DDoS attack detection system based on software-defined network

A software-defined network and attack detection technology, applied in transmission systems, electrical components, computer components, etc., can solve problems such as controller burden and attack detection delay, and achieve the effect of reducing burden and improving accuracy.

Active Publication Date: 2019-10-15
SHANDONG UNIV
View PDF4 Cites 21 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] At present, the SDN-based DDoS attack detection scheme mainly obtains the flow table information of the switches in the entire network periodically through the controller, and runs anomaly detection algorithms based on statistics and machine learning to detect abnormal attacks. The expansion of the network scale will bring a greater burden to the controller, resulting in delays in attack detection

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • DDoS attack detection system based on software-defined network
  • DDoS attack detection system based on software-defined network

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0030] In order to describe the technical content of the present invention more clearly, the present invention will be further described below in conjunction with the accompanying drawings.

[0031] The invention designs a DDoS attack detection system based on software-defined network. The invention combines the information entropy early warning of the data plane with the SVM detection of the control plane, and designs a DDoS attack detection system based on the software-defined network. Aiming at the problems of slow response time of DDoS attack detection and heavy burden on the controller in the software-defined network, the system calculates the relevant entropy value through the programmable OpenFlow border switch for early warning, and if abnormality is found, it will alert the controller and limit the flow rate of the relevant port , and use the SVM algorithm to detect the abnormal flow, and guide the switch to discard it, thus improving the response speed of the system ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a DDoS attack detection method based on a software-defined network, and belongs to the technical field of software defined network security defense. The detection system comprises an attack host, a victim host, an OpenFlow switch layer and an SDN control layer. According to the method, the detection process is divided into two parts, firstly, flow information passing through a boundary switch is counted on a switch at the edge of a network; according to an information entropy theory, a destination IP address and the dispersion degree of uniflow distribution are calculated, and when an abnormality is found, a controller is warned, the flow rate of a related port is limited, SVM detection of the controller is started, and by extracting the depth characteristics of theflow, an abnormal flow is detected more accurately, and a switch is guided to discard the abnormal flow. According to the system, data plane detection and control plane detection are combined, the response time of detection is prolonged, the burden of a controller is reduced, and the system has practical application value.

Description

technical field [0001] The invention belongs to the technical field of network security, in particular to the technical field of software-defined network security defense. Background technique [0002] With the development of cloud computing, big data and other emerging technologies, the network traffic is constantly increasing, and the traditional network architecture with IP as the core is difficult to meet the requirements of network scalability, management and flexibility. Software Defined Network (Software Defined Network, SDN) is a new type of network architecture, which was born in the research project of Stanford University in the United States. Its core idea is the separation of numerical control, concentrating the control functions of the network on the controller, and endowing the network with programmability. Guide the data forwarding of the bottom switch, thereby improving the flexibility and scalability of the network, and making it more convenient for the mana...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06G06K9/62
CPCH04L63/1416H04L63/1458H04L63/1425G06F18/2411
Inventor 刘琚张吉成于山山姚仕聪王磊王京
Owner SHANDONG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products