Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Network anomaly flow detection and defense system based on SDN (software defined networking)

A software-defined network and network exception technology, applied in transmission systems, electrical components, etc., can solve problems such as no controller provided, and achieve the effect of good usability

Active Publication Date: 2017-01-25
BEIJING UNIV OF TECH
View PDF2 Cites 29 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, currently no controller provides an IP pair query API, so it is necessary to query a large number of flow entries and perform statistics in the inspection algorithm

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Network anomaly flow detection and defense system based on SDN (software defined networking)
  • Network anomaly flow detection and defense system based on SDN (software defined networking)
  • Network anomaly flow detection and defense system based on SDN (software defined networking)

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0029] Start the controller, and the IP anti-counterfeiting module will start to work at this time, and perform IP binding for users who access the network with static IP configuration through the DHCP service. Turn on the access layer detection and link anomaly detection modules, and the two modules will start traffic learning. Calculate normal flow criteria and flow change thresholds. The algorithm will collect data to calculate the change of traffic every once in a while, and compare the change value with the abnormal judgment standard of the corresponding algorithm. The result is displayed, which is convenient for the administrator to find and partially block the attack traffic.

[0030] 1 Block source forgery of IP address

[0031] 1 design thinking

[0032] In the DDoS attack, the attack source address validity is divided into real source address and forged source address. The forged source IP address will occupy unnecessary connection bandwidth of the server and cons...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a network anomaly flow detection and defense system based on SDN (software defined networking). The SDN is quite different from a traditional network for detecting anomaly flow, a traditional detection method is enabled to be inapplicable, and with the application of the thought of separating a network control plane and a data plane, a new solution is provided for research and development of novel network applications and treatment of network security problems by the SDN. Based on the characteristics of centralized control and the like of an SDN structure, real-time flow monitoring is realized at the attack source, a multi-defense system is formed by adopting source IP anti-counterfeiting, access layer anomaly detection and link flow anomaly detection, anomaly flow is gradually filtered, and detection and defense for network layer DDoS (distributed denial of service) attacks at the source end are realized.

Description

technical field [0001] The invention mainly relates to the detection and defense of abnormal network traffic, and in particular to the detection and defense of DoS / DDoS attacks. Background technique [0002] For the traditional network architecture, researchers have proposed a large number of DDoS attack detection methods so far, and the SDN technology based on OpenFlow is mainly based on flow rules for data forwarding, and some flow-based attack detection methods are currently available. [0003] Xiao Peiyao, Bi Jun. Intra-domain Source Address Verification Method Based on OpenFlow Architecture[J]. Small Microcomputer System, 2013, 34(9): 1999-2003 Proposed a detection algorithm based on routing, but when a random flow is sent, the controller is Forwarding path analysis is performed for each flow, and flow entries are delivered, which affects the performance of the controller. [0004] Liu Yong, Xiang Liyun. A detection algorithm based on abnormal network traffic to judge ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06
CPCH04L63/1416H04L63/1458H04L63/1466
Inventor 刘静张世轩赖英旭何运杨盼付天怡宋站威
Owner BEIJING UNIV OF TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com