东南大学学报(自然科学版)2017,Vol.47Issue(z1):14-19,6.DOI:10.3969/j.issn.1001-0505.2017.S1.003
基于OpenFlow的SDN网络环境下DDoS攻击检测系统
DDoS attack detection system based on OpenFlow in SDN network environment
摘要
Abstract
To solve the problem of distributed denial of service(DDoS)in software-defined network (SDN)environment,a DDoS attack detection method with active passive combination and statistical flow features is presented.Utilizing the flexible and multi-dimensional features of SDN network ar-chitecture in deploying DDoS attack detection system,the victim host is detected from a large num-ber of network devices earlier through controller and the targeted attack detection is conducted.First, the traffic statistics of the packet_in message is used as the pre-judgment.Then the fine-grained sta-tistical features are further distributed,and the XGBoost algorithm is used to construct the anomaly detection classifier to classify the attacks.Finally,the DDoS attack detection system is implemented in the OpenDayLight controller and evaluated in the Mininet network.The results show that the method can efficiently locate the network equipment suffered DDoS attacks and detect the victim host.XGBoost algorithm applied to the scene has characteristics of high efficiency processing and guarantee the detection rate at the same time,thus it is suitable for the system.关键词
软件定义网络/分布式拒绝服务攻击/攻击检测/网络入侵Key words
software definition network(SDN)/distributed denial of service/attack detection/net-work intrusion分类
信息技术与安全科学引用本文复制引用
安颖,孙琼,黄小红..基于OpenFlow的SDN网络环境下DDoS攻击检测系统[J].东南大学学报(自然科学版),2017,47(z1):14-19,6.基金项目
国家高技术研究发展计划(863计划)资助项目(2015AA016105)、教育部-中国移动科研基金资助项目(MCM20160304). (863计划)
