摘要
软件定义网络(software defined networking,SDN)是一种新型网络创新架构,其分离了控制平面与转发平面,使得网络管理更为灵活。借助SDN控制与转发分离的思想,在SDN基础上引入一个集中式安全中心,在数据平面设备上采集数据,用于对网络流量进行分析,通过熵值计算和分类算法判断异常流量行为。对于检测到的网络异常情况,安全中心通过与SDN控制器的接口通告SDN控制器上的安全处理模块,进行流表策略的下发,进而缓解网络异常行为。通过本系统可以在不影响SDN控制器性能的情况下,快速检测网络中的异常行为,并通过SDN下发流表策略对恶意攻击用户进行限制,同时对SDN控制器进行保护。
SDN (software defined networking) is a novel network infrastructure which separate the control plane from the data plane. Taking advantage of the idea of SDN, a central security center was built which collected traffic from the SDN data plane entity for analyzing. The attacks can be detected based on the entropy variation of the identifier and locate the type of attack with the classification algorithm. As the anomaly patterns were detected, the security center would cooperate with the central controller to install the flow table to alleviate the influence of the attack. The anomaly traffic can be detected early and can't influence the performance of the controller. Besides, the controller can be protected from attack based on our system.
出处
《电信科学》
北大核心
2015年第9期83-89,共7页
Telecommunications Science
基金
国家科技重大专项基金资助项目(No.2013ZX03006002)
基本科研业务费资助项目(No.2015YJS028)
国家高技术研究发展计划("863"计划)基金资助项目(No.2015AA015702)~~
