SDN controller, routing/switching device and network defending method

Abstract

The invention provides an SDN controller, a routing / switching device and a network defending method applied to a network comprising a client side, a server side and a routing / switching device connected between the client side and the server side. A legal TCP connection table, an illegal TCP half connection table and an illegal TCP half connection number table are established and stored in the SDN controller, and a flow table containing filtering action types is generated and issued to an inlet routing / switching device where an attacker is located to control the routing / switch device to execute corresponding filtering strategies. According to the SDN controller, the routing / switching device and the network defending method, the SDN architecture is adopted, the position of the attacker can be sensed, and attacking messages can be classified accurately.

Description

technical field

[0001] The invention relates to the technical field of network communication, in particular to an SDN controller, routing / switching equipment and a network defense method. Background technique

[0002] With the development of the Internet, while the network brings convenience, network security incidents also occur from time to time. Network attacks deter online users, and the security and confidentiality of information are greatly threatened. Denial of service attack (DoS) is more and more frequent due to its tools are available everywhere, easy to operate, wide attack range, strong concealment, simple and effective, and greatly affects the effective service of the network and business host system , especially distributed denial of service attack (DDoS) has been recognized as one of the most difficult problems on the Internet.

[0003] TCP (Transmission Control Protocol) flood attack is the most common attack method of DDoS. Due to the three-way handshake r...

Images