Unlock instant, AI-driven research and patent intelligence for your innovation.

Attack detection method and SDN switch

An attack detection and switch technology, applied in the field of communication, can solve problems such as network paralysis, affecting network performance, southbound channel and SDN controller computing ability, and achieve the effect of avoiding large-scale paralysis

Inactive Publication Date: 2018-08-03
CHINA UNITED NETWORK COMM GRP CO LTD
View PDF4 Cites 7 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The attacker uses the DDOS attack method in the data plane network to forge a large number of random unmatched data streams. The SDN switch will upload all these data streams to the SDN controller according to the existing logic. The impact will seriously affect the performance of the entire network, which will cause large-scale paralysis of the network

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Attack detection method and SDN switch
  • Attack detection method and SDN switch
  • Attack detection method and SDN switch

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0042] In order to enable those skilled in the art to better understand the technical solution of the present invention, the attack detection method and the SDN switch provided by the present invention will be described in detail below with reference to the accompanying drawings.

[0043] figure 1 It is a flow chart of an attack detection method provided by Embodiment 1 of the present invention, such as figure 1 As shown, the method includes:

[0044] Step 101. Collect data flow of a port, where the data flow includes at least one tuple information.

[0045] Each step in this embodiment may be executed by an SDN switch.

[0046] Step 102, calculate the information entropy of each tuple information according to the tuple information of the data flow of the port.

[0047] Step 103 , comparing whether the information entropy of each tuple information is less than or equal to the set threshold corresponding to each tuple information, if not, go to step 104 ; if yes, go to step ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an attack detection method and an SDN switch. The method comprises the following steps: collecting a data stream of a port, wherein the data stream comprises at least one tupleinformation; calculating an information entropy of each tuple information according to tuple information of the data stream of the port; comparing whether the information entropy of each tuple information is less than or equal to a set threshold corresponding to each tuple information; if the information entropy of any tuple information is greater than the corresponding set threshold, determiningthe occurrence of an abnormal attack; and if the information entropy of any tuple information is smaller than the corresponding set threshold, determining that no abnormal attack occurs. In the attack detection method disclosed by the invention, the data stream is uploaded to the SDN controller to detect the abnormal attack, thereby avoiding the influence on the computing power of the southboundchannel and the SDN controller, and thus avoiding large area paralysis of the network.

Description

technical field [0001] The invention relates to the technical field of communications, in particular to an attack detection method and an SDN switch. Background technique [0002] The SDN switch is composed of a flow table containing multiple entries, each entry in the flow table can match a specific data type in the network, and contains the execution action entry for the data flow of this data type , these actions are performed in a pipelined manner. When a data packet enters the SDN switch, it needs to analyze the message first, according to the multiple matching tuples from layer 2 to layer 7 under the existing TCP / IP architecture, and then match according to the parsed tuple information If the flow table matches the characteristics of one of the entries, the forwarding strategy will be executed according to the corresponding action. If the entry cannot be matched, the data packet will be encapsulated into a Packet-in message and sent to the SDN controller through a sec...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06
CPCH04L63/1416H04L63/1458H04L63/1466
Inventor 侯乐徐雷
Owner CHINA UNITED NETWORK COMM GRP CO LTD