Research on a Full-Factor SDN Fingerprint Attack and Its Fuzzy Confusion Defense Mechanism

WANG Tao; CHEN Hong-chang

doi:10.3969/j.issn.0372-2112.2020.06.024

您当前的位置：

首页 >

文章列表页 >

Research on a Full-Factor SDN Fingerprint Attack and Its Fuzzy Confusion Defense Mechanism

更新时间：2025-07-16

- Research on a Full-Factor SDN Fingerprint Attack and Its Fuzzy Confusion Defense Mechanism
- Acta Electronica Sinica Vol. 48, Issue 6, Pages: 1213-1219(2020)
- 作者机构：
  
  中国人民解放军战略支援部队信息工程大学,河南,郑州,450003
- 作者简介：
- 基金信息：
  
  Subject of National Key Research and Development Program of China (No.2018YFB0804004);NSFC Innovation Research Group (No.61521003)
- DOI：10.3969/j.issn.0372-2112.2020.06.024
  CLC： TP309.1
- Published Online：25 June 2020，
  
  Published：2020
- 稿件说明：
移动端阅览
WANG Tao, CHEN Hong-chang. Research on a Full-Factor SDN Fingerprint Attack and Its Fuzzy Confusion Defense Mechanism[J]. Acta Electronica Sinica, 2020, 48(6): 1213-1219.
DOI：

WANG Tao, CHEN Hong-chang. Research on a Full-Factor SDN Fingerprint Attack and Its Fuzzy Confusion Defense Mechanism[J]. Acta Electronica Sinica, 2020, 48(6): 1213-1219. DOI： 10.3969/j.issn.0372-2112.2020.06.024.

摘要

软件定义网络（Software-Defined Networking，SDN）的三层两接口架构使攻击者可以通过分析数据包往返时延分布规律推测网络类型、控制器类型及关键流规则等指纹信息.目前SDN指纹攻击及其防御研究基本处于空白状态，为此，本文系统构建了全要素SDN指纹攻击链，并在双重时间维度分别设计了概率加扰和控制器混淆调度防御机制，通过渐变概率加扰与最优混淆调度协同提升SDN指纹信息隐藏度.实验结果表明该机制能够在有效隐藏SDN指纹信息的同时减少对网络性能的影响.

Abstract

The "three-layer two-interface" architecture of software-defined networking (SDN) enables attackers to infer fingerprint information such as network type

controller type

and key flow rules by analyzing the round-trip time distribution of packets. Currently SDN fingerprint attack and its defense research are not mature

so this paper constructs a full-factor SDN fingerprint attack chain. Then

the probabilistic scrambling mechanism and controller dynamic confusion scheduling mechanism are designed in the dual time dimension respectively. More specifically

the gradient probabilistic scrambling and optimal confusion scheduling synergistically promote the information hiding degree of SDN fingerprint. The experimental results show that the mechanism can effectively hide the SDN fingerprint information while reducing the impact on network performance.

关键词

Keywords

references

Views

下载量

CSCD

Alert me when the article has been cited

提交

Tools

Publicity Resources

No data

Related Author

No data

Related Institution

No data

⁰