Abstract
Deep packet inspection (DPI) is important for network security. In this paper, we consider a software-defined network where several DPI proxy nodes are available for serving flows from ingress switches. These DPI proxy nodes can be implemented in either software or hardware. We study an integrated proxy allocation and routing determining problem with the objective of minimizing the total delay of flows from ingress switches to DPI proxies. This problem is formulated as an integer linear programming problem that is NP-hard in general. To solve this problem, we design a 2-phase algorithm that can quickly select proxy and find routing paths for incoming flows. Finally, extensive simulations are conducted to evaluate the performance of our proposed algorithm. Some useful parameter setting insights are obtained.
| Original language | English |
|---|---|
| Article number | e3967 |
| Journal | Concurrency Computation |
| Volume | 29 |
| Issue number | 16 |
| DOIs | |
| Publication status | Published - 25 Aug 2017 |
| Externally published | Yes |
Keywords
- deep packet inspection, software-defined network, traffic scheduling
ASJC Scopus subject areas
- Theoretical Computer Science
- Software
- Computer Science Applications
- Computer Networks and Communications
- Computational Theory and Mathematics