Over the years, switches and network routers have been compromised frequently, and a lot of vulnerabilities have occurred in network infrastructure. Secure routing (SR) is one of the challenges that currently exists in computer networks. Software-defined networks (SDN) are designed by assuming that routers or switches are trustworthy. In SDN, untrusted devices have resulted in security issues such as traffic analysis, failure to receive information, packet change and removal, inaccurate routing, and network downtime. Using encryption methods is a possible solution to deal with some of these problems, but it requires additional infrastructure as well as significant overhead at runtime. One of the most trusted routing methods is through replicated devices (switches or routers). Recently we have seen less attention given to the number of replicated devices in SR. In this paper, the problem of SR is converted into a multi-objective optimization problem, considering the reliability of different manufacturers and SR with untrusted devices is performed. To this end, a mathematical model is provided to study the objectives of maximum reliability and cost minimization. The NSGA-II algorithm is applied to determine the optimal number of replicated devices in order to minimize the cost of implementing SR in spite of the presence of untrusted devices in SDN. Our simulation results show that our proposed method compared to the base method (without considering optimization) decreases implementation cost by 27% and increases the reliability from 70% to 93.2%.

多年来，交换机和网络路由器经常受到攻击，并且网络基础结构中发生了许多漏洞。安全路由（SR）是计算机网络中当前存在的挑战之一。通过定义路由器或交换机是可信赖的来设计软件定义的网络（SDN）。在SDN中，不受信任的设备会导致安全问题，例如流量分析，无法接收信息，数据包更改和删除，路由不正确以及网络停机。使用加密方法是解决其中一些问题的可能解决方案，但它需要其他基础结构以及运行时的大量开销。最受信任的路由方法之一是通过复制的设备（交换机或路由器）。最近，我们发现对SR中复制设备数量的关注较少。考虑到不同制造商和SR的可靠性，本文将SR问题转化为多目标优化问题与不受信任的设备一起执行。为此，提供了一个数学模型来研究最大可靠性和最小化成本的目标。的NSGA-II算法应用于确定，以便最小化执行的成本复制设备的最佳数量SR尽管在不可信设备的存在的SDN。仿真结果表明，与基本方法（不考虑优化）相比，我们提出的方法将实现成本降低了27％，并将可靠性从70％提高到93.2％。