摘要
随着当前网络规模的扩大以及网络应用服务的丰富,网络安全的重要性越来越突出。DDoS攻击是当前影响网络安全的威胁之一,快速准确检测DDoS攻击是对抗DDoS攻击的第一步。SDN架构作为新一代网络架构,具有控制器中心化以及控制转发分离的特点,适合对网络流量异常进行监控。基于SDN环境,对部署在SDN控制器上的不同DDoS检测方法进行归纳分析,总结其各自的优点和局限性,探讨SDN环境下DDoS检测下一步的研究方向和趋势。
With the expansion of network scale and the abundance of network application services,the network security is becoming more and more important.DDoS attack is one of the threats affecting network security.Fast and accurate detection of DDoS attack is the first step to combat DDoS attack.As a new generation of network architecture,SDN architecture has the characteristics of centralization of controller and separation of control layer and forwarding layer.It is suitable for monitoring network traffic anomalies.Based on SDN environment,summarizes and analyzes the different DDoS detection methods deployed on SDN controller,summarizes their advantages and disadvantages,and discusses the next research direction and trend of DDoS detection in SDN environment.
作者
陈豪杰
贾创辉
邵维专
CHEN Hao-jie;JIA Chuang-hui;SHAO Wei-zhuan(College of Computer Science,Sichuan University,Chengdu 610065)
出处
《现代计算机》
2019年第5期47-51,共5页
Modern Computer
关键词
软件定义网络
分布式拒绝服务攻击
检测方法
Software Defined Network
Distributed Denial of Service Attack
Detection Method
