Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Software defined network-oriented DDoS attack defense system and method

A software- and network-oriented technology, applied in transmission systems, electrical components, etc., can solve problems such as safety issues that cannot be ignored

Active Publication Date: 2017-04-19
UNIV OF SCI & TECH BEIJING
View PDF2 Cites 24 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

It cannot be ignored that in practical applications, although the SDN network provides great convenience in network management, security issues in the SDN network environment cannot be ignored either.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Software defined network-oriented DDoS attack defense system and method
  • Software defined network-oriented DDoS attack defense system and method
  • Software defined network-oriented DDoS attack defense system and method

Examples

Experimental program
Comparison scheme
Effect test

example 1

[0078] In order to make the technical problems and technical solutions to be solved by the present invention clearer, the following will describe in detail the embodiments of defending against DDoS attacks of portal websites with reference to the accompanying drawings.

[0079] A software-defined network-oriented DDoS attack defense system realizes the identification and interception of DDoS attack traffic in the SDN network architecture environment. The invention is divided into three parts: an SDN network data collection part, a DDoS attack identification part and a DDoS attack interception part. The former part provides the decision-making basis for the latter part. The data collection part uses the OpenFlow flow table data of the switches in the SDN network, and the controller extracts and analyzes the data in real time to identify abnormal DDoS attack traffic; the attack interception part is based on Based on the judgment result in the previous part, a blocking flow table...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention belongs to the technical field of network security, and particularly relates to the technical field of software defined network (SDN) security defense. According to the technical scheme, an SDN-oriented DDoS attack defense system comprises a data acquisition module, a training module, an identification module, and a flow table issuing module. A defense method comprises the following steps: collecting OpenFlow flow table data on switches in an SDN, training and classifying different types of flow, identifying and marking DDoS attack flow, and intercepting the flow by means of OpenFlow blocking flow table issuing. The system and the method can be well deployed in an SDN environment, and can be used to effectively intercept DDoS attack flow and attacks like source IP address forging.

Description

technical field [0001] The invention belongs to the technical field of network security, in particular to the technical field of software-defined network security defense. Background technique [0002] In recent years, Software Defined Network (SDN, Software Defined Network), as a new generation of network architecture, has become an emerging research hotspot. The emergence of the SDN network architecture makes up for many defects in the traditional network architecture. The SDN network is different from the distributed control of the traditional network, and the forwarding behavior of the SDN network switch is controlled by a unified controller. Administrators can manage the network more flexibly. It cannot be ignored that in practical applications, although the SDN network provides great convenience in network management, security issues in the SDN network environment cannot be ignored either. Traditional network real-time defense solutions against DDoS attacks mostly re...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06
CPCH04L63/0236H04L63/101H04L63/1408H04L63/1458
Inventor 阳小龙张乾
Owner UNIV OF SCI & TECH BEIJING
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products