摘要
针对软件定义网络架构的特点以及集中化控制模式容易受到黑客控制的问题,提出一种基于软件定义网络的安全控制模型。从入侵检测的角度入手,通过设计入侵监测模型的总体架构并利用卷积神经网络来实现原始数据特征提取,以实现入侵检测模型的训练优化;为了加强模型的有效性,设计一种在线增量学习的小样本数据训练方法,采用在线少量数据训练模型并结合集成学习的方法实现在线入侵检测模型的自适应更新,加强实时数据检测的准确率。实验表明,所提出的方法能够有效缓解来自网络攻击的压力,保障正常节点已建立连接的安全,具有一定的可靠性和扩展性。
Aiming at the characteristics of software defined network architecture and the problem that centralized control mode is easy to be controlled by hackers, this paper proposes a security control model based on software defined network. From the perspective of intrusion detection, the training optimization of intrusion detection model is realized by designing the overall architecture of intrusion detection model and using convolutional neural network to extract the characteristics of original data. In order to enhance the effectiveness of the model, a small sample data training method is designed via online incremental learning. The online training model with small amount of data is combined with the integrated learning method to realize the adaptive update of online intrusion detection model and enhance the accuracy of real-time data detection. Experiments show that the proposed method can effectively alleviate the pressure from network attacks, ensure the security of established connections of normal nodes, and have certain reliability and scalability.
作者
陈翕
CHEN Xi(China Mobile Tietong Infonnatioii and Product Development Center,Beijing 100038,China)
出处
《移动通信》
2021年第6期88-94,共7页
Mobile Communications
关键词
软件定义网络
入侵检测
安全控制
在线增量学习
自适应更新
software defined network
intrusion detection
security control
online incremental learning
adaptive update