博碩士論文 103525008 詳細資訊




以作者查詢圖書館館藏 以作者查詢臺灣博碩士 以作者查詢全國書目 勘誤回報 、線上人數:26 、訪客IP:54.80.140.5
姓名 張鈺(Yu Chang)  查詢紙本館藏   畢業系所 軟體工程研究所
論文名稱 基於SVM之訊務分類機制及其於SDN網路之應用
(SVM-based Classification Mechanism and Its Application in SDN Networks)
檔案 [Endnote RIS 格式]    [Bibtex 格式]    至系統瀏覽論文 ( 永不開放)
摘要(中) 近年來,由於行動寬頻、行動寬頻和物聯網的蓬勃發展,使得各式各樣的智慧型裝置普及,使用者對於網路服務即時處理能力及多樣化的服務需求也大幅提升,進而引發了更龐大更複雜的網路服務及資源使用量,加上企業面臨處理巨量資料( Big data )的需求,使得傳統網路服務的架構已無法滿足新興服務快速變動網路架構的需求。軟體定義網路( Software Defined Network, SDN )與網路功能虛擬化( Network Functions Virtualization, NFV )這兩項概念被提出,將實體複雜的網路架構轉變成虛擬、可程式化與標準化的架構,降低網路的複雜度,為傳統網路架構帶來重大的變革。而目前許多應用程式訊務封包都隱藏於超文件傳輸協定( HyperText Transfer Protocol,HTTP )與超文字傳輸安全協定( Hypertext Transfer Protocol Secure,HTTPS ),使得網路安全備受質疑。因此本論文設計基於SVM的STIC機制並應用於SDN架構,透過SDN網路集中管理與可程式化設計,分類應用程式訊務並使用VLAN技術分流網路應用程式訊務,有效減少骨幹鏈路傳輸負擔,讓網路管理者能更彈性配置網路,甚至能限制使用者可使用之應用程式,達到有效利用服務資源,減少資源浪費與配置成本,提升網路安全與服務品質。而本論文提出之STIC機制採用以特徵為基礎的預先定義分類演算法結合機器學習的支持向量機演算法,識別各種網路服務之訊務類型,包括主從式架構的Facebook、YouTube與Line等以及點對點架構的Skype、BitTorrent等等,還能透過採用決策樹方法針對特定訊務類型,進行不同層級的分類。STIC機制針對分類YouTube訊務類型有高達99%的準確率,在針對YouTube區分影音內容長度及畫質也可達到超過92%的準確度。
摘要(英) In recent year, as growth of the cloud computing, mobile broadband network, and Internet-of-Things technology, user requirements for network services, real-time data processing and resource management are becoming more and more diverse. The popularity of smart devices and big data is causing a considerable demand of network resources allocation and management. The Software-Defined Networking (SDN) and Network Functions Virtualization (NFV), two new network concepts have been proposed. SDN and NFV technologies are not only transforming network infrastructure from complicated physical entities to virtual and programmable nodes, but also centralizing the network control to decrease the complexity of network topology. Network security is being questioned because many application traffic hidden in the HTTP and HTTPS protocol, so SVM-based Internet Traffic Identification and Classification (STIC) are proposed to identify application traffic. STIC through the programmable nature of SDN architecture makes network easier to design, deploy, manage, reduce the waste of network resource, costs, and promote network security and quality of service. In this paper, STIC mechanism, using the signature-based scheme with the machine learning algorithms of support vector machine, is addressed to classify a variety of network service traffic such as Facebook, Line, YouTube, Skype and BitTorrent etc. STIC mechanism can not only classify about 99% YouTube traffic type but also classify over 92% about different YouTube streaming length and quality based on decision tree methods.
關鍵字(中) ★ 軟體定義網路
★ OpenFlow
★ 網路功能虛擬化
★ 支持向量機
★ 訊務分類
關鍵字(英) ★ SDN
★ OpenFlow
★ NFV
★ Support Vector Machine
★ Traffic Classification
論文目次 摘要 i
Abstract ii
誌謝 iii
目錄 iv
圖目錄 vi
表目錄 ix
第一章 緒論 1
1.1 概要 1
1.2 研究動機 3
1.3 研究目的 5
1.4 論文架構 6
第二章 背景知識與相關研究 7
2.1 Software-Defined Network and OpenFlow 7
2.2 網路功能虛擬化技術 12
2.3 訊務識別與分類技術 14
2.4 多元類別支持向量機 16
2.5 相關文獻比較 21
第三章 研究方法 24
3.1 系統架構與設計 24
3.1.1 基於SVM之訊務識別與分類機制 26
3.1.2 SDN網路分流之管理系統 31
3.2 系統運作流程與機制 34
3.2.1 系統假設與資料符號表定義 34
3.2.2 系統模組運作流程 36
3.2.3 STIC機制與其應用於SDN網路分流管理系統功能運作流程 41
第四章 實驗與討論 46
4.1 實驗環境與評量指標 46
4.2 情境一:最佳特徵集合與分類模型參數選擇 51
4.2.1 實驗一:單向與雙向Flow對於前N個封包數量之準確率變化 51
4.2.2 實驗二:不同資訊集合之最佳特徵集合與模型相關參數 52
4.3 情境二:決策樹方法之SVM分類模型評估 54
4.3.1 實驗三:單向與雙向Flow對於YouTube訊務分類模型評估 55
4.3.2 實驗四:單向與雙向Flow分類YouTube長度與畫質之準確率變化 55
4.4 情境三:不同資料集合之分類模型評估與比較 56
4.4.1 實驗五:單向與雙向Flow分類常見主從式架構訊務模型評估 56
4.4.2 實驗六:單向與雙向Flow分類常見主從式與點對點訊務之模型評估 59
4.4.3 實驗七:單向與雙向Flow分類多種類型之應用程式訊務評估 61
4.4.4 實驗八:分類模型動態更新時間評估 63
4.5 情境四:SDN網路分流之管理系統討論 65
4.5.1 實驗九: VLAN 標籤附加與分流管理應用於YouTube 65
4.5.2 實驗十:SDN網路分流管理系統之流量 67
4.5.1 實驗十一:SDN網路分流管理系統使用鏡像封包之影響 68
4.6 情境五:STIC機制與相關研究之比較 69
4.6.1 實驗十二:STIC機制與相關研究之準確率比較 71
第五章 結論與未來研究方向 73
5.1 結論 73
5.2 未來研究 74
參考文獻 76
參考文獻 [1] ONF, ′SDN Architecture Overview′, 2014. [Online]. Available: https://www.opennetworking.org/images/stories/downloads/sdn-resources/technical-reports/SDN-architecture-overview-1.0.pdf. [Accessed: 13- July-2016].
[2] "Open Networking Foundation," Available: https://www.opennetworking.org/.
[3] ONF, "Software-Defined Networking: The New Norm for Networks.," April-13-2012, .
[4] ONF, ′OpenFlow>>What is OpenFlow?′, [Online]. Available: http://archive.openflow.org/wp/learnmore/. [Accessed: 13- Jul-2016].
[5] ONF, ′OF Config, OpenFlow management and configuration protocol′, 2013. [Online]. Available: https://www.opennetworking.org/images/stories/downloads/sdn-resources/onf-specifications/openflow-config/of-config-1.2.pdf. [Accessed: 13- Jul-2016].
[6] ONF, ′OpenFlow Switch Specification′, 19-Dec-2014. [Online]. Available: https://www.opennetworking.org/images/stories/downloads/sdn-resources/onf-specifications/openflow/openflow-switch-v1.5.0.noipr.pdf. [Accessed: 13- Jul-2016].
[7] ′Overview - CS244 Wiki′, 2015. [Online]. Available: http://yuba.stanford.edu/cs244wiki/index.php/Overview. [Accessed: 22-Jul-2016].
[8] N. Gude, T. Koponen, J. Pettit, B. Pfaff, M. Casado, N. McKeown, et al., "NOX: towards an operating system for networks," ACM SIGCOMM Computer Communication Review, vol. 38, pp. 105-110, 2008.

[9] ′About POX′, 2015. [Online]. Available: http://www.noxrepo.org/pox/about-pox/. [Accessed: 13-Jul-2015].
[10] ′Floodlight OpenFlow Controller′, 2016. [Online]. Available: http://www.projectfloodlight.org/floodlight/. [Accessed: 13-Jul-2016].
[11] ′OpenDaylight′, 2016. [Online]. Available: https://www.opendaylight.org/. [Accessed: 13-Jul-2016].
[12] ′Open Network Operating System′, 2015. [Online]. Available: http://onosproject.org/. [Accessed: 13-Jul-2016].
[13] ′Ryu SDN Framework′, 2016. [Online]. Available: https://osrg.github.io/ryu/. [Accessed: 13-Jul-2016].
[14] B. Schölkopf, J. C. Platt, J. Shawe-Taylor, A. J. Smola, and R. C. Williamson, "Estimating the support of a high-dimensional distribution," Neural computation, vol. 13, pp. 1443-1471, 2001.
[15] J. Zheng and Y. Xu, "Identification of network traffic based on support vector machine," in 2010 3rd International Conference on Advanced Computer Theory and Engineering (ICACTE), 2010, pp. V3-286-V3-290.
[16] C.-C. Chang and C.-J. Lin, "LIBSVM: a library for support vector machines," ACM Transactions on Intelligent Systems and Technology (TIST), vol. 2, p. 27, 2011.
[17] K. Bennett and A. Demiriz, "Semi-supervised support vector machines," Advances in Neural Information processing systems, pp. 368-374, 1999.
[18] N. Cristianini, "Support vector and kernel machines," Tutorial at ICML, 2001.
[19] C. Cortes and V. Vapnik, "Support-vector networks," Machine learning, vol. 20, pp. 273-297, 1995.
[20] T. Joachims, ′Multi-Class Support Vector Machine′, [Online]. Available: https://www.cs.cornell.edu/people/tj/svm_light/svm_multiclass.html. [Accessed: 13- Jul-2016].
[21] H.-M. An, M.-S. Kim, and J.-H. Ham, "Application traffic classification using statistic signature," in APNOMS, 2013, pp. 1-6.
[22] G. Gómez Sena and P. Belzarena, "Early traffic classification using support vector machines," in Proceedings of the 5th International Latin American Networking Conference, 2009, pp. 60-66.
[23] H. A. H. Ibrahim, S. M. Nor, and H. A. Jamil, "Online hybrid internet traffic classification algorithm based on signature statistical and port methods to identify internet applications," in Control System, Computing and Engineering (ICCSCE), 2013 IEEE International Conference on, 2013, pp. 185-190.
[24] Z. Xusheng, "A p2p traffic classification method based on svm," in Computer Science and Computational Technology, 2008. ISCSCT′08. International Symposium on, 2008, pp. 53-57.
[25] Y. Li and J. Li, "MultiClassifier: A combination of DPI and ML for application-layer classification in SDN," in Systems and Informatics (ICSAI), 2014 2nd International Conference on, 2014, pp. 682-686.
[26] N. Brownlee, C. Mills, and G. Ruth, "Traffic flow measurement: Architecture," Traffic, 1999.
[27] J. Rajahalme, A. Conta, B. E. Carpenter, and S. E. Deering, "RFC 3697: IPv6 Flow Label Specification, mar 2004," ed.
[28] J. Makhoul, F. Kubala, R. Schwartz, and R. Weischedel, "Performance measures for information extraction," in Proceedings of DARPA broadcast news workshop, 1999, pp. 249-252.

[29] A. M. Molinaro, R. Simon, and R. M. Pfeiffer, "Prediction error estimation: a comparison of resampling methods," Bioinformatics, vol. 21, pp. 3301-3307, 2005.
[30] T. T. team, ′TCPDUMP & LIBPCAP′, 2015. [Online]. Available: http://www.tcpdump.org/. [Accessed: 14-Jul-2016].
[31] ′Wireshark Go Deep′, 2016. [Online]. Available: https://www.wireshark.org/. [Accessed: Jul-13-2016].
[32] K. Phemius, M. Bouet, and J. Leguay, "DISCO: Distributed multi-domain SDN controllers," in 2014 IEEE Network Operations and Management Symposium (NOMS), 2014, pp. 1-4.
[33] 李宜璟, "基於SDN的阻斷式服務攻擊之減緩應用於負載平衡服務," 資訊工程學系, 國立中央大學, 2014.
[34] 周新堯, "基於SDN的網路功能資源管理與服務功能鏈," 資訊工程學系, 國立中央大學, 2015.
[35] 黃楚堯, "基於軟體定義網路與網路服務鏈的動態路 徑調整及伺服器負載平衡," 資訊工程學系, 國立中央大學, 2014.
指導教授 周立德(Li-Der Chou) 審核日期 2016-8-29
推文 facebook   plurk   twitter   funp   google   live   udn   HD   myshare   reddit   netvibes   friend   youpush   delicious   baidu   
網路書籤 Google bookmarks   del.icio.us   hemidemi   myshare   

若有論文相關問題,請聯絡國立中央大學圖書館推廣服務組 TEL:(03)422-7151轉57407,或E-mail聯絡  - 隱私權政策聲明