摘要
软件定义网络(SDN)是一种新型的网络范式,其不仅可以增强系统的编程能力,而且还可利用最简单有效的方法来解决传统的网络威胁。研究发现,该范式中最重要的元素是控制器,其可对每个通信转发元素(交换机或路由器)进行管理,而且由该控制器提供的流量统计信息往往被认为是可用于开发基于网络的入侵检测系统的有用信息。基于此,提出了一种基于流量的多级混合入侵检测系统,该系统可以利用近邻方法以及分层极限分析来对网络威胁进行评估预测。最后通过与基于NSL-KDD基准数据集的常规监督机器进行算法精度的比较,验证了此多级混合系统的合理性以及可用性。
Software-Defined Networking (SDN) is a novel networking paradigm,which can not only enhance the programming ability of the system, but also use the simplest and effective methods to solve the traditional network threats. The most important element of the paradigm,the study found,is the controller,which manages each communication forwarding element (switch or router),and the traffic statistics provided by the controller are often considered useful information for the development of a network-based intrusion detection system. Based on this,a multistage hybrid intrusion detection system was proposed based on traffic,which could use the neighbor method and stratified limit analysis to evaluate and predict network threats. Finally,the rationality and feasibility of the multi-level hybrid system were verified by comparing the algorithm accuracy with the conventional supervisory machine based on NSL-KDD benchmark data set.
作者
彭锴
PENG Kai(Shantou Power Supply Bureau,Shantou 515000,China)
出处
《机电工程技术》
2019年第3期68-71,共4页
Mechanical & Electrical Engineering Technology
关键词
人工智能
入侵检测系统
软件定义网络
网络安全
artificial intelligence(AI)
intrusion detection system(IDS)
software defined networks(SDN)
network security
