您的位置:首页  > 论文页面

基于SDN的DDoS攻击检测技术研究

发表时间:2018-11-30  浏览量:1630  下载量:333
全部作者: 赵智勇,辛阳
作者单位: 北京邮电大学网络空间安全学院
摘 要: 软件定义网络(software defined network,SDN)是一种新型的网络架构,其核心优点是转发与控制相分离,并且用户可以自定义控制器。分布式拒绝服务(distributed denial of service,DDoS)攻击是目前互联网正面临的主要威胁之一。由于SDN的这种架构会导致其对DDoS攻击存在单点失效的危机,因此本文提出一种基于熵值计算的DDoS攻击异常检测算法。该算法能够有效利用控制器集中控制的特点。其主要流程是在SDN的环境下利用在控制器上接收到的Packet-in数据包,然后取出数据包中的目的IP字段进行Renyi熵的计算,并通过实验设定相应的阈值进而判断是否受到了DDoS攻击。最后,利用POX控制器和Mininet仿真器构建一个实验仿真平台,并通过实验验证该检测方法的可行性和性能。
关 键 词: 计算机科学技术基础学科;软件定义网络;分布式拒绝服务攻击;Renyi熵;异常检测
Title: Research on DDoS attack detection technology based on SDN
Author: ZHAO Zhiyong, XIN Yang
Organization: School of Cyberspace Security, Beijing University of Posts and Telecommunications
Abstract: Software defined network (SDN) is a new network architecture. Its core advantage is the separation between forwarding and control, and users can customize the controller. At present, distributed denial of service (DDoS) attack is one of the major threats to the Internet. Because of the architecture of SDN can cause a single point failure to DDoS attack, this paper proposes a DDoS attack anomaly detection method based on entropy algorithm. The algorithm can effectively utilize the characteristics of controller centralized control. The main process is to use the Packet-in packet received on the controller under the environment of SDN, then to take out the IP field in the packet for the calculation of the Renyi entropy, and to set the corresponding threshold by the experiment to judge whether or not it has been attacked by DDoS. Finally, an experimental simulation platform is built by using POX controller and Mininet simulator. The feasibility and detection capability of the detection method are verified by experiments.
Key words: basic subject of computer science and technology; software defined network; distributed denial of service attack; Renyi entropy; anomaly detection
发表期数: 2018年11月第22期
引用格式: 赵智勇,辛阳. 基于SDN的DDoS攻击检测技术研究[J]. 中国科技论文在线精品论文,2018,11(22):2270-2278.
 
6 评论数 0
暂无评论
友情链接