MHSDN: A Hierarchical Software Defined Network Reliability Framework design

Abstract

At present, attacks based on the vulnerability of the controller and flooding attacks still constitute a principal threat for hierarchical Software Defined Network (SDN), such as flow table tampering, malicious Application attacks, Distributed Denial of Service (DDoS) etc., due to the limitation against attacks based on known or unknown vulnerabilities for traditional cyber defence technology. Therefore, this study proposes an active defence architecture based on Mimic Defence (MD)–Mimic Hierarchical SDN Framework (MHSDN). Then endogenous security of MHSDN is theoretically analysed. Simultaneously, the attack surface measurement of MD is innovatively proposed, further improving the security and usability measurement standards of the MD system. Finally, to speed up detection and reduce defence cost of DDoS, this research proposes the Random Forest Feature Extract (RFFE) and tolerable switch migration. Simulation shows that RFFE has achieved a faster detection speed at the cost of less detection accuracy, and MHSDN can better improve the reliability of hierarchical SDN.