2023年5月JournalonCommunicationsMay2023第44卷第5期通信学报Vol.44No.5基于深度强化学习的软件定义安全中台QoS实时优化算法李元诚,秦永泰(华北电力大学控制与计算机工程学院,北京102206)摘要:针对软件定义安全场景中的服务质量(QoS)实时优化方案因安全防护手段与业务场景不匹配而导致的适用困难和性能下降的问题,提出了基于深度强化学习的软件定义安全中台QoS实时优化算法。首先,将碎片化的安全需求与安全基础设施统一到软件定义安全中台云模型中;然后,通过深度强化学习结合云计算技术提高安全中台的实时匹配和动态适应能力;最后,生成满足QoS目标的安全中台资源实时调度策略。实验结果表明,与现有实时算法相比,所提算法不但保证负载均衡,还提高了18.7%的作业调度成功率以提高服务质量,降低了34.2%的平均响应时间,具有很好的稳健性,更适用于实时环境。关键词:软件定义安全;深度强化学习;安全中台;服务质量中图分类号:TP393文献标志码:ADOI:10.11959/j.issn.1000−436x.2023090Deepreinforcementlearningbasedalgorithmforreal-timeQoSoptimizationofsoftware-definedsecuritymiddleplatformLIYuancheng,QINYongtaiSchoolofControlandComputerEngineering,NorthChinaElectricPowerUniversity,Beijing102206,ChinaAbstract:Toovercometheproblemthatthereal-timeoptimizationofthequalityofservice(QoS)insoftware-definedsecurityscenarioswashinderedbythemismatchbetweensecurityprotectionmeasuresandbusinessscenarios,whichledtodifficultiesinapplicationandperformancedegradation.,anovelalgorithmbasedondeepreinforcementlearningforoptimizingQoSinsoftwaredefinedsecuritymiddleplatforms(SDSmp)inreal-timewasproposed.Firstly,thefrag-mentedsecurityrequirementsandinfrastructurewereintegratedintotheSDSmpcloudmodel.Thenbyleveragingthepowerofdeepreinforcementlearningandcloudcomputingtechnology,thereal-timematchinganddynamicadaptationcapabilitiesofthesecuritymiddleplatformwereenhanced.Finally,areal-timeschedulingstrategyforsecuritymiddleplatformresourcesthatmeetQoSgoalswasgenerated.Experimentalresultsdemonstratethatcomparedtoexistingreal-timemethods,theproposedalgorithmnotonlyensuresloadbalancingbutalsoimprovesjobsuccessrateby18.7%forhighQoSandreducestheaverag...
