Моделирование алгоритма аутентификации трафика на стороне контроллера в программно-конфигурируемой сети

Abstract

To ensure efficient and optimal transmission of heterogeneous user traffic in a network, it is necessary to take into account such conditions as frame delay, speed, frequency range, and queue overflow in the Ethernet switch. In software-defined networks (SDN), these conditions can be controlled, which distinguishes SDN from a conventional computer network. SDN is a new paradigm in the field of network telecommunications. Petri nets in SDN modeling can be used to create formal models, which can be checked for correctness and efficiency before being implemented in a real network. Petri nets are also helpful in representing the architecture of SDN in the form of a graph, which improves the understanding and visualization of the SDN work. In this paper, we present a solution to the problem of SDN vulnerability using CPN Tools. We develop an algorithm for traffic authentication on the controller side in SDN to ensure the security of traffic transmission and eliminate man-in-the-middle attacks in SDN. The research aim consists in simulating the proposed algorithm and its verification based on the apparatus of Petri nets. All the components of the model on Petri nets are described. A comparative analysis of algorithms for encryption speed is carried out, and the maximum speed of traffic encryption by the proposed algorithm is revealed.