A method for alleviating ddos ​​attack, programmable switch and sdn controller

A switch and controller technology, applied in the field of network security, can solve problems such as poor network defense effect and inability to accurately find DDoS attack paths

Active Publication Date: 2021-09-14
HUAZHONG UNIV OF SCI & TECH
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] In view of this, the embodiment of the present invention provides a method for mitigating DDoS attacks, a programmable switch and an SDN controller to solve the problem that the DDoS attack path cannot be accurately found, resulting in poor network defense effect

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method for alleviating ddos ​​attack, programmable switch and sdn controller
  • A method for alleviating ddos ​​attack, programmable switch and sdn controller
  • A method for alleviating ddos ​​attack, programmable switch and sdn controller

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0020] In order to make the purpose, features and advantages of the present invention more obvious and understandable, the technical solutions in the embodiments of the present invention will be clearly and completely described below in conjunction with the accompanying drawings in the embodiments of the present invention. Obviously, the following The described embodiments are only some, not all, embodiments of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without creative work belong to the protection scope of the present invention. The principles and features of the present invention will be described below in conjunction with the accompanying drawings. The examples given are only used to explain the present invention, not to limit the scope of the present invention.

[0021] The term "comprising" and other expressions with similar meanings in the description or claims of the p...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a method for mitigating DDoS attacks, a programmable switch and an SDN controller. The method includes: adding an INT header to a data packet forwarded by the switch, and after the data packet reaches the destination switch, the INT message is sent to the SDN control The SDN controller converts the corresponding switch state in the INT message into a three-dimensional tensor; constructs a DDoS attack detection model based on CNN and graph convolutional neural network, and extracts the time and space features in the three-dimensional tensor through the DDoS attack detection model. Determine the switch containing the attack flow, and determine the forwarding path of the attack flow in the network; publish the corresponding discarding policy to mitigate DDoS attacks, add the source and destination IP to the whitelist, and the SDN controller will publish the whitelist to all switch. Through this solution, the DDoS attack path can be accurately found, the distributed denial of service attack can be mitigated, and the access of legal network traffic can be guaranteed.

Description

technical field [0001] The invention relates to the field of network security, in particular to a method for mitigating DDoS attacks, a programmable switch and an SDN controller. Background technique [0002] Distributed Denial of Service (DDoS) is an easy and destructive network attack. Attackers usually invade vulnerable nodes in the Internet, then turn these nodes into botnets, and use these large-scale distributed The host creates a large number of data packets with forged IP addresses to launch an access attack on the victim server. DDoS can quickly consume a victim server's resources and crash it, making the victim server unable to respond to normal requests. close In recent years, DDoS attacks have become more and more frequent. The servers of many large Internet companies such as Apple, Amazon, and Alibaba have suffered from DDoS attacks, which has caused huge economic losses to Internet companies and the entire society. [0003] Researchers have done a lot of work...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
CPCH04L63/101H04L63/1416H04L63/1458H04L63/20
Inventor 周潘涂千涛徐子川付才丁晓锋
Owner HUAZHONG UNIV OF SCI & TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap