Visible to the public A secure control plane for SDN based on Bayesian Stackelberg Games

TitleA secure control plane for SDN based on Bayesian Stackelberg Games
Publication TypeConference Paper
Year of Publication2017
AuthorsLu, Z., Chen, F., Cheng, G., Ai, J.
Conference Name2017 3rd IEEE International Conference on Computer and Communications (ICCC)
Date Publisheddec
KeywordsBayes methods, Bayesian Stackelberg Games, closed-loop defense mechanism, computer network security, controller, controller architecture, Decentralized control, dynamic-scheduling method, forwarding lead, game strategy, game theory, Games, heterogeneous controllers, multiple controllers, Network security, Probes, pubcrawl, remote access detection, Resiliency, Scalability, scheduling, SDN, SDN security, secure control plane, secure gain, secure level, security, security reward, self-cleaning mechanism, Software Defined Network, software defined networking, telecommunication control

Vulnerabilities of controller that is caused by separation of control and forwarding lead to a threat which attacker can take remote access detection in SDN. The current work proposes a controller architecture called secure control plane (SCP) that enhances security and increase the difficulty of the attack through a rotation of heterogeneous and multiple controllers. Specifically, a dynamic-scheduling method based on Bayesian Stackelberg Games is put forward to maximize security reward of defender during each migration. Secondly, introducing a self-cleaning mechanism combined with game strategy aims at improving the secure level and form a closed-loop defense mechanism; Finally, the experiments described quantitatively defender will get more secure gain based on the game strategy compared with traditional strategy (pure and random strategies), and the self-cleaning mechanism can make the control plane to be in a higher level of security.

Citation Keylu_secure_2017