Abstract
Network Function Virtualization (NFV) is a technology that separates software from hardware, NFV increases the manageability, scalability, and flexibility of network function configuration. However, with these conveniences, it is the scheduling and management of complex virtual network resources created by NFV. The key to these problems is the deployment of the Service Function Chain (SFC). There are two major problems in SFC deployment: 1) Complexity of resource scheduling. 2) Vulnerability of SFC. To solve the above problems, we propose a risk-aware SFC deployment method. LSTM (Long Short-Term Memory) is used to predict possible attacks, and DQN (Deep Q Network) uses its results to complete SFC deployments. Our model is validated in a simulation network. The results show that proposed risk-aware SFC deployment is significantly better than traditional resource-oriented deployment in terms of network elasticity, and is not inferior to it in terms of latency.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Bari, M.F., Chowdhury, S.R., Ahmed, R., Boutaba, R.: On orchestrating virtual network functions. In: 2015 11th International Conference on Network and Service Management (CNSM), pp. 50–56. IEEE (2015)
Fang, X., Xu, M., Xu, S., Zhao, P.: A deep learning framework for predicting cyber attacks rates. EURASIP J. Inf. Secur. 2019(1), 1–11 (2019)
Farris, I., Taleb, T., Khettab, Y., Song, J.: A survey on emerging SDN and NFV security mechanisms for IoT systems. IEEE Commun. Surv. Tutor. 21(1), 812–837 (2018)
Fischer, A., Botero, J.F., Beck, M.T., De Meer, H., Hesselbach, X.: Virtual network embedding: a survey. IEEE Commun. Surv. Tutor. 15(4), 1888–1906 (2013)
Husák, M., Komárková, J., Bou-Harb, E., Čeleda, P.: Survey of attack projection, prediction, and forecasting in cyber security. IEEE Commun. Surv. Tutor. 21(1), 640–660 (2018)
Jeong, S., Kim, H., Yoo, J.H., Hong, J.W.K.: Machine learning based link state aware service function chaining. In: 2019 20th Asia-Pacific Network Operations and Management Symposium (APNOMS), pp. 1–4. IEEE (2019)
Kim, S.I., Kim, H.S.: A research on dynamic service function chaining based on reinforcement learning using resource usage. In: 2017 Ninth International Conference on Ubiquitous and Future Networks (ICUFN), pp. 582–586. IEEE (2017)
Lee, D., Yoo, J.H., Hong, J.W.K.: Q-learning based service function chaining using VNF resource-aware reward model. In: 2020 21st Asia-Pacific Network Operations and Management Symposium (APNOMS), pp. 279–282. IEEE (2020)
Luizelli, M.C., Bays, L.R., Buriol, L.S., Barcellos, M.P., Gaspary, L.P.: Piecing together the NFV provisioning puzzle: efficient placement and chaining of virtual network functions. In: 2015 IFIP/IEEE International Symposium on Integrated Network Management (IM), pp. 98–106. IEEE (2015)
Ourston, D., Matzner, S., Stump, W., Hopkins, B.: Applications of hidden Markov models to detecting multi-stage network attacks. In: Proceedings of the 36th Annual Hawaii International Conference on System Sciences, pp. 10–pp. IEEE (2003)
Pandey, S., Hong, J.W.K., Yoo, J.H.: Q-learning based SFC deployment on edge computing environment. In: 2020 21st Asia-Pacific Network Operations and Management Symposium (APNOMS), pp. 220–226. IEEE (2020)
Pandey, S., Van Nguyen, T., Yoo, J.H., Hong, J.W.K.: EdgeDQN: multiple SFC placement in edge computing environment. In: 2021 17th International Conference on Network and Service Management (CNSM), pp. 301–309. IEEE (2021)
Shen, Y., Mariconti, E., Vervier, P.A., Stringhini, G.: Tiresias: predicting security events through deep learning. In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, pp. 592–605 (2018)
Sun, X., Dai, J., Liu, P., Singhal, A., Yen, J.: Using Bayesian networks for probabilistic identification of zero-day attack paths. IEEE Trans. Inf. Forensics Secur. 13(10), 2506–2521 (2018)
Wang, J., Yi, Y., Zhang, H., Cao, N.: Network attack prediction method based on threat intelligence. In: Sun, X., Pan, Z., Bertino, E. (eds.) ICCCS 2018. LNCS, vol. 11065, pp. 151–160. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-00012-7_14
Xu, C., Zhang, T., Kuang, X., Zhou, Z., Yu, S.: Context-aware adaptive route mutation scheme: a reinforcement learning approach. IEEE Internet Things J. 8(17), 13528–13541 (2021)
Yue, Y., Cheng, B., Li, B., Wang, M., Liu, X.: Throughput optimization VNF placement for mapping SFC requests in MEC-NFV enabled networks. In: Proceedings of the 26th Annual International Conference on Mobile Computing and Networking, pp. 1–3 (2020)
Zhang, T., Kuang, X., Zhou, Z., Gao, H., Xu, C.: An intelligent route mutation mechanism against mixed attack based on security awareness. In: 2019 IEEE Global Communications Conference (GLOBECOM), pp. 1–6. IEEE (2019)
Zhang, T., Xu, C., Zhang, B., Shen, J., Kuang, X., Grieco, L.A.: Toward attack-resistant route mutation for VANETs: an online and adaptive multiagent reinforcement learning approach. IEEE Trans. Intell. Transp. Syst. 23, 23254–23267 (2022)
Zhang, T., et al.: How to mitigate DDOS intelligently in SD-IOV: a moving target defense approach. IEEE Trans. Ind. Inform. 19, 1097–1106 (2022)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Zou, P., Yang, S., Zhang, T., Wei, S. (2023). Risk-Aware SFC Placement Method in Edge Cloud Environment. In: Quan, W. (eds) Emerging Networking Architecture and Technologies. ICENAT 2022. Communications in Computer and Information Science, vol 1696. Springer, Singapore. https://doi.org/10.1007/978-981-19-9697-9_9
Download citation
DOI: https://doi.org/10.1007/978-981-19-9697-9_9
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-19-9696-2
Online ISBN: 978-981-19-9697-9
eBook Packages: Computer ScienceComputer Science (R0)