Ldos attack detection and mitigation method based on et-edr in sdn

A technology of ET-EDR and attack detection, applied in digital transmission systems, secure communication devices, electrical components, etc., can solve the lack of LDoS attacks and other problems, achieve good real-time performance, low false alarm rate and false negative rate, and high accuracy high effect

Active Publication Date: 2022-03-01
HUNAN UNIV
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

At present, there is a lack of related work on LDoS attacks aimed at congestion control mechanisms in SDN. Therefore, it is necessary to study the detection and mitigation of LDoS attacks based on congestion control in SDN.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Ldos attack detection and mitigation method based on et-edr in sdn
  • Ldos attack detection and mitigation method based on et-edr in sdn
  • Ldos attack detection and mitigation method based on et-edr in sdn

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0037] The present invention will be further described below in conjunction with the accompanying drawings.

[0038] like image 3 As shown, the ET-EDR-based LDoS attack detection and mitigation method in this SDN mainly includes four steps: information collection, feature calculation, attack detection and attack mitigation.

[0039] Figure 1 is a comparison diagram of network traffic characteristic values ​​in two network states. Under normal network conditions: the average value of TCP traffic is high, accounting for most of the total traffic, and the coefficient of variation is low. At the same time, the Spearman rank correlation coefficient between TCP traffic and total traffic is high, close to 1; UDP traffic The mean is lower and the coefficient of variation is also lower. In the state of LDoS attack: the average value of TCP traffic is low, while TCP traffic occupies a small part of the total traffic, the coefficient of variation is higher than that under normal netwo...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an ET-EDR-based LDoS attack detection and mitigation method in SDN, belonging to the field of network security. Wherein the method includes: obtaining the aggregated flow message in the key switch in real time with a fixed sampling interval, dividing it into time windows according to the fixed time length and step size, and calculating the six-dimensional characteristic value of the flow data in the time window; according to the time Based on the eigenvalues ​​of the traffic data in the window, classify the time window based on the ET model trained in advance to obtain the classification result; if the number of real-time windows classified as LDoS attacks occurred is greater than the preset threshold, it is considered that the current network is under attack. The LDoS attack is detected; the EDR algorithm is used to locate the attacked switch port, and the controller sends flow rules to complete the mitigation of the LDoS attack. The ET-EDR-based LDoS attack detection and mitigation method in the SDN proposed by the present invention can detect and alleviate the LDoS attack in the SDN accurately and in real time.

Description

technical field [0001] The invention belongs to the field of computer network security, and in particular relates to an ET-EDR-based LDoS attack detection and mitigation method in SDN. Background technique [0002] SDN (Software Defined Networking) is a new type of network architecture that simplifies the functions of the data plane and separates the control functions so that the data plane only provides basic packet forwarding. The basic architecture of SDN is mainly divided into three planes: application plane, control plane and data plane. The application plane contains various applications and services. The control plane manages SDN applications and also manages flow forwarding in switches. The data plane consists of different types of forwarding devices. The northbound interface between the application plane and the control plane provides an API (Application Programming Interface, Application Programming Interface) for developers. The southbound interface between th...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/40
CPCH04L63/1416H04L63/1458
Inventor 汤澹陈静文王曦茵代锐张斯琦郑思桥
Owner HUNAN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap