Ddos Attack Detection And Defense In Software Defined Network

Posted on:2019-12-19

Degree:Master

Type:Thesis

Country:China

Candidate:C Yu

Full Text:PDF

GTID:2428330563993339

Subject:Computer technology

Abstract/Summary:

PDF Full Text Request

Distributed Denial of Service(DDoS)attack is easy to be implemented,difficult to be traced and dangerous.Software Defined Network(SDN)is a new kind of network architecture,network become more fragile because its centralized control mode.The DDoS attack in SDN network not only damage the target host,but also affect the controller and switch,seriously will cause the whole SDN network collapsed.To sovle the DDoS attack in SDN network,An attack detection and defense system is designed and implemented.The system consists of four parts: data collection and preprocessing module,feature extraction module,attack detection module and defense module.The data collection and preprocessing module collects the packet_in packets sent to the controller,and the raw data is processed by preprocessing module.Feature extraction module extracts source IP,source port,destination IP,destination port and protocol type from the packet,and sets optimal sliding window size,computes the entropy of five characteristics from each window.The attack detection module is based on the entropy values of five characteristics,adopts the support vector machine algorithm to train the attack detection model,runs model to detect the attack on the controller.Positioning defense module,because that SDN controller holds the information of the whole network,can quickly find the position of the attack,and then installs flow rules to drop attack traffic.Using floodlight controller and mininet to build SDN network environment,the experiment results shows that the detection module can detect attack which is accounted for 25% in the whole traffic with 98% accuracy,defense module can locate attack sources within 3 s and distributed flow rules to filter the attack traffic.In addition,for the classic intrusion detection data set DARPA2000,detection module can detect the attack with 91% accuracy.It's found in experiment that the rules of the defense module generated are easy to filter part of normal flow,and how to generate the defense rules more precisely is the point of research in the future.

Keywords/Search Tags:

Software Defined Network, Distributed Denial of Service, Support Vector Mechine, entropy

PDF Full Text Request

Related items

1	Research And Implementation Of DDoS Attack Detection Method Based On Software Defined Network
2	Research On Distributed Denial Of Service Attack Detection Methods In SDN
3	Research On Network Security Technology In Software Defined Networks
4	Research On DDoS Attack Defense Mechanism Based On SDN
5	Research On Detection And Mitigation Technique For Distributed Denial Of Service Attacks Based On SDN
6	Research Of DdoS Attack Detection Method Based On Conditional Entropy And Random Forest In SDN
7	Research On DDoS Attack Detection And Mitigation In SDN Network Environmen
8	Research On DDoS Attack In Software Defined Network Environment
9	Research On IoT Security Technology Based On Software-defined Network
10	Research On DDoS Detection And Defense Scheme Based On Machine Learning In Software-Defined Networking