Unlock instant, AI-driven research and patent intelligence for your innovation.

DDoS (Distributed Denial of Service) attack detection and defense method in SDN (Software Defined Network) environment

An attack detection and environmental technology, applied in the field of network security, can solve the problem of insufficient analysis of DDoS attack traffic characteristics SDN, etc., to improve the efficiency and intelligence level of DDoS attack detection and defense, reduce difficulties and labor intensity, and simplify the network management effect

Pending Publication Date: 2021-09-28
CHINA SHIP DEV & DESIGN CENT
View PDF4 Cites 7 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Most of the existing methods for detecting and defending against DDoS attacks on SDN are implemented by transplanting methods under traditional networks, without fully analyzing the characteristics of DDoS attack traffic in the SDN environment and utilizing the characteristics and advantages of SDN

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • DDoS (Distributed Denial of Service) attack detection and defense method in SDN (Software Defined Network) environment
  • DDoS (Distributed Denial of Service) attack detection and defense method in SDN (Software Defined Network) environment
  • DDoS (Distributed Denial of Service) attack detection and defense method in SDN (Software Defined Network) environment

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0047] In order to make the object, technical solution and advantages of the present invention more clear, the present invention will be further described in detail below in conjunction with the examples. It should be understood that the specific embodiments described here are only used to explain the present invention, not to limit the present invention.

[0048] A DDoS attack detection and defense method in an SDN environment, comprising the following steps:

[0049] figure 1 For the workflow of the detection and triggering mechanism of the present invention, the present invention implements the detection and triggering mechanism by counting the packet_in messages in the switch. When a DDoS attacks the controller, the rate of packet_in messages on the switch will increase sharply, so the abnormal rate of packet_in messages can be used as a sign of the beginning of a DDoS attack. The specific steps are as follows:

[0050] 1) Set the window value val and the packet rate th...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a DDoS (Distributed Denial of Service) attack detection and defense method in an SDN (Software Defined Network) environment. The method comprises the following steps: 1) triggering a DDoS attack detection mechanism according to statistical information of a packet_in message in a switch on a data plane; 2) identifying SDN network traffic characteristics, and judging whether the suspicious traffic is a DDoS attack according to the SDN network traffic characteristics; and 3) relieving the influence of the suspicious traffic on the SDN network. Aiming at the characteristic that a control plane and a data plane of the SDN network are separated, the invention provides characteristics capable of more accurately distinguishing attack streams, so that flow characteristic extraction and DDoS attack detection are realized, and the working efficiency and the intelligent level of DDoS attack detection and defense are remarkably improved.

Description

technical field [0001] The invention relates to network security technology, in particular to a DDoS attack detection and defense method under the SDN environment. Background technique [0002] SDN is a new type of network architecture that can meet the growing demands of future networks. Compared with the traditional network architecture, the core of the SDN architecture lies in the separation of the control plane and the data plane. SDN architecture usually consists of three planes: data plane, control plane and application plane. The data plane consists of network switches that act as forwarding devices. The control plane includes at least one software controller, which logically manages the network centrally and controls the configuration and behavior of these forwarding devices in the network. The application plane is where the controller application resides. [0003] The controller maintains contact with the data plane switch through protocols such as OpenFlow, obt...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L12/24
CPCH04L63/1416H04L63/1458H04L41/0893H04L63/1425
Inventor 谭亮潘玥王兴众周建国周长家
Owner CHINA SHIP DEV & DESIGN CENT