SDN中DDoS攻击的高效联合检测和防御机制

doi:10.12068/j.issn.1005-3026.2020.09.001

东北大学学报:自然科学版 ›› 2020, Vol. 41 ›› Issue (9): 1217-1222.DOI: 10.12068/j.issn.1005-3026.2020.09.001

• 信息与控制 • 下一篇

SDN中DDoS攻击的高效联合检测和防御机制

曾荣飞¹，高原²，王兴伟²，张榜²

(1. 东北大学软件学院，辽宁沈阳110169； 2. 东北大学计算机科学与工程学院，辽宁沈阳110169)

收稿日期:2019-09-30 修回日期:2019-09-30 出版日期:2020-09-15 发布日期:2020-09-15
通讯作者: 曾荣飞
作者简介:曾荣飞(1983-)，男，辽宁沈阳人，东北大学副教授；王兴伟(1968-)，男，辽宁盖州人，东北大学教授，博士生导师.
基金资助:
国家重点研发计划项目(2017YFB0801701)；国家自然科学基金资助项目(61872073).

Efficient Joint Detection and Defense Mechanism for DDoS Attack in SDN

ZENG Rong-fei¹， GAO Yuan²， WANG Xing-wei²， ZHANG Bang²

1.School of Software， Northeastern University， Shenyang 110169， China; 2.School of Computer Science & Engineering， Northeastern University， Shenyang 110169， China.

Received:2019-09-30 Revised:2019-09-30 Online:2020-09-15 Published:2020-09-15
Contact: WANG Xing-wei
About author:-
Supported by:
-

摘要/Abstract

摘要： 为解决软件定义网络(SDN，software-defined networking)控制器所面临的DDoS攻击问题，本文提出一个高效率的联合检测和防御机制.联合检测部分采用改进自组织映射(SOM，self-organizing mapping)算法和多维条件熵算法相结合，通过对自组织映射算法的改进，与多维条件熵算法相互提供反馈信息，达到高效联合检测目的.联合防御部分采用常规防御模块与快速防御模块相结合，通过调整优先级的方式针对不同的检测结果采取不同的防御策略.大量实验表明，本文的联合检测机制可以达到95.2%的检测率；与单独的防御机制相比，联合防御机制中控制器的响应时间可以平均降低0.11s.

关键词: 软件定义网络, 分布式拒绝服务攻击, 改进自组织映射算法, 多维条件熵算法, 优先级

Abstract: In order to defend against the DDoS attacks for SDN(software-defined networking) controller， this paper proposed an efficient joint detection and defense mechanism. The joint detection part adopted the combination of improved self-organizing mapping algorithm and multidimensional conditional entropy algorithm. By combining the two methods， the purpose of joint detection was achieved. The joint defense part includes a conventional defense module and a fast defense module， which adopts different defense strategies for different detection results by adjusting the priority. Extensive experimental results showed that the joint detection mechanism can achieve a detection rate of 95.2%， and the response time of the joint defense mechanism to the controller can be reduced by 0.11s on average， compared with the single defense mechanism.

Key words: software-defined networking, distributed denial of service attack, improved self-organizing mapping algorithm, multidimensional conditional entropy algorithm, priority

中图分类号:

TP393.08

曾荣飞，高原，王兴伟，张榜. SDN中DDoS攻击的高效联合检测和防御机制[J]. 东北大学学报:自然科学版, 2020, 41(9): 1217-1222.

ZENG Rong-fei， GAO Yuan， WANG Xing-wei， ZHANG Bang. Efficient Joint Detection and Defense Mechanism for DDoS Attack in SDN[J]. Journal of Northeastern University Natural Science, 2020, 41(9): 1217-1222.

参考文献

[1]Erel M，Teoman E，zevik Y，et al.Scalability analysis and flow admission control in mininet-based SDN environment［C］//Proceedings of the IEEE Conference on Network Function Virtualization and Software Defined Network (NFV-SDN).San Francisco，CA，2015:18-19.
[2]Jain S，Kumar A，Mandal S，et al.B4:experience with a globally-deployed software defined WAN［C］//Proceedings of the ACM SIGCOMM Computer Communication Review.Hong Kong，2013:3-14.
[3]Luo T，Tan H P，Quek T Q S.Sensor OpenFlow:enabling software-defined wireless sensor networks［J］.IEEE Communications Letters，2012，16(11):1896-1899.
[4]Natarajan S，Ramaiah A，Mathen M.A software defined cloud-gateway automation system using OpenFlow［C］//Proceedings of the 2013 IEEE the 2nd International Conference on Cloud Networking (CloudNet).San Francisco，CA，2013:219-226.
[5]Gao L L，Zheng L，Qiu Z L，et al.Research on model of five-level scheduling based on SDN［C］//Proceedings of the International Conference on Computer，Information and Telecommunication Systems (CITS).Colmar，France，2018:1-5.
[6]Mousavi S M，St-Hilaire M.Early detection of DDoS attacks against SDN controllers［C］//Proceedings of the 2015 International Conference on Computing，Networking and Communications (ICNC).Anaheim，CA，2015:77-81.
[7]Li M，Dongliang W.Anormaly intrusion detection based on SOM［C］//Proceedings of the 2009 WASE International Conference on Information Engineering.Taiyuan，2009:40-43.
[8]Jiang D，Yang Y，Xia M.Research on intrusion detection based on an improved SOM neural network［C］//Proceedings of the 2009 Fifth International Conference on Information Assurance and Security.Xi’an，2009:400-403.
[9]Vokorokos L，Balaz A，Chovanec M.Intrusion detection system using self organizing map［J］.Acta Electrotechnica et Informatica，2006，6(1):1-6.
[10]Huang H，Xu H，Wang X，et al.Maximum F1-score discriminative training criterion for automatic mispronunciation detection［J］.IEEE/ZACM Transactions on Audio，Speech，and Language Processing，2015，23(4):787-797.
[11]Borgnat P，Dewaele G，Fukuda K，et al.Seven years and one day:sketching the evolution of Internet traffic［C］//International Conference on Computer Communications.Rio de Janeiro，2009:711-719.
[15]关守平，房少纯.一种新型的区间-粒子群优化算法［J］.东北大学学报(自然科学版)，2012，33(10):1381-1384.(Guan Shou-ping，Fang Shao-chun.A new interval particle swarm optimization algorithm［J］.Journal of Northeastern University(Natural Science)，2012，33(10):1381-1384.)

SDN中DDoS攻击的高效联合检测和防御机制

Efficient Joint Detection and Defense Mechanism for DDoS Attack in SDN

RichHTML

PDF (PC)

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 10

编辑推荐

Metrics

本文评价

[1]	徐久强，路佳熹，李鹤群，赵海. 基于SDN的工业物联网组播通信框架研究[J]. 东北大学学报（自然科学版）, 2023, 44(2): 192-198.
[2]	姜艳萍，宋新潮，邵欣然. 双角色主体间的私人闲置车位和需求者匹配模型[J]. 东北大学学报（自然科学版）, 2022, 43(4): 591-599.
[3]	林川，赵海，毕远国，蔡巍. 基于SDN的QoS测量与路由规划系统设计与实现[J]. 东北大学学报:自然科学版, 2017, 38(8): 1069-1074.
[4]	祝烈煌，张琼宇，沈蒙，王明钟. 支持流量感知的软件定义网络高效路由方案[J]. 东北大学学报:自然科学版, 2017, 38(3): 335-340.
[5]	罗玎玎;赵海;孙佩刚;林恺;. 硬实时环境下固定优先级调度的离线优化[J]. 东北大学学报(自然科学版), 2008, 29(9): 1257-1261.
[6]	郭睿;常桂然;孙宝京;刘安;. 基于遗传基因过滤算法的带宽耗尽DDoS防范技术[J]. 东北大学学报(自然科学版), 2008, 29(3): 324-327.
[7]	赵海;周峰;罗玎玎;. WebitOS中动态优先级调度机制及EDF算法的实现[J]. 东北大学学报(自然科学版), 2008, 29(11): 1560-1563.
[8]	赵越;罗晓华;杨鹏;王光兴;. 一种基于QoS的无线分组调度算法[J]. 东北大学学报(自然科学版), 2006, 27(3): 272-275.
[9]	岳晓宁;井元伟;张秀华. 多用户非线性网络系统各优先级价差分析[J]. 东北大学学报(自然科学版), 2005, 26(3): 205-208.
[10]	马致山. 多目标配料模型及其应用[J]. 东北大学学报:自然科学版, 1985, 6(2): 135-141.