A Dynamic Hidden Forwarding Path Planning Method Based on Improved Q-Learning in SDN Environments. (23rd April 2018)
- Record Type:
- Journal Article
- Title:
- A Dynamic Hidden Forwarding Path Planning Method Based on Improved Q-Learning in SDN Environments. (23rd April 2018)
- Main Title:
- A Dynamic Hidden Forwarding Path Planning Method Based on Improved Q-Learning in SDN Environments
- Authors:
- Chen, Yun
Lv, Kun
Hu, Changzhen - Other Names:
- Yan Zheng Academic Editor.
- Abstract:
- Abstract : Currently, many methods are available to improve the target network's security. The vast majority of them cannot obtain an optimal attack path and interdict it dynamically and conveniently. Almost all defense strategies aim to repair known vulnerabilities or limit services in target network to improve security of network. These methods cannot response to the attacks in real-time because sometimes they need to wait for manufacturers releasing corresponding countermeasures to repair vulnerabilities. In this paper, we propose an improved Q-learning algorithm to plan an optimal attack path directly and automatically. Based on this path, we use software-defined network (SDN) to adjust routing paths and create hidden forwarding paths dynamically to filter vicious attack requests. Compared to other machine learning algorithms, Q-learning only needs to input the target state to its agents, which can avoid early complex training process. We improve Q-learning algorithm in two aspects. First, a reward function based on the weights of hosts and attack success rates of vulnerabilities is proposed, which can adapt to different network topologies precisely. Second, we remove the actions and merge them into every state that reduces complexity from O ( N 3 ) to O ( N 2 ) . In experiments, after deploying hidden forwarding paths, the security of target network is boosted significantly without having to repair network vulnerabilities immediately.
- Is Part Of:
- Security and communication networks. Volume 2018(2018)
- Journal:
- Security and communication networks
- Issue:
- Volume 2018(2018)
- Issue Display:
- Volume 2018, Issue 2018 (2018)
- Year:
- 2018
- Volume:
- 2018
- Issue:
- 2018
- Issue Sort Value:
- 2018-2018-2018-0000
- Page Start:
- Page End:
- Publication Date:
- 2018-04-23
- Subjects:
- Computer networks -- Security measures -- Periodicals
Computer security -- Periodicals
Cryptography -- Periodicals
005.805 - Journal URLs:
- http://onlinelibrary.wiley.com/journal/10.1002/(ISSN)1939-0122 ↗
https://www.hindawi.com/journals/scn/ ↗
http://onlinelibrary.wiley.com/ ↗ - DOI:
- 10.1155/2018/2058429 ↗
- Languages:
- English
- ISSNs:
- 1939-0114
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library HMNTS - ELD Digital store
- Ingest File:
- 23558.xml