Research On DDoS Attack Detection And Flow Table Overloading Defense Technology In SDN

Software-defined network is a new network architecture that centralized control is its main advantage.At the same time,the controller has become a new target of network attackers.The security of the controller directly threatens the security of the entire Software defined network.How to detect DDoS attacks accurately and efficiently becomes the core problem of controller security research.And also,the size of the flow table is a key vulnerability in the Software-defined network.After the attack flow into the network,the size of the flow table space is most likely to become a new target.The attacker will launch a flow table overloading attack,which poses a threat to the entire network.In order to mitigate this threat,this thesis proposes a DDoS attack detection method based on BP neural network in SDN environment.This method obtains the flow table entries of the OpenFlow switch,analyzes the characteristics of DDoS attacks in SDN environment,and extracts six important characteristics related to attacks,such as the success rate of the flow table matching and the flow rate of the flow table.By analyzing the changes of the six eigenvalues,and using BP Neural Network algorithm to classify the training samples to achieve the DDoS attack detection.The experimental results show that the method can improve the recognition rate and reduce the detection time.The effectiveness of the method is verified by the deployment in a software-defined network environment.For the flow table overload attack,a flow table space sharing strategy is proposed to solve the limited flow table space caused by the expensive and lack of power consumption of Ternary content addressable memory(TCAM),which is easy to be overloaded by flow table(Converted to DDoS attacks)disabled by the problem.It aggregates the free flow table resources available in the entire SDN network to mitigate the system's threat to individual switch attacks.Experimental results based on the test platform show that the proposed strategy can effectively prevent the flow table overload attack.