The rapid development and popularization of the network have brought many problems to network security. Intrusion detection technology is often used as an effective security technology to protect the network. The deep belief network (DBN), as a classic model of deep learning, has good classification performance and is often used in the field of intrusion detection. However, the network structure of DBN is generally set through practical experience. For the optimization problem of the DBN-based intrusion detection classification model (DBN-IDS), this paper proposes a new joint optimization algorithm to optimize the DBN's network structure. First, we design a particle swarm optimization (PSO) based on the adaptive inertia weight and learning factor. Second, we use the fish swarm behavior of cluster, foraging, and other behaviors to optimize the PSO to find the initial optimization solution. Then, based on the initial optimization solution, we use the genetic operators with self-adjusting crossover probability and mutation probability to optimize the PSO to search the global optimization solution. Finally, the global optimization solution constructed by the above-mentioned joint optimization algorithm is used as the network structure of the intrusion detection classification model. The experimental results show that compared with other DBN-IDS optimization algorithms, our algorithm shortens the average detection time by at least 24.69% on the premise of increasing the average training time by 6.9%; compared with the tested classification algorithms, our DBN-IDS improves the average classification accuracy by at least 1.3% and up to 14.80% in the five-category classification, which is proved to be an efficient DBN-IDS optimization method. INDEX TERMS Intrusion detection, deep belief network, particle swarm optimization, artificial fish swarm algorithm, genetic algorithm.
In software-defined networking with the distributed control plane, the switches are associated with controllers using only the number of the flow requests as the basis of resource allocation, ignoring the characteristics of flow. To address this issue, we first analyze the control resource consumption of flow requests with different characteristics, and point out that the control resource consumption can be reduced through changing the controller association relationship. Then, we propose the dynamic controller association mechanism based on flow characteristics and design the greedy set coverage algorithm with the coalitional game to reduce both control resource consumption and control traffic overhead. The mechanism is divided into two phases: first, the greedy set coverage algorithm provides a fast algorithm to yield a controller association scheme but leads to an unbalanced association. Based on this algorithm, a coalitional game strategy is introduced to achieve the near-optimal association scheme between controllers and switches through switch migration. The extensive simulations demonstrate that while keeping control traffic overhead low, our mechanism can reduce control resource consumption by about 36% in comparison with the controller load balancing mechanism.INDEX TERMS Software-defined networking, controller association, resource allocation, flow characteristics.
Software-Defined Networking provides flexible and efficient network management. However, the limited flow table space lead to many challenges for SDN networks on flexibility and scalability. In order to achieve efficient routing scheme, we propose an efficient flow forwarding scheme based on Segment Routing named PASR to solve SDN switch flow table resource shortage problem. Traditional OpenFlow-based or MPLS-based flow forwarding scheme may lead to performance degradation due to flow-table overflowed or heavy MPLS label load incurred. PASR exploits SDN, Segment Routing and intelligent path encoding algorithm to achieve a trade-off between flow table resource and MPLS label load. The proposed PASR can learn the flow path information online to implement path aggregation by aggregating a large number of flows into a small number of flow entries based on the coincidence degree of the flow path. To find the optimal flow path aggregation scheme, we present an intelligent encoding algorithm to maximize the overall cost saving. The simulation results show that PASR can effectively reduce both the number of flow entries and the MPLS label load of the packet. INDEX TERMS Software-defined networking (SDN), segment routing (SR), path encoding, flow table.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
customersupport@researchsolutions.com
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.