Malicious code detection method based on sdn network

A malicious code detection and malicious code technology, applied in the field of computer network security, can solve problems such as large computational consumption of malicious code

Active Publication Date: 2018-11-13
GUANGDONG POLYTECHNIC NORMAL UNIV
View PDF6 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The purpose of the present invention is to solve the problem of finding malicious codes in the large-scale and high-dimensional network security data of the SDN network, which consumes a lot of computing power

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Malicious code detection method based on sdn network
  • Malicious code detection method based on sdn network

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0019] The road map of the invention is as figure 1 Shown.

[0020] In actual detection, the flow table data collection module periodically sends a flow table request to the OpenFlow switch, and the flow table information returned by the switch is transmitted to the flow table collection node through an encrypted channel. The flow feature extraction module receives the flow table data collected by the flow table collection module according to the result of the feature analysis, and extracts related m flow features to form m-tuples. Each m-tuple uses the ID of the switch that collected the data as Identification, which can monitor which SDN switch has found a certain type of malicious event. The classifier module is responsible for classifying the collected m-tuples to distinguish which type of abnormal flow or normal flow is the flow during the period.

[0021] (1) OpenFlow flow table feature selection and importance ranking

[0022] The OpenFlow flow table uses flow forwarding to ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a malicious code detection method based on an SDN (Software Defined Networking), and belongs to the technical field of computer network security. New opportunities and challenges of solving detection and prevention problems of malicious codes under new architecture are brought to a network information security field by a brand new design concept of separating control and forwarding of the SDN. According to the method, through analysis of an SDN switch flow table characteristic selection method, a security data ranking and dimension reduction method for traffic characteristic selection based on OpenFlow is provided; on this basis, through comparison of influences on the operation time of different classification algorithms after characteristic selection, a reduction dimension m selection problem is analyzed, and the optimum characteristic subsets and matched classification algorithms corresponding to different kinds of malicious codes are found; the propagation characteristics and evolution models of the malicious codes in an SDN mobile environment are analyzed, thereby obtaining the influences of a node migration rate in a mobile network on the infection condition and explosion time of the malicious codes in a source sub-network and a target sub-network, and the influences have reference values on the routing control of the SDN controller to the switch nodes or host nodes.

Description

Technical field [0001] The invention belongs to the technical field of computer network security. Background technique [0002] As a new type of network architecture based on software technology, SDN (Software Defined Networking, Software Defined Networking) new design concepts and innovative applications have brought new opportunities and challenges to the field of network information security. Since SDN uses a centralized control method, intuitively, it means greater security risks. On the other hand, SDN is also impacting traditional security protection technology. Due to the separation of SDN network control and forwarding, vulnerabilities caused by various open applications are inevitable. Malicious codes include computer viruses, network worms, Trojan horses, logic bombs and For SDN networks, such as DDOS attacks, malicious code analysis and detection are also important issues that need to be resolved. [0003] For this reason, the invention is based on the SDN idea, and es...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/56
CPCG06F21/563G06F2221/2119
Inventor 刘兰仇云利
Owner GUANGDONG POLYTECHNIC NORMAL UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap