Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

DDoS defense system and method based on deep reinforcement learning under SDN

A technology of reinforcement learning and SDN architecture, applied in neural learning methods, transmission systems, digital transmission systems, etc., can solve problems such as weak real-time performance, and achieve the effect of simple method, strong practicability, and flexibility.

Pending Publication Date: 2022-08-05
ZHEJIANG UNIV
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Due to the advantages of software-defined network architecture in defending against DDoS attacks, such as flexible programming and control features, methods based on statistical models and machine learning models can effectively defend against DDoS attacks in software-defined networks (Software-Defined Network, SDN), However, these methods are weak in real-time, and when the attack characteristics change, these methods need to re-collect samples and rebuild the model before the model becomes invalid.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • DDoS defense system and method based on deep reinforcement learning under SDN
  • DDoS defense system and method based on deep reinforcement learning under SDN
  • DDoS defense system and method based on deep reinforcement learning under SDN

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0040] like figure 1 As shown in the figure, a DDoS attack active defense system based on deep reinforcement learning under the SDN architecture of the present invention includes an SDN controller, an edge switch and a deep reinforcement learning agent processing module; wherein, the SDN controller includes a network state collection module, a defense action Execution module, feedback acquisition module. The invention converts the defense process into a Markov decision process, establishes a network view through the SDN network controller, collects network feature information (flow feature) on the edge switch in real time, and accurately reflects the current network request state. Through the near-end policy optimization algorithm in deep reinforcement learning, network features are extracted from the dynamic environment, and the state of each flow is mapped to defense decisions, ensuring the passage of normal traffic and discarding malicious traffic, and realizing active defe...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a DDoS (Distributed Denial of Service) attack active defense system and method based on deep reinforcement learning under an SDN (Software Defined Network) architecture, and the system collects the state characteristics of an edge switch, extracts network characteristics from a dynamic environment through a near-end strategy optimization algorithm, and makes a defense decision for each flow, i.e., decides the allowed passing proportion of each flow, and enables normal flow to pass as much as possible. And malicious traffic is discarded, and deep reinforcement learning actions are verified through network constraint conditions, so that the robustness of the method is improved, and active defense against DDoS attacks is completed. The construction method is simple, flexible to implement and high in efficiency.

Description

technical field [0001] The invention belongs to the field of network security active defense under SDN, and in particular relates to a DDoS attack active defense system and method based on deep reinforcement learning under SDN architecture. Background technique [0002] The number of DDoS attack incidents is still increasing year by year, and with extremely high attack traffic and short attack duration, it is crucial to take timely defensive measures before such attacks rise. Due to the advantages of the software-defined network architecture in defending against DDoS attacks, such as flexible programming and control features, methods based on statistical models and machine learning models can effectively defend against DDoS attacks in software-defined networks (SDNs). But these methods are less real-time, and when the attack characteristics change, these methods need to re-collect samples and rebuild the model before the model becomes invalid. The advent of deep reinforceme...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L9/40G06N3/04G06N3/08
CPCH04L63/1458G06N3/084G06N3/045Y02D30/50
Inventor 周海峰陈述涵杨明亮吴春明
Owner ZHEJIANG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com