Research On SDN-based Defense Against DDoS Attack

With the accelerating transition from traditional internet to mobile internet,the access node to the internet has changed from the previous desktop computers or laptops to the more popular smartphones.People only need their smartphones to enjoy all kinds of conveniences brought by the internet;without going outdoors they can buy any products they want on the online shopping mall and watch films and television programs on online video websites.Just because of this the relations between the internet and people's daily life have become closer and closer,and the usability of the network service has gradually become the focus of network users' attention.It seems that the operation of computer network is stable and reliable,yet it is easy to be attacked,leading to the network service paralysis.Among the various kinds of attacks,Distributed Denial-of-service(DDo S)is an attack technique with strong destructiveness,elusiveness and easiness to carry out.It can cause paralyses for network services for some time,which affects the user experience of network severely.Therefore,how to defend attacks of DDo S and ensure the sustainable usability of network services is still the significant research orientation that cannot be neglected.Firstly targeting at the difficulty in effectively distinguishing the normal traffic from attack traffic,this paper presents a detection method on DDo S based on users' behavioral pattern.For the first step,model building from multiple dimensions is conducted on the behaviors of users visiting network resources to define the determinant factors that are used to determine whether the users' behaviors are normal,and relevant statistical data are collected in the network according to the determinant factors.For the second step,after being vectorized through Word2 Vec,the collected data are categorized through CNN;then LSTM is used to conduct deep learning on the statistical data,and the behavioral pattern of normal users is achieved with time as the measurement unit.The last step is to decide whether there is an attack of DDo S according to the behavioral pattern of users.Secondly targeting at the difficulty in applying the researches on current defense against DDo S to traditional network architecture,this paper presents an architecture based on SDN for the defense against DDo S.This architecture develops full defense from three stages,which are attack prevention,attack perception and attack response.The whole architecture includes modules like node admittance,behavior perception,behavior determination,strategic management and strategic response,etc.Among the modules,node admittance and strategic management are responsible for the network admittance control;behavior perception and behavior determination are to determine whether there are DDo S attacks in the network;strategic response is to deal with the attack traffic.Because of the decoupling between the control plane and the data plane of SDN,this architecture can be mixed with traditional architectures and can achieve smooth transition.Lastly based on the abovementioned theoretical researches,this paper builds a prototypical defense system based on SDN against DDo S,and this system is used to verify and test the feasibility,reliability and accuracy of the defense architecture.