LDoS attack detection and mitigation method based on ET-EDR in SDN

A technology of ET-EDR and attack detection, which is applied to electrical components, transmission systems, etc., and can solve problems such as lack of LDoS attacks

Active Publication Date: 2021-05-11
HUNAN UNIV
View PDF7 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

At present, there is a lack of related work on LDoS attacks aimed at congestion control mechanisms in SDN. Ther

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • LDoS attack detection and mitigation method based on ET-EDR in SDN
  • LDoS attack detection and mitigation method based on ET-EDR in SDN
  • LDoS attack detection and mitigation method based on ET-EDR in SDN

Examples

Experimental program
Comparison scheme
Effect test

Example Embodiment

[0037]The invention will be further described below with reference to the accompanying drawings.

[0038]Such asimage 3As shown, the ET-EDR-based LDo attack detection and mitigation method based on the SDN mainly includes four steps: information collection, feature calculation, attack detection, and mitigation.

[0039]Figure 1 is a comparison diagram of network traffic eigenvalues ​​in two network states. In normal network state: TCP traffic is high, occupying most of the total flow, and the variation coefficient is low, and the TPP traffic between TCP traffic and total flow is higher, close to 1; UDP traffic The average value is low, and the variation coefficient is also low. In the state of the LDOS attack: the TCP traffic is low, and the TCP traffic occupies a smaller portion of the total flow, and the variation coefficient is higher than the normal network state, the TCP traffic and the total traffic of the spitman level correlation coefficient Lower; UDP traffic is high, and the coe...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an LDoS attack detection and mitigation method based on ET-EDR in an SDN, and belongs to the field of network security. The method comprises the following steps: acquiring an aggregation flow message in a key switch in real time at a fixed sampling interval, dividing the aggregation flow message into time windows according to a fixed time length and step length, and calculating a six-dimensional characteristic value of flow data in the time windows; according to the characteristic values of the traffic data in the time windows, classifying the time windows based on an ET model obtained by training in advance to obtain a classification result; if the number of the real-time windows which are classified to be subjected to the LDoS attack is greater than a preset threshold value, considering that the current network is subjected to the LDoS attack; an EDR algorithm is used to locate an attacked switch port, and a controller is used to issue a flow rule to complete the relief of the LDoS attack. According to the LDoS attack detection and mitigation method based on the ET-EDR in the SDN provided by the invention, the LDoS attack in the SDN can be accurately detected and mitigated in real time.

Description

technical field [0001] The invention belongs to the field of computer network security, and in particular relates to an ET-EDR-based LDoS attack detection and mitigation method in SDN. Background technique [0002] SDN (Software Defined Networking) is a new type of network architecture that simplifies the functions of the data plane and separates the control functions so that the data plane only provides basic packet forwarding. The basic architecture of SDN is mainly divided into three planes: application plane, control plane and data plane. The application plane contains various applications and services. The control plane manages SDN applications and also manages flow forwarding in switches. The data plane consists of different types of forwarding devices. The northbound interface between the application plane and the control plane provides an API (Application Programming Interface, Application Programming Interface) for developers. The southbound interface between th...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06
CPCH04L63/1416H04L63/1458
Inventor 汤澹陈静文王曦茵代锐张斯琦郑思桥
Owner HUNAN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap