Research And Application Of DDoS Attack Detection And Protection Technology Based On SDN

Software-defined Network(SDN)is a new type of network architecture.Its core advantage over traditional network architecture is that its forwarding layer and control layer are separated from each other.At the same time,it also supports the user to customize the development through the interface of the core control layer.Distributed denial of Service attack(DDoS)is one of the main threats to the Internet.Because of its concealment and high destructiveness,the core control layer of SDN has the crisis of single point of failure.Therefore,the main research direction of this paper is to develop a self-defined SDN controller,so that it has the function of detection and protection in the early stage of the DDoS attack,so as to protect the SDN controller from being destroyed by high-speed traffic.Firstly,this paper introduces the related knowledge of SDN and OpenFlow,as well as SDN-related detection and protection technology against DDoS attacks,And the related work and research results of the predecessors are compared and summarized.Then,according to the characteristics of centralized control of SDN architecture,a new lightweight anomaly detection method for DDoS attacks based on entropy calculation is proposed,as well as the corresponding attack traceability strategy and mitigation decision algorithm after the detection of DDoS attacks.Then it is deployed on the SDN controller.Finally,the SDN simulation environment is built by the Mininet simulator and the POX controller to test the function and performance of the proposed algorithm,which proves that the proposed algorithm has the advantages of high efficiency and lightweight.Finally,due to the high simulation of Mininet,the proposed algorithm can be directly applied to the actual scene.The main work of this paper is as follows:(1)The knowledge of SDN architecture,OpenFlow protocol and DDoS attack are studied,and the methods and principles of detecting and defending DDoS attack in SDN environment are deeply studied.(2)After studying the research methods and achievements of the predecessors in the related fields,we find out the shortcomings of the algorithm,and propose a more accurate and lightweight entropy detection algorithm and Threshold calculation method.And through the specific simulation experiments to determine the key parameters of the algorithm will be applied to the relevant detection module.(3)After the research and realization of the detection module,Furthermore,the protection strategy against DDoS attacks is proposed,and then the corresponding protection module is designed and applied to the SDN controller.It ensures that the source of the attack can be traced back and the intensity of the attack can be quantified in the early stage of the DDoS attack on the SDN controller.(4)Using Mininet simulator and POX controller to build the SDN simulation environment for testing,test the detection module and protection module,and prove its accuracy and efficiency.