DDoS Attack Detection In SDN Environment

Posted on:2020-02-16

Degree:Master

Type:Thesis

Country:China

Candidate:D L Yu

Full Text:PDF

GTID:2428330578467005

Subject:Engineering

Abstract/Summary:

PDF Full Text Request

Although software-defined networks have the advantages of centralized control and network programmability,it also faces a multiple security threat.In the process of research,this paper mainly discusses the security problems and characteristics of software defined network and finds that there is no trust evaluation and management mechanism between controller and OpenFlow switches.In addition,there may be third-party or unauthorized OpenFlow switches in software defined network.When malicious DDoS attacks occur,it will inevitably lead to a series of problems such as flow table competition and mutual coverage.In response of the above problems,this paper proposes an intelligent trust management model.In this model,the real-time trust value of any OpenFlow switch is weighted by three parts: the first is the historical trust value recorded by the last time,the second is the indirect trust value calculated by the monitoring probe.The indirect trust value obtained by the bandwidth,delay,and packet loss rate between the OpenFlow switch.The last one is the direct trust value calculated by the decision result of the extreme learning machine for the content of the flow table.Based on the statistical trust value,the controller can determine the priority of each OpenFlow switches to forward the flow table and can also respond quickly to the source attack device or area according to the trust value of the switches.To verify the authenticity and validity of the trust model,six typical DDoS attacks are simulated,and the real-time trust value and the real state of the device are calculated by combining the trust formula.In view of the lack of trust evaluation and trust management mechanism between OpenFlow switches and controller,based on the above intelligent trust model,the experimental results are compared and analyzed.The algorithm used in this study can effectively judge and classify data traffic quickly,effectively and intelligently help administrators and controllers to adjust and select appropriate flow rules,while the algorithms in this article are more granular.

Keywords/Search Tags:

Software Defined Network, DDoS Attack, Trust Evaluation

PDF Full Text Request

Related items

1	Research On Trust Management And Attack Defense Mechanisms For Software-defined Internet Of Things
2	Research On DDoS Attack Detection And Path Backtracking Algorithm In SDN Environment
3	Research On DDoS Attack Detection Method In Industrial Software Defined Network Environment
4	Research On Software Defined Network Security Scheme Based On Intelligent Zero Trust Architecture
5	Research And Application Of DDOS Attack Defense Technology Based On SDN
6	Research On DDoS Attack Detection And Defense Based On In-band Telemetry In SDN
7	DDoS Defense System Based On Software-defined Networking
8	DDoS Attack Detection Method Based On Software Defined Internet Of Things In 5G Environment
9	Ddos Attack Detection And Defense In Software Defined Network
10	Research On DDoS Attack In Software Defined Network Environment