Network architecture safety monitoring system based on OpenFlow

A technology of security monitoring system and network architecture, applied in the field of OpenFlow-based network architecture security monitoring system, to achieve effective security assurance, impact mitigation, stability and security

Inactive Publication Date: 2016-11-09
BEIJING UNIV OF TECH
View PDF3 Cites 15 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, some security problems existing in traditional networks still exist in OpenFlow networks, and th

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network architecture safety monitoring system based on OpenFlow
  • Network architecture safety monitoring system based on OpenFlow

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0021] Such as Figure 1-2 As shown, this system combines OpenFlow and sFlow for effective network anomaly monitoring and threat mitigation. The system solution uses sFlow-RT to monitor the network traffic status in real time, and when the network traffic is abnormal, it will call the police in time to trigger the response operation of the upper layer application. The upper-layer application switches the operation mode of the Floodlight controller from passive mode to active mode by calling the API, and sends active mode rules through the controller.

[0022] After the operation mode of the controller is switched, sFlow-RT and the upper-layer application will continue to monitor the network traffic status. When abnormal traffic characteristics appear, the upper-layer application will use the information provided by the controller to more accurately locate the source of the abnormal traffic, and monitor the switch port. Rate limit processing for exception mitigation.

[0023]...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a network architecture safety monitoring system based on OpenFlow. The system gives full play to the centralized control advantage of an OpenFlow network controller and the real-time line rate traffic monitoring ability of an sFlow-RT, makes full use of the advantages of the controller in passive and active modes in different network states, and protects the safety of the controller and a switch in the network when the network is attacked. An operation mode of the controller is changed by using upper application, and a speed-limit treatment is carried out on an abnormal switch port, furthermore the stability and safety of network devices and network services are ensured. Test results show that the system lowers loads of the controller by changing the operation mode of the controller, and reduces the influence of abnormal traffic on a host in the network and the network itself by limiting speed at the switch port. The system can be quickly deployed in an existing OpenFlow campus network environment, and also can be deployed in other OpenFLow network environments through adjustment, thereby providing visual, controllable, and effective safety guarantee for the controller and the switch device in the network and the network service itself.

Description

technical field [0001] The system of the invention is applicable to the SDN network environment based on OpenFlow, can monitor network abnormalities caused by network attacks in time, and effectively alleviate abnormalities. Background technique [0002] The concept of OpenFlow was produced in 2006 by researchers at Stanford University in the United States. It advocates the decoupling of the data layer and the control layer of traditional network equipment, and uses a centralized controller (controller) to control various network equipment through standardized interfaces. management and configuration. Subsequently, researchers such as McKeown began to promote the concept of Software-Defined Networking, SDN, and attracted widespread attention from academia and industry. [0003] The OpenFlow architecture consists of an OpenFlow controller and an OpenFlow switch. [0004] The OpenFlow controller is the centralized controller of the OpenFlow network, which maintains topology ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06H04L12/24H04L12/935H04L49/111
CPCH04L41/0645H04L49/30H04L63/1408H04L63/20
Inventor 刘静郭景元赖英旭刁子朋王熠晨李宇盛
Owner BEIJING UNIV OF TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap