A secure control plane for SDN based on Bayesian Stackelberg Games
| Title | A secure control plane for SDN based on Bayesian Stackelberg Games |
| Publication Type | Conference Paper |
| Year of Publication | 2017 |
| Authors | Lu, Z., Chen, F., Cheng, G., Ai, J. |
| Conference Name | 2017 3rd IEEE International Conference on Computer and Communications (ICCC) |
| Date Published | dec |
| Keywords | Bayes methods, Bayesian Stackelberg Games, closed-loop defense mechanism, computer network security, controller, controller architecture, Decentralized control, dynamic-scheduling method, forwarding lead, game strategy, game theory, Games, heterogeneous controllers, multiple controllers, Network security, Probes, pubcrawl, remote access detection, Resiliency, Scalability, scheduling, SDN, SDN security, secure control plane, secure gain, secure level, security, security reward, self-cleaning mechanism, Software Defined Network, software defined networking, telecommunication control |
| Abstract | Vulnerabilities of controller that is caused by separation of control and forwarding lead to a threat which attacker can take remote access detection in SDN. The current work proposes a controller architecture called secure control plane (SCP) that enhances security and increase the difficulty of the attack through a rotation of heterogeneous and multiple controllers. Specifically, a dynamic-scheduling method based on Bayesian Stackelberg Games is put forward to maximize security reward of defender during each migration. Secondly, introducing a self-cleaning mechanism combined with game strategy aims at improving the secure level and form a closed-loop defense mechanism; Finally, the experiments described quantitatively defender will get more secure gain based on the game strategy compared with traditional strategy (pure and random strategies), and the self-cleaning mechanism can make the control plane to be in a higher level of security. |
| URL | https://ieeexplore.ieee.org/document/8322745 |
| DOI | 10.1109/CompComm.2017.8322745 |
| Citation Key | lu_secure_2017 |
- pubcrawl
- telecommunication control
- software defined networking
- Software Defined Network
- self-cleaning mechanism
- security reward
- security
- secure level
- secure gain
- secure control plane
- SDN security
- SDN
- scheduling
- Scalability
- Resiliency
- remote access detection
- Bayes methods
- Probes
- network security
- multiple controllers
- heterogeneous controllers
- Games
- game theory
- game strategy
- forwarding lead
- dynamic-scheduling method
- Decentralized Control
- controller architecture
- controller
- computer network security
- closed-loop defense mechanism
- Bayesian Stackelberg Games