SDN网络中DDoS攻击监测与防御方法研究

Research on DDoS Real-Time Monitoring and Mitigating in SDN Network

软件定义网络(SDN)是一种新型的网络架构,具有全局视角,能够实现网络的集中管控。本文研究了SDN网络中DDoS攻击的特点和危害,设计实现了SDN网络中DDoS攻击实时监测和防御机制。在实时监测方面,本文综合分析了DDoS攻击的传统网络行为特征和SDN流表项数据特征后,提出了SDN网络中DDoS攻击检测特征,在进行特征去噪及降维优化后,利用梯度决策分类算法(GBDT)训练分类模型,对产生的SDN流表项数据进行异常分类。而攻击防御方面,针对SDN流表项数据的异常情况,利用SDN的全局视角配置相关参数,实时下发流表项,抑制DDoS攻击。模拟实验结果表明本文提出的DDoS攻击实时监测和防御机制能够有效地检测和缓解SDN网络中的DDoS攻击。

SDN is a novel network architecture which provides centralized control of the whole network with global perspective.This paper establishes a mechanism to monitor and mitigate DDoS attack in SDN network.To detect DDoS attack in real time,characteristics of DDoS attack in traditional network and SDN network are devised as a vector.Based on the devised vector,the data collection module of SDN controller is modified and gradient decision classification algorithm(GBDT)is used to train model for anomaly data classification.To mitigate DDoS attack,according to the classified abnormal data of flow table,the network security policy can be performed by SDN controller.Simulated experiments demonstrate that the mechanism proposed by this paper can detect and mitigate the DDoS attack in SDN network effectively.