摘要
为解决软件定义网络(SDN,software-defined networking)控制器所面临的DDoS攻击问题,本文提出一个高效率的联合检测和防御机制.联合检测部分采用改进自组织映射(SOM,self-organizing mapping)算法和多维条件熵算法相结合,通过对自组织映射算法的改进,与多维条件熵算法相互提供反馈信息,达到高效联合检测目的.联合防御部分采用常规防御模块与快速防御模块相结合,通过调整优先级的方式针对不同的检测结果采取不同的防御策略.大量实验表明,本文的联合检测机制可以达到95.2%的检测率;与单独的防御机制相比,联合防御机制中控制器的响应时间可以平均降低0.11 s.
In order to defend against the DDoS attacks for SDN(software-defined networking)controller,this paper proposed an efficient joint detection and defense mechanism.The joint detection part adopted the combination of improved self-organizing mapping algorithm and multidimensional conditional entropy algorithm.By combining the two methods,the purpose of joint detection was achieved.The joint defense part includes a conventional defense module and a fast defense module,which adopts different defense strategies for different detection results by adjusting the priority.Extensive experimental results showed that the joint detection mechanism can achieve a detection rate of 95.2%,and the response time of the joint defense mechanism to the controller can be reduced by 0.11 s on average,compared with the single defense mechanism.
作者
曾荣飞
高原
王兴伟
张榜
ZENG Rong-fei;GAO Yuan;WANG Xing-wei;ZHANG Bang(School of Software,Northeastern University,Shenyang 110169,China;School of Computer Science&Engineering,Northeastern University,Shenyang 110169,China)
出处
《东北大学学报(自然科学版)》
EI
CAS
CSCD
北大核心
2020年第9期1217-1222,共6页
Journal of Northeastern University(Natural Science)
基金
国家重点研发计划项目(2017YFB0801701)
国家自然科学基金资助项目(61872073)。
关键词
软件定义网络
分布式拒绝服务攻击
改进自组织映射算法
多维条件熵算法
优先级
software-defined networking
distributed denial of service attack
improved selforganizing mapping algorithm
multidimensional conditional entropy algorithm
priority
