Availability-oriented And Security-Oriented Network Slicing Resource Adjustment Mechod

5G applies Network Function Virtualization(NFV)to build core network slices and realize flexible networking through the combination of Virtual Network Function(VNF).The virtualization of 5G architecture breaks the traditional physical network provisioning model and brings great flexibility in resource adjustment,but it also raises the issues of reduced software and hardware availability and the inapplicability of security defense technologies centered on physical network.Cost-effective availability assurance under the new architecture is a challenge for network slicing deployment management.In addition,after the mapping of slices to physical networks is completed,how to defend against network attacks in open shared environments is another challenge for network slicing resource management research.Current approaches on availability assurance are mainly oriented toward random failures of VNFs,and redundant backups are used to improve system availability.Most of the studies focus on reducing backup costs and improving backup efficiency,without paying attention to the security isolation requirements of the new 5G architecture.In terms of defending against network attacks,the traditional way of modifying physical servers has great limitations and cannot cope with differentiated network attacks.To address the above background and problems,this paper proposes a slicing availability guarantee method based on multi-level isolation and a VNF migration method oriented to security defense.The main work is as follows:(1)Slicing availability assurance method based on multi-level isolation.This method uses backup to complete availability assurance and combines the isolation mechanism and resource sharing of 5G slices to improve slicing robustness and reduce resource cost while achieving availability assurance.To address the slice backup problem,this paper first proposes an isolation level evaluation model to evaluate the isolation level of VNFs,and then proposes a backup algorithm based on multi-level isolation.In addition,for the PP-Complete problem of shared backup availability calculation,a calculation method based on equivalent backup instances is proposed.Simulation results show that the multi-level isolation introduced by this method can double the robustness of slicing.Comparison with existing studies shows that the proposed method in this paper can reduce resource consumption by 20%-70%and improve the effective resource share by 5%～30%under the same isolation constraint and availability target.(2)Security-oriented VNF migration method.In this paper,we propose a VNF migration method based on proximal policy optimization(PPO)algorithm,which is an improved reinforcement learning method.We use the idea of moving target defense to secure slices and avoid the coexistence of VNFs on the same physical server for too long.Using the PPO algorithm in the VNF migration decision process,correct decisions can be made through interactive feedback with the environment during the dynamic changing network.As for the reward function,this paper focuses on reducing the migration resource consumption,as well as considering the negative impact of physical server overload.The simulation evaluation shows that the success rate of the VNF migration method in this paper can eventually reach more than 95%,as well as effectively reduce the migration cost and avoid the occurrence of server overload.To sum up,the availability-oriented and security-oriented network slicing resource adjustment method proposed in this paper can meet the needs of slicing differentiated isolation in the backup process,effectively reduce resource overhead to achieve usability goals;and can complete VNF migration in a cost-effective way through online learning in the process of VNF migration,taking load balancing into account.