期刊文献+

SDN中基于条件熵和决策树的DDoS攻击检测方法 被引量:5

A DDoS attack detection method based on conditional entropy and decision tree in SDN
下载PDF
导出
摘要 软件定义网络(software defined network,SDN)作为一种新型网络架构,其转控分离及集中控制的架构思想为网络带来了显著的灵活性,同时为感知全局网络状态提供了便利。分布式拒绝服务攻击(distributed denial of service,DDoS)是一种典型的网络攻击方式。针对SDN网络中进行DDoS攻击检测的问题,提出了一种基于条件熵和决策树的DDoS攻击检测方法,利用条件熵判断当前网络状态,通过分析SDN中DDoS攻击特点,提取用于流量检测的6项重要特征,使用C4.5决策树算法进行网络流量分类,实现对SDN中的DDoS攻击的检测。实验表明,相比于其它研究方法,文中提出的方法不仅具有较高检测精确率和召回率,而且明显缩短了检测时间。 Software defined network(SDN),as a novel network architecture,introduces significant flexibility through the ideas including separation between forwarding and controlling and centralized control.It also facilitates the global awareness of the network status.Distributed denial of service(DDoS)is a typical attack method.This paper focuses on the problem DDoS attack detection in SDN and proposes a DDoS attack detection method based on conditional entropy and decision tree.The proposed method used conditional entropy to evaluate the current network status.It analyzed the characteristics of DDoS attacks in SDN and extracted six key features for traffic detection.The C4.5 decision tree algorithm was utilized to classify network traffic and achieved DDoS attack detection in SDN.Experimental results show that the method presented in this paper exhibits superior detection precision and recall to other research methods.Additionally,it can significantly reduce the detection time.
作者 傅友 邹东升 FU You;ZOU Dongsheng(College of Computer Science,Chongqing University,Chongqing 400044,P.R.China)
出处 《重庆大学学报》 CAS CSCD 北大核心 2023年第7期1-8,共8页 Journal of Chongqing University
基金 国家自然科学基金资助项目(61309013)。
关键词 软件定义网络 分布式拒绝服务攻击 条件熵 C4.5决策树 software defined network distributed denial of service conditional entropy C4.5 decision tree
  • 相关文献

参考文献2

二级参考文献9

共引文献18

同被引文献48

引证文献5

二级引证文献1

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部