SDN framework integrating threat processing and route optimizing and operating method

A working method and threat processing technology, applied in the field of network security, can solve problems such as network security, achieve the effect of ensuring communication quality, realizing efficient detection and flexible processing, and reducing coupling correlation

Inactive Publication Date: 2015-04-22
NANJING XIAOZHUANG UNIV
View PDF4 Cites 13 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] The purpose of the present invention is to provide an SDN architecture and working method that integrates threat processing and routing optimization to solve the network security problems caused by a large number of DDoS attacks in the existing network, so as to realize fast, efficient and comprehensive identification and defense DDoS attack

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • SDN framework integrating threat processing and route optimizing and operating method
  • SDN framework integrating threat processing and route optimizing and operating method
  • SDN framework integrating threat processing and route optimizing and operating method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0063] figure 2 A block diagram of the SDN network architecture of the present invention is shown.

[0064] Such as figure 2 As shown, a kind of SDN network framework, comprises: application plane, data plane and control plane; Wherein data plane, when being positioned at any IDS (being intrusion detection equipment) equipment in the data plane detects the message of DDoS attack characteristic, namely Report to the application plane through the SSL communication channel; the application plane is used to analyze the attack type, and customize the corresponding attack threat processing strategy according to the attack type; the control plane provides the attack threat processing interface for the application plane, and provides the most Optimal path computation and / or attack threat identification interface.

[0065] Among them, the characteristics of DDoS attack are defined as: spoofing of link layer and Internet layer addresses, abnormal behavior of Internet layer and trans...

Embodiment 2

[0072] image 3 A structural block diagram of the SDN system of the present invention is shown.

[0073] Such as image 3 As shown, a working method based on the DDoS threat filtering SDN system includes: when any IDS device detects a message with a DDoS attack feature, it reports to the IDS decision server through the SSL communication channel; According to the reported information, the IDS decision server formulates a processing policy corresponding to the message with DDoS attack characteristics, and then shields the message through the controller or redirects the traffic of the switch access port corresponding to the message to the traffic cleaning center to filter.

[0074] Figure 4 A functional block diagram of the SDN system is shown.

[0075] Such as Figure 4 As shown, further, the IDS equipment includes:

[0076] Spoofed message detection module detects spoofing behavior of link layer and Internet layer addresses;

[0077] Destroy the message detection module...

Embodiment 3

[0163] Based on Embodiment 1 and Embodiment 2, a working method of an SDN system that integrates threat processing and routing optimization can effectively reduce the workload of the controller through distributed detection and centralized processing. Improved detection efficiency and data transfer rate.

[0164] The working method of the SDN system integrating threat processing and routing optimization of the present invention comprises the following steps:

[0165] Step S100, network initialization; Step S200, distributed DDoS threat monitoring; and Step S300, threat processing and / or route optimization.

[0166] Further, the devices involved in network initialization in step S100 include: a controller, an IDS decision server and distributed IDS devices;

[0167] The steps of network initialization are as follows:

[0168] Step S101, the IDS decision server establishes a dedicated SSL communication channel with each IDS device (this step S101 is an optional implementation)...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an SDN framework integrating threat processing and route optimizing, a system and an operating method. The SDN framework comprises an application plane, a data plane and a control plane; when any IDS device located in the data plane detects a message with DDoS attack characteristics in an attack threat, the message is immediately reported to the application plane through an SSL communication channel; the application plane is used for analyzing the attack type and making a corresponding attack threat processing strategy according to the attack type; the control plane provides an attack threat processing interface for the application plane and provides an optimal path calculation interface and/or an attack threat identification interface for the data plane. By means of the SDN framework, a network can achieve traffic forwarding for route optimizing according to real-time conditions of links when subjected to a large-scale DDoS threat and can also identify the DDoS threat and make a processing response quickly and accurately, so that the network communication quality is guaranteed comprehensively.

Description

technical field [0001] The invention relates to the field of network security, in particular to an SDN architecture and working method integrating DDoS threat filtering and routing optimization. Background technique [0002] At present, high-speed and widely connected networks have become an important infrastructure of modern society. However, with the expansion of the scale of the Internet, the defects of the traditional normative system are increasingly emerging. [0003] The latest report released by the National Computer Network Emergency Response Technology Coordination Center (CNCERT / CC) shows that hacker activities are becoming more and more frequent, and attacks such as website backdoors, phishing, and malicious web malware are on the rise. facing serious challenges. [0004] Among them, Distributed Denial of Service attack (Distributed Denial of Service, DDoS) is still one of the most important threats affecting the security of Internet operation. The number, siz...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L45/125
CPCH04L45/123H04L45/125H04L49/208H04L63/0227H04L63/0236H04L63/1416H04L63/1425H04L63/1458H04L63/20
Inventor 史毓凯张家华杨种学王江平李滢
Owner NANJING XIAOZHUANG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap