A security-aware service function chain deployment method for load balance and delay optimization

Network function virtualization (NFV) decouples network functions from hardware devices. However, it introduces security challenges due to its reliance on software, which facilitates attacks. This security problem has a significant negative impact on the interests of users. Existing deployment metho...

Descripción completa

Detalles Bibliográficos
Autores principales: Zhai, Dong, Meng, Xiangru, Yu, Zhenhua, Hu, Hang, Huang, Tao
Formato: Online Artículo Texto
Lenguaje:English
Publicado: Nature Publishing Group UK 2022
Materias:
Article
Acceso en línea:https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9211053/
https://www.ncbi.nlm.nih.gov/pubmed/35729279
http://dx.doi.org/10.1038/s41598-022-14494-2
_version_ 1784730281375170560
author Zhai, Dong
Meng, Xiangru
Yu, Zhenhua
Hu, Hang
Huang, Tao
author_facet Zhai, Dong
Meng, Xiangru
Yu, Zhenhua
Hu, Hang
Huang, Tao
author_sort Zhai, Dong
collection PubMed
description Network function virtualization (NFV) decouples network functions from hardware devices. However, it introduces security challenges due to its reliance on software, which facilitates attacks. This security problem has a significant negative impact on the interests of users. Existing deployment methods are not suitable for SFC requests with a security demand, causing the use of substrate resources unreasonable and lower acceptance ratio. Moreover, a strict delay requirement is another challenge for NFV. To make the use of the substrate resources more reasonable and reduce the transmission delay, this paper proposes a security-constraint and function-mutex-constraint consolidation (SFMC) method for virtual network function (VNF) to reduce resource consumption and transmission delay. In addition, a security-aware service function chain (SASFC) deployment method for load balance and delay optimization is presented, which deploys service function chains according to the consolidated results of the SFMC method. The SASFC method first obtains a candidate server node set using resource, hosting capacity, security and node load constraints. It then obtains candidate paths according to the metric of the minimum transmission delay and link load constraint using the Viterbi algorithm. Finally, the path with the highest VNF security level match degree among the candidate paths is adopted to deploy virtual links, and the corresponding server nodes are employed to deploy VNFs. As a result, the SASFC method makes the use of substrate resources more reasonable. It improves the acceptance ratio and long-term average revenue to cost ratio, reduces transmission delay, and achieves load balancing. Experiment results show that when the number of VNFs is five, the acceptance ratio and long-term average revenue to cost ratio of the SASFC method are close to 0.75 and 0.88, which are higher than those of the compared methods. Its transmission delay and proportion of bottleneck nodes are 7.71 and 0.024, which are lower than those of the compared methods. The simulations demonstrate the effectiveness of the SASFC method.
format Online
Article
Text
id pubmed-9211053
institution National Center for Biotechnology Information
language English
publishDate 2022
publisher Nature Publishing Group UK
record_format MEDLINE/PubMed
spelling pubmed-92110532022-06-22 A security-aware service function chain deployment method for load balance and delay optimization Zhai, Dong Meng, Xiangru Yu, Zhenhua Hu, Hang Huang, Tao Sci Rep Article Network function virtualization (NFV) decouples network functions from hardware devices. However, it introduces security challenges due to its reliance on software, which facilitates attacks. This security problem has a significant negative impact on the interests of users. Existing deployment methods are not suitable for SFC requests with a security demand, causing the use of substrate resources unreasonable and lower acceptance ratio. Moreover, a strict delay requirement is another challenge for NFV. To make the use of the substrate resources more reasonable and reduce the transmission delay, this paper proposes a security-constraint and function-mutex-constraint consolidation (SFMC) method for virtual network function (VNF) to reduce resource consumption and transmission delay. In addition, a security-aware service function chain (SASFC) deployment method for load balance and delay optimization is presented, which deploys service function chains according to the consolidated results of the SFMC method. The SASFC method first obtains a candidate server node set using resource, hosting capacity, security and node load constraints. It then obtains candidate paths according to the metric of the minimum transmission delay and link load constraint using the Viterbi algorithm. Finally, the path with the highest VNF security level match degree among the candidate paths is adopted to deploy virtual links, and the corresponding server nodes are employed to deploy VNFs. As a result, the SASFC method makes the use of substrate resources more reasonable. It improves the acceptance ratio and long-term average revenue to cost ratio, reduces transmission delay, and achieves load balancing. Experiment results show that when the number of VNFs is five, the acceptance ratio and long-term average revenue to cost ratio of the SASFC method are close to 0.75 and 0.88, which are higher than those of the compared methods. Its transmission delay and proportion of bottleneck nodes are 7.71 and 0.024, which are lower than those of the compared methods. The simulations demonstrate the effectiveness of the SASFC method. Nature Publishing Group UK 2022-06-21 /pmc/articles/PMC9211053/ /pubmed/35729279 http://dx.doi.org/10.1038/s41598-022-14494-2 Text en © The Author(s) 2022 https://creativecommons.org/licenses/by/4.0/Open Access This article is licensed under a Creative Commons Attribution 4.0 International License, which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence, and indicate if changes were made. The images or other third party material in this article are included in the article's Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the article's Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. To view a copy of this licence, visit http://creativecommons.org/licenses/by/4.0/ (https://creativecommons.org/licenses/by/4.0/) .
spellingShingle Article
Zhai, Dong
Meng, Xiangru
Yu, Zhenhua
Hu, Hang
Huang, Tao
A security-aware service function chain deployment method for load balance and delay optimization
title A security-aware service function chain deployment method for load balance and delay optimization
title_full A security-aware service function chain deployment method for load balance and delay optimization
title_fullStr A security-aware service function chain deployment method for load balance and delay optimization
title_full_unstemmed A security-aware service function chain deployment method for load balance and delay optimization
title_short A security-aware service function chain deployment method for load balance and delay optimization
title_sort security-aware service function chain deployment method for load balance and delay optimization
topic Article
url https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9211053/
https://www.ncbi.nlm.nih.gov/pubmed/35729279
http://dx.doi.org/10.1038/s41598-022-14494-2
work_keys_str_mv AT zhaidong asecurityawareservicefunctionchaindeploymentmethodforloadbalanceanddelayoptimization
AT mengxiangru asecurityawareservicefunctionchaindeploymentmethodforloadbalanceanddelayoptimization
AT yuzhenhua asecurityawareservicefunctionchaindeploymentmethodforloadbalanceanddelayoptimization
AT huhang asecurityawareservicefunctionchaindeploymentmethodforloadbalanceanddelayoptimization
AT huangtao asecurityawareservicefunctionchaindeploymentmethodforloadbalanceanddelayoptimization
AT zhaidong securityawareservicefunctionchaindeploymentmethodforloadbalanceanddelayoptimization
AT mengxiangru securityawareservicefunctionchaindeploymentmethodforloadbalanceanddelayoptimization
AT yuzhenhua securityawareservicefunctionchaindeploymentmethodforloadbalanceanddelayoptimization
AT huhang securityawareservicefunctionchaindeploymentmethodforloadbalanceanddelayoptimization
AT huangtao securityawareservicefunctionchaindeploymentmethodforloadbalanceanddelayoptimization

Ejemplares similares