Software-defined network flow sampling method and system based on ids feedback

A software-defined network and flow sampling technology, applied in transmission systems, digital transmission systems, data exchange networks, etc., can solve the problems of missing attack flow, lack of pertinence, low repetition, etc., to achieve improved accuracy, simple implementation, Fast feedback

Active Publication Date: 2020-12-04
NAT UNIV OF DEFENSE TECH
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, due to the lack of pertinence, random flow sampling often misses more attack flows, especially some flows with a long survival time but low repeatability

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Software-defined network flow sampling method and system based on ids feedback

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0025] The invention discloses a software-defined network flow sampling method based on IDS feedback, aiming at providing an accurate data source for an intrusion detection system in a software-defined network while saving sampling bandwidth. join figure 1 Shown workflow schematic diagram, the method step of the present invention comprises:

[0026] Step 1: Install Temporary Sample Stream

[0027] For a new flow that is not matched by the switch, the SDN switch will notify the SDN controller in the form of a packet_in message, and the module of the SDN controller itself will first perform a corresponding route search and establish a forwarding flow. The sampling module of the present invention then extracts the matching field of the packet in the packet_in message, and finds whether the matching field exists in the history record hash table, if not, then directly installs the corresponding temporary sampling flow; if there is, then obtains the corresponding timestamp value, ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an IDS (Intrusion Detection System) feedback-based SDN (Software Definition Network) flow sampling method and system. A flow is temporally sampled at first through the centralized control capacity of an SDN controller for a network flow, and then is sent to an IDS for primary detection, and whether to continue to sample the flow or not is determined according to a detectionresult of the IDS, thereby improving the sampling accuracy; and under a condition of a limited bandwidth, a flow with a high threat degree is selected for detection as much as possible to improve theutilization rate of the sampling bandwidth and the detection precision. The IDS feedback-based SDN flow sampling method is easy to implement and high in feedback speed; an independent sampling tableis used for implementing sampling, so that the sampling cannot affect normal services; and the method has the deploying capacity in an actual system, in particular in a cloud data center.

Description

technical field [0001] The invention relates to the field of network data processing, in particular to a software-defined network flow sampling method and system based on IDS feedback. Background technique [0002] Software-defined networking (SDN) is constructed with the idea of ​​separating the control plane and the data plane, which greatly enhances the overall control capability of the network. And because of its programmable features, the network control is flexible, and rich network applications can be fully developed based on the northbound interface it provides. These characteristics make software-defined networking very suitable for cloud environments, because the dynamic and virtualization characteristics of cloud itself make network boundaries blurred, network topology changes constantly, and traditional network management methods are inefficient and error-prone. [0003] The huge east-west traffic monitoring of the cloud data center has always been a difficult p...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L12/801H04L29/06
CPCH04L47/10H04L63/1416
Inventor 杨岳湘施江勇曾迎之唐川李文华王晓磊
Owner NAT UNIV OF DEFENSE TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap