A Research Of A Technology To Mitigate DDoS Attack Based On SDN

With the development of cloud computing and e-commerce,the threat of cyber attacks is becoming more and more serious.According to statistics,DDoS attack is the most frequent and harmful network attack at present.This attack aims at the availability of the target,causes the target to run out of its resources and fail to respond normally,causes communication failure finally.This kind of attack was never solved completely,the only way to reduce damage is to mitigate attack traffic.However,DDoS mitigation system has the problems of complex deployment,high cost,delay in detection attack and too long exposure of the server.In order to solve the above problems,DDoS attack detection algorithm,SDN and Floodlight controller were researched.On this basis,a system to mitigate DDoS attack is developed and actualized.Firstly,the system is expanded on the Floodlight controller,which create a thread to collect data from DDoS attacks,detect DDoS attacks,and mitigate DDoS attacks.After the thread starts,the system collects the DDoS attack data of the data layer by the controller.Secondly,the system uses three algorithm based on statistical analysis to define the TCP session.These three algorithms are the Chi-Square Test,Correlation Matrix and Shannon Entropy,that compares with the TCP session of the observation to carry out the DDoS attack detection and get the attack server IP.Finally,the system creates the flow table to break all connections established with the attacked server.At the same time,the connection-oriented load balancing can mitigate DDoS attack traffic in a short time.The results of the test show that the system can collect DDoS attack data in the data layer,confirm the server that is attacked and disconnect all connections with it after the end of the detection.And the three detection algorithms can detect the DDoS attack accurately.The load balancing can reduce the attack response time of the system.This system alleviated the DDoS attack of TCP flooding in the network,and solved the delay problem in the traditional DDoS attack system with the advantages of low cost and easier development.