Your search keyword '"Bohan He"' showing total 3 results

1. Dynamic Policy Deployment in SDN Switch Based on Monitoring and Analysis of User Behaviors

Author

Dong Ligang, Jing Zhou, Bohan He, Long Chen, Victor C. M. Leung, Weiming Wang, and Yunfei Zhang

Subjects

Dynamic network analysis, Computer science, business.industry, Network security, 020206 networking & telecommunications, 02 engineering and technology, Security policy, Data acquisition, Software deployment, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, business, Software-defined networking, Cluster analysis, Computer network

Abstract

With the rapid development of network technologies, many new technologies, such as Software Defined Network (SDN), are applied to firewalls to manage network security. However, current SDN firewalls cannot automatically change security policies according to dynamic network status or deploy personalized policy based on user identities. In this paper, we design a special SDN switch that incorporates a traffic acquisition module and a data analysis module. According to the traffic patterns caused by different user behaviors, the proposed switch could recognize the user identities by statistical analysis and clustering analysis, and automatically deploy corresponding network policies. Experiments conducted over an OpenvSwitch showed the proposed SDN switch could accurately identify three kinds of users and apply respective flow tables successfully.

Published

2018

2. Research on Network Policy Combination and Conflict Detection in SDN

Author

Weiming Wang, Ligang Dong, Huafei Zhang, Fei Shuocheng, Tijie Xu, and Bohan He

Subjects

Software deployment, business.industry, Computer science, Network packet, 0202 electrical engineering, electronic engineering, information engineering, Network security policy, Combination algorithm, 020206 networking & telecommunications, 020207 software engineering, 02 engineering and technology, Software engineering, business, Computer network

Abstract

Since the current SDN southbound interface level is low and programming situation is complex, it requires a high-level abstract programming language to simplify programming. First, this paper improves the NetCore programming language to generate NetCore-M language, so that it can support deployment of multi-policies combination including packet drop action. This paper describes in detail the syntax, semanteme, and implementation of NetCore-M language. Secondly, this paper describes the network policy conflict systematically and solves it. Finally, this paper shows that the modified multi-policies combination algorithm can effectively detect and prompt policies conflicts based on the implementation of the Pyretic project.

Published

2016

3. Research on network programming language and policy conflicts for SDN

Author

Huafei Zhang, Weiming Wang, Tijie Xu, Bohan He, Fei Shuocheng, and Ligang Dong

Subjects

Computer Networks and Communications, Computer science, Programming language, 020207 software engineering, 02 engineering and technology, computer.software_genre, Programming language implementation, Computer Science Applications, Theoretical Computer Science, Computer network programming, Computational Theory and Mathematics, Software deployment, Programming language specification, 0202 electrical engineering, electronic engineering, information engineering, Programming paradigm, Network security policy, 020201 artificial intelligence & image processing, Software-defined networking, computer, Software

Abstract

Summary Through network programmability, software defined network can simplify network control and management. Since the current software defined network southbound interface level is low and programming situation is complex, it requires a high-level abstract programming language to simplify programming. First, this paper improves the NetCore programming language to generate NetCore-M language, so that it can support deployment of multipolicies combination including packet drop action. This paper describes in detail the syntax, semanteme, and implementation of NetCore-M language forwarding policy service. Secondly, this paper describes the network policy conflict systematically. Finally, this paper shows that the modified multipolicies combination algorithm can effectively detect policies conflicts based on the implementation of the Pyretic project.

Published

2017