Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

SDN controller-oriented real-time DDoS attack detection system and method

An attack detection and controller technology, applied in the network field, can solve problems such as network congestion, inability to process data packets of normal users, DDoS attacks, etc., and achieve the effect of reducing the false positive rate

Active Publication Date: 2019-07-05
政能量财税(山东)云科技有限公司
View PDF5 Cites 40 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

In the SDN network, the data packet does not match the flow table, and the characteristics of the OpenFlow switch sending Packet_in messages to the OpenFlow controller can be used to carry out DDoS attacks on the controller, and the continuous upload of Packet_in messages exceeds the processing capacity of the controller and cannot be processed normally. User data packets, causing network congestion

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • SDN controller-oriented real-time DDoS attack detection system and method
  • SDN controller-oriented real-time DDoS attack detection system and method
  • SDN controller-oriented real-time DDoS attack detection system and method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0026] It should be noted that the following detailed description is exemplary and intended to provide further explanation of the present disclosure. Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this disclosure belongs.

[0027] It should be noted that the terminology used herein is only for describing specific embodiments, and is not intended to limit the exemplary embodiments according to the present disclosure. As used herein, unless the context clearly dictates otherwise, the singular is intended to include the plural, and it should also be understood that when the terms "comprising" and / or "comprising" are used in this specification, they mean There are features, steps, operations, means, components and / or combinations thereof.

[0028] As an emerging network architecture, software-defined network (SDN) is characterized by the separation of data forwardin...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides an SDN controller-oriented real-time DDoS attack detection system and method, and the method comprises the steps: analyzing a data packet collected by an SDN controller, judgingwhether a detection flow is abnormal or not through an entropy value, and carrying out the abnormal warning if the detection flow is abnormal; collecting flow table information through an OpenFlow protocol; allowing a controller to send a corresponding message to an OpenFlow switch to collect a flow table, wherein each flow table is composed of a plurality of flow table entries; analyzing changesof network flow distribution characteristics in unit time through the flow table entry information so as to detect attacks, extracting flow table entry related information and converting the flow table entry related information into one-dimensional characteristic information related to DDoS attacks; adopting a neural network algorithm to train datasets to generate a CNN-BiLSTM model, classifyingthe real-time traffic to realize the detection of the real-time DDoS attack. The DDoS attack flow detection in the SDN environment can be efficiently realized, and the false alarm rate of the system can be reduced.

Description

technical field [0001] The present disclosure relates to the field of network technology, in particular to a real-time DDoS attack detection system and method for SDN controllers. Background technique [0002] The firmware of traditional network devices (switches, routers) is locked and controlled by the device manufacturer, so everyone hopes to separate the network control from the physical network topology, so as to get rid of the limitations of hardware on the network architecture. In this way, enterprises can modify the network architecture like upgrading and installing software, so that enterprises can adjust, expand or upgrade the entire website architecture, and the underlying switches, routers and other hardware do not need to be replaced, saving a lot of costs. At the same time, the network architecture The iteration cycle will be greatly shortened. In order to meet these demands, SDN came into being. [0003] Software Defined Network (Software Defined Network, SD...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/1458H04L63/1416H04L63/1425
Inventor 管绍朋孙文文李奕
Owner 政能量财税(山东)云科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products