Method for mitigating DDoS attack, programmable switch and SDN controller

A switch and controller technology, applied in the field of network security, can solve problems such as inability to accurately find DDoS attack paths, poor network defense effects, etc., and achieve the effect of alleviating distributed denial of service attacks, reducing link burden, and reducing impact

Active Publication Date: 2021-06-18
HUAZHONG UNIV OF SCI & TECH
View PDF3 Cites 3 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] In view of this, the embodiment of the present invention provides a method for mitigating DDoS attacks, a programmable switch and an SDN controller to solve the problem that the DDoS attack path cannot be accurately found, resulting in poor network defense effect

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for mitigating DDoS attack, programmable switch and SDN controller
  • Method for mitigating DDoS attack, programmable switch and SDN controller
  • Method for mitigating DDoS attack, programmable switch and SDN controller

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0020] In order to make the purpose, features and advantages of the present invention more obvious and understandable, the technical solutions in the embodiments of the present invention will be clearly and completely described below in conjunction with the accompanying drawings in the embodiments of the present invention. Obviously, the following The described embodiments are only some, not all, embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without creative work belong to the protection scope of the present invention. The principles and features of the present invention will be described below in conjunction with the accompanying drawings. The examples given are only used to explain the present invention, not to limit the scope of the present invention.

[0021] The term "comprising" and other expressions with similar meanings in the description or claims of the p...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a method for mitigating DDoS attack, a programmable switch and an SDN controller, and the method comprises the steps: adding an INT header to a data packet forwarded by the switch, after the data packet reaches a target switch, sending an INT message to the SDN controller, and enabling the SDN controller to convert a corresponding switching state in the INT message into a three-dimensional tensor; constructing a DDoS attack detection model based on a CNN and a graph convolutional neural network, extracting a time feature and a space feature in a three-dimensional tensor through the DDoS attack detection model, determining a switch containing an attack flow, and determining a forwarding path of the attack flow in the network; issuing a corresponding discarding strategy to relieve the DDoS attack, adding the source IP and the destination IP to a white list, and issuing the white list to all switches by the SDN controller. Through the scheme, the DDoS attack path can be accurately found, the distributed denial of service attack is reduced, and access of legal network traffic is guaranteed.

Description

technical field [0001] The invention relates to the field of network security, in particular to a method for mitigating DDoS attacks, a programmable switch and an SDN controller. Background technique [0002] Distributed Denial of Service (DDoS) is an easy and destructive network attack. Attackers usually invade vulnerable nodes in the Internet, then turn these nodes into botnets, and use these large-scale distributed The host creates a large number of data packets with forged IP addresses to launch an access attack on the victim server. DDoS can quickly consume a victim server's resources and crash it, making the victim server unable to respond to normal requests. close In recent years, DDoS attacks have become more and more frequent. The servers of many large Internet companies such as Apple, Amazon, and Alibaba have suffered from DDoS attacks, which has caused huge economic losses to Internet companies and the entire society. [0003] Researchers have done a lot of work...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
CPCH04L63/101H04L63/1416H04L63/1458H04L63/20
Inventor 周潘涂千涛徐子川付才丁晓锋
Owner HUAZHONG UNIV OF SCI & TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap