摘要
根据分布式拒绝服务(DDoS)攻击特性与OpenFlow技术,提出一种基于软件定义网络(SDN)的DDoS攻击检测方法。获取OpenFlow交换机中安装的流表项,构建针对目的地址的流表特征值,并采用支持向量机对训练样本进行分类,实现DDoS攻击的检测。通过将该DDoS攻击检测方法进行原型系统实现并集成到SDN网络环境中,验证了该方法的正确性和有效性,并表明其能在提高DDoS攻击行为检测率的同时明显降低误报率,具有较好的综合检测性能。
According to the characteristics of Distributed Denial of Service( DDoS) attack and Open Flow technology,this paper proposes a novel DDoS attack detection method based on Softw are Defined Network( SDN). It gets flow-table item installed in Open Flow switch,constructs the effective global network flow-table characteristic values for destination address,and classifies the training sample by using Support Vector Machine( SVM) to realize DDoS attack on-line detection. It implements prototype system of DDoS attack detection methods and makes it integrate into the SDN environment to verify the correctness and validity of the method. Experimental result shows that this method can improve the DDoS attack Detection Rate( DR) and decrease False Alarm Rate( FR),and it has good comprehensive performance.
出处
《计算机工程》
CAS
CSCD
北大核心
2016年第2期118-123,共6页
Computer Engineering
基金
上海市科技创新行动计划基金资助项目"基于开放架构的高可靠软件定义网络体系研究"(13511500400)
关键词
软件定义网络
OpenFlow技术
分布式拒绝服务
流表特征值
监督学习算法
攻击检测
Software Defined Network(SDN)
Open Flow technology
Distributed Denial of Service(DDoS)
flow-table characteristic value
supervised learning algorithm
attack detection
