| Software Defined Networking changes and upgrades the architecture of traditional network,it divides the network control and data forwarding,and decouples the closed traditional network into control planes,data planes and application planes.Due to the openness and programmability of SDN,the SDN has a good adaptability in different scenes.It has been widely used in the fields of network virtualization,cloud data center network,wireless LAN,and cloud computing.Due to the widespread application of SDN,its own issues of security are getting more and more attention.The attackers can launch different forms of DDoS to the control plane,data plane and application plane of SDN,and the south and north interfaces between the planes.This paper analyzes the DDo S attacks in the SDN network and summarizes the scenarios and characteristics of the attacks.In order to detect the DDoS attacks in SDN networks,a DDoS Attack Detection Method Based on Conditional Entropy and GHSOM in SDN is proposed.MBCE&G adopts a phased detection concept and gradually increases inspection efforts.First,according to the phased characteristics of the DDoS attacks in the SDN network,the damaged switches in the network are located,and the traffic passing through the damaged switches is named as suspicious attack flow.Then,based on the diversity characteristics of the types of DDoS attack traffic in the SDN network,the quaternion feature vector are extracted in the form of conditional entropy and is used as the input feature vector of the neural network for a more accurate analysis and detection.Finally,according to the results of simulation experiments,the experimental results show that the MBCE&G detection method can effectively detect the DDoS attacks in the SDN network. |
PDF Full Text Request