Research And Implement Of Network Attack And Defense Platform Based On SDN

Network technology has developed rapidly in recent years. It allows users’ quick access to information and services and bring about more and more Upper-layer applications and constant changes of Net-service model. Development from internet to internet of things turns to be a big trend. However, along with a variety of terminal equipment and APP coming out, the risk of terminal equipment being attacked by network increases. Traditional architecture of network attack and defense platforms are generally used physical servers and physical network deployment, which leads to a common problem:faster replacement of between physical servers and traditional switches results in high cost and power consumption deploy network attack and defense platforms, hindering the rapid development of network attack and defense platform architecture and technology. Network attack and defense is like spear and shield, lag of network attack and defense platform technology will affect ability to respond to cyber attacks.Server virtualization technology brings liberation of physical servers:not only the data center business is no longer confined to certain physical servers, but also the architecture of the data center has undergone tremendous change; Under nowadays trend of environmental protection, it saves not only cost, but also resources; It is one of the key technologies of cloud computing platforms. Based on Linux kernel, virtualization technology, Represented by KVM (Kernel Virtual Machine) largely reduces the difficulty in build of server-based virtualization technology platform, More important is that KVM is an open source virtualization solution with a large number of mature development API, which reduces both threshold and costs of development.In the traditional network architecture, forwarding rules of underlying flow,forwarded either by MAC address or by IP routing and forwarding address, is transparent on top of the business; Transparency brings convenience to upper services, but also creates obstacles for upper-demand business network resources, and at the same time network maintenance and expansion becomes inconvenient. Network virtualization technology flourishes in recent years, it decouples control plane and physical resources of network, allowing multiple virtual networks to share a physical network and underlay network and overlay network working independently, which make network construction and maintenance easier. Software Defined Networking (Software Defined Network, SDN) as a new network architecture, aims to enable top business application to control and use of the underlying network resources directly. Network resource utilization has been greatly improved and Investment cost network solution is also greatly reduced which largely increases network flexibility and control nature. SDN’s core idea is separation of control plane and forwarding plane. SDN has a good network programmability:control plane, not bound by any programming language; forwarding plane, compatible with mainstream physical switches and virtual switch. SDN architecture is divided into northbound interface (NBI) and southbound interface (SBI).NBI is an interacting interface between the controller and the upper application. Mainstream SDN solution provider enables users to develop their own APP easily by offering two programming interfaces API:API which based interface controller itself and REST (Representation State Transfer, characterizing state transfer) API. SBI is interactive interface between SDN control plane and forwarding device, being used for unified control of bottom forwarding devices. Currently, SDN mainstream SBI protocols are OpenFlow and OF-CONFIG, OpenFlow is one of the most extensive used protocol in physical switches and virtual forwarding device is the de facto standard of SDN SBI.This thesis firstly analyzes technology of the existing network attack and defense platforms. Based on existing technology and deeply understanding of up-to-date server virtualization and network technology, thesis proposes a new network attack and defense architecture platform ----SDN-based network attack and defense platform. SDN-based network attack and defense platform offer a good solution to dependence of traditional network hardware platform and owns good scalability by using mature open source technology. The platform is based on server and network virtualization technology, largely reducing cost of build network attack and defense platform. It not only facilitates teachers’ teaching and students learning, but also greatly enhances the students’ interest in network attack and defense technology. The platform is based on the new network architecture--SDN, it also provides a safe experimental environment for our study of SDN security and paves a good way for future research.