate><title>Route Guardian: Constructing Secure Routing Paths in Software-Defined Networking</title><author>Mengmeng Wang;Jianwei Liu;Jian Mao;Haosu Cheng;Jie Chen;Chan Qi</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-chongqing_primary_6735876393</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2017</creationdate><topic>Dijkstra</topic><topic>SDN</topic><topic>安全路由</topic><topic>最短路径</topic><topic>网络交换机</topic><topic>网络安全设备</topic><topic>路由机制</topic><topic>软件定义</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Mengmeng Wang;Jianwei Liu;Jian Mao;Haosu Cheng;Jie Chen;Chan Qi</creatorcontrib><collection>维普_期刊</collection><collection>中文科技期刊数据库-CALIS站点</collection><collection>维普中文期刊数据库</collection><collection>中文科技期刊数据库- 镜像站点</collection><jtitle>清华大学学报:自然科学英文版</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Mengmeng Wang;Jianwei Liu;Jian Mao;Haosu Cheng;Jie Chen;Chan Qi</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Route Guardian: Constructing Secure Routing Paths in Software-Defined Networking</atitle><jtitle>清华大学学报:自然科学英文版</jtitle><addtitle>Tsinghua Science and Technology</addtitle><date>2017</date><risdate>2017</risdate><volume>22</volume><issue>4</issue><spage>400</spage><epage>412</epage><pages>400-412</pages><issn>1007-0214</issn><eissn>1878-7606</eissn><abstract>Software-Defined Networking(SDN) decouples the control plane and the data plane in network switches and routers, which enables the rapid innovation and optimization of routing and switching configurations. However,traditional routing mechanisms in SDN, based on the Dijkstra shortest path, do not take the capacity of nodes into account, which may lead to network congestion. Moreover, security resource utilization in SDN is inefficient and is not addressed by existing routing algorithms. In this paper, we propose Route Guardian, a reliable securityoriented SDN routing mechanism, which considers the capabilities of SDN switch nodes combined with a Network Security Virtualization framework. Our scheme employs the distributed network security devices effectively to ensure analysis of abnormal traffic and malicious node isolation. Furthermore, Route Guardian supports dynamic routing reconfiguration according to the latest network status. We prototyped Route Guardian and conducted theoretical analysis and performance evaluation. Our results demonstrate that this approach can effectively use the existing security devices and mechanisms in SDN.</abstract></addata></record> |
| fulltext | fulltext |
| identifier | ISSN: 1007-0214 |
| ispartof | 清华大学学报:自然科学英文版, 2017, Vol.22 (4), p.400-412 |
| issn | 1007-0214 1878-7606 |
| language | eng |
| recordid | cdi_chongqing_primary_673587639 |
| source | IEEE Xplore All Journals |
| subjects | Dijkstra SDN 安全路由 最短路径 网络交换机 网络安全设备 路由机制 软件定义 |
| title | Route Guardian: Constructing Secure Routing Paths in Software-Defined Networking |
| url | http://sfxeu10.hosted.exlibrisgroup.com/loughborough?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-12T14%3A06%3A07IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-chongqing&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Route%20Guardian%EF%BC%9A%20Constructing%20Secure%20Routing%20Paths%20in%20Software-Defined%20Networking&rft.jtitle=%E6%B8%85%E5%8D%8E%E5%A4%A7%E5%AD%A6%E5%AD%A6%E6%8A%A5%EF%BC%9A%E8%87%AA%E7%84%B6%E7%A7%91%E5%AD%A6%E8%8B%B1%E6%96%87%E7%89%88&rft.au=Mengmeng%20Wang;Jianwei%20Liu;Jian%20Mao;Haosu%20Cheng;Jie%20Chen;Chan%20Qi&rft.date=2017&rft.volume=22&rft.issue=4&rft.spage=400&rft.epage=412&rft.pages=400-412&rft.issn=1007-0214&rft.eissn=1878-7606&rft_id=info:doi/&rft_dat=%3Cchongqing%3E673587639%3C/chongqing%3E%3Cgrp_id%3Ecdi_FETCH-chongqing_primary_6735876393%3C/grp_id%3E%3Coa%3E%3C/oa%3E%3Curl%3E%3C/url%3E&rft_id=info:oai/&rft_id=info:pmid/&rft_cqvip_id=673587639&rfr_iscdi=true |