Supercharge Your Innovation With Domain-Expert AI Agents!

SDN flow table overflow attack detection and mitigation method based on machine learning

An attack detection and machine learning technology, applied in machine learning, instruments, computer components, etc., to achieve high accuracy, real-time detection and mitigation, and precise classification

Active Publication Date: 2022-02-15
HUNAN UNIV
View PDF8 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The present invention aims at the potential safety hazards of switch flow table overflow attacks faced in the SDN data plane, based on the goal of protecting SDN security and availability, and proposes a machine learning-based SDN flow table overflow attack detection and mitigation method

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • SDN flow table overflow attack detection and mitigation method based on machine learning
  • SDN flow table overflow attack detection and mitigation method based on machine learning
  • SDN flow table overflow attack detection and mitigation method based on machine learning

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0022] The present invention will be further described below in conjunction with the accompanying drawings.

[0023] Such as Image 6 As shown, the detection method of the flow table overflow attack mainly includes six steps: flow table data sampling, flow table field division, traffic type marking, classification model training, attack determination detection, and flow table overflow mitigation.

[0024] 1. Stream table data sampling. Use the OpenFlow message event OFPFlowStatsRequest / OFPFlowStatsReply or the OpenvSwitch command line program to poll and sample the flow table of the switch to obtain all the information in the flow table of the current switch.

[0025] The polling sampling interval for the switch flow table is the same as the soft timeout configured for the SDN flow table, so as to prevent inactive flow table entries from generating a large number of duplicate data entries in the data set.

[0026] When polling the switch flow table, count the number of flow ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an SDN flow table overflow attack detection and alleviation method based on machine learning, and belongs to the field of network security. The method comprises the following steps: polling an OpenvSwitch flow table item based on an OpenFlow protocol to form original data; analyzing each field of a flow table item, dividing the fields into two groups of 'feature' and 'identification', and calculating five features of the flow table item and labels belonging to 'elephant flow', 'mouse flow' and 'attack flow' in combination with a network measurement criterion to serve as an original data set; training a flow table item classification model by adopting supervised learning, and deploying the flow table item classification model in OpenvSwitch; monitoring the flow table occupancy rate by a real-time attack mitigation system in the OpenvSwitch, if the flow table occupancy rate exceeds a threshold value, judging that a flow table overflow attack occurs, predicting expelling scores of flow table items by the system through a model and ranks the scores, and deleting a certain number of flow table items in sequence to release the flow table space. The flow table overflow attack detection and mitigation method is high in detection rate, low in system overhead, compatible with the SDN environment and capable of achieving accurate detection and real-time mitigation of the flow table overflow attack.

Description

technical field [0001] The invention belongs to the field of computer network security, and in particular relates to a machine learning-based SDN flow table overflow attack detection and mitigation method. Background technique [0002] As an emerging network architecture, SDN decouples the network layer data and control plane in the traditional TCP / IP network, reduces the complexity of the data plane, enriches the functions of the control plane, and provides good programmability , which greatly facilitates application deployment and innovation in the field of computer networks; however, this new network structure also brings some unique security issues, and the security issues of SDN itself have received extensive attention. [0003] The simplified data plane in SDN is only responsible for the matching and forwarding of data packets, and this step is performed in the SDN switch. In an SDN switch, the flow table is the most critical component, responsible for storing data pa...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L9/40G06K9/62G06N20/00
CPCH04L63/1416H04L63/1441G06N20/00G06F18/241
Inventor 汤澹严裕东张冬朔王思苑王小彩李诗宇
Owner HUNAN UNIV
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com