本文已被:浏览 652次 下载 1830次
Received:February 06, 2023 Revised:March 08, 2023
Received:February 06, 2023 Revised:March 08, 2023
中文摘要: 分布式拒绝服务攻击(distributed denial of service, DDoS)是网络安全领域的一大威胁. 作为新型网络架构, 软件定义网络(software defined networking, SDN)的逻辑集中和可编程性为抵御DDoS攻击提供了新的思路. 本文设计并实现了一个轻量级的SDN环境下的DDoS攻击检测和缓解系统. 该系统使用熵值检测方法, 并通过动态阈值进行异常判断. 若异常, 系统将使用更精确的决策树模型进行检测. 最后, 控制器通过计算流的包对称率确定攻击源, 并下发阻塞流表项. 实验结果表明, 该系统能够及时响应DDoS攻击, 具有较高的检测成功率, 并能够有效遏制攻击.
Abstract:Distributed denial of service (DDoS) attack is a major threat in the field of network security. As a new type of network architecture, the logic centralization and programmability of software defined networking (SDN) provide new ideas for defending against DDoS attacks. This study designs and implements a lightweight DDoS attack detection and mitigation system in SDN. The system uses the entropy detection method and judges the abnormality through the dynamic threshold. If the dynamic threshold is abnormal, the system will use a more accurate decision tree model for detection. Finally, the controller determines the attack source by calculating the packet symmetry rate of the flow and delivers the blocking flow entry. The experimental results show that the system can respond to DDoS attacks in time. It has a high detection success rate and can effectively contain attacks.
文章编号: 中图分类号: 文献标志码:
基金项目:工信部2020年工业互联网创新发展工程(TC200H01V); 国家自然科学基金(61802186, 61472189)
引用文本:
沈浩桐,魏松杰.SDN环境下DDoS攻击检测和缓解系统.计算机系统应用,2023,32(8):133-139
SHEN Hao-Tong,WEI Song-Jie.DDoS Attack Detection and Mitigation System in SDN Environment.COMPUTER SYSTEMS APPLICATIONS,2023,32(8):133-139
沈浩桐,魏松杰.SDN环境下DDoS攻击检测和缓解系统.计算机系统应用,2023,32(8):133-139
SHEN Hao-Tong,WEI Song-Jie.DDoS Attack Detection and Mitigation System in SDN Environment.COMPUTER SYSTEMS APPLICATIONS,2023,32(8):133-139
