A Quantification Method for the Heterogeneity of Mimic Control Plane in SDN

Abstract

SDN (Software-Defined Networking) renders network management more centralized and flexible. However, its control plane is vulnerable to attacks. By introducing dynamic heterogeneous redundancy, the amimic control plane is built to effectively solve the problems of single control points of failure, unknown backdoor vulnerabilities and static configuration. Heterogeneity is an important indicator for evaluating the security of a system. Generally speaking, the greater the heterogeneity, the higher the security. Currently, there is little research evaluating the security of the mimic control plane in SDN by quantifying the heterogeneity. To this end, this paper proposes two methods for measuring the heterogeneity, based on the biological population diversity assessment method. Firstly, the heterogeneity quantification method, i.e., method 1, is based on system complexity and difference. On this basis, another heterogeneous quantification method, i.e., method 2, is established using high order symbiosis of the vulnerabilities. The experimental results show that, compared to the known methods, the heterogeneous quantification method 1 considers more comprehensive factors and is closer to reality. The heterogeneity quantification method 2 is more instructive to quantify the security of the mimic control plane.