摘要
基于软件定义网络架构的物联网(SDN-IoT)顺应了物联网从软件上实现网络功能的发展趋势,但随着网络应用服务需求的类型与数量日益剧增,物联网易受攻击设备数量不断增加,软件定义网络自身特性带来更多更新的安全威胁.具有去中心化、交易安全性等特性的区块链技术为保证SDN-IoT网络的安全性提供新的思路与策略.首先从物联网、软件定义网络以及两者结合的3个方面来解析SDN-IoT面临的安全风险与网络攻击,讨论引入区块链后所能解决的问题;对现有基于区块链的SDN-IoT安全架构进行梳理,并从部署区块链的网络层面进行分类.此外,分别针对数据安全、通信安全、软件定义网络控制安全、节点安全和特有攻击,对现有解决方案及最新研究进展进行全面介绍.最后结合现有的解决思路,从技术融合、区块链自身安全、架构完善等3方面,分析基于区块链的SDN-IoT网络安全的研究方向与挑战.
The Internet of Things(IoT)based on software-defined networking(SDN),called SDN-IoT,conforms to the trend of the IoT to provide network functions from the software aspect.However,with the increasing demand for diversified network application services,the number of vulnerable IoT devices is increasing,and more and newer security threats are emerging due to the SDN′s characteristics.Blockchain technology with the characteristics such as decentralization and transaction security,provides new ideas and strategies to ensure the network security of SDN-IoT.Firstly,this paper analyzes the security risks and network attacks faced by SDN-IoT from three aspects of IoT,SDN,and the combination of them,and discusses the issues that can be solved by leveraging the blockchain technology.And then,the existing SDN-IoT security architectures based on blockchain are summarized and classified from the perspective of the blockchain-deployed network layers.Furthermore,this paper summarizes existing solutions and recent research from the perspective of network security vulnerability,and divides them into data security,communication security,SDN control security,node security,and specific attacks.In the end,combined with the existing solutions,this paper analyzes the research directions and challenges of SDN-IoT network security based on blockchain from the aspects of technology integration,blockchain security,and perfect architecture.
作者
唐菀
张艳
杨喜敏
陈健
刘宇宸
TANG Wan;ZHANG Yan;YANG Xi-min;CHEN Jian;LIU Yu-chen(School of Computer Science,South-Central Minzu University,Wuhan 430074,China;Electronic Information School,Wuhan University,Wuhan 430072,China)
出处
《小型微型计算机系统》
CSCD
北大核心
2022年第10期2179-2199,共21页
Journal of Chinese Computer Systems
基金
国家自然科学基金项目(61902437)资助
湖北省自然科学基金一般面上项目(2020CFB629)资助
中南民族大学中央高校基本科研业务专项资金项目(CZY22016)资助.
关键词
物联网
软件定义网络
区块链
网络安全
Internet of Things(IoT)
software-based networking(SDN)
blockchain
network security
