| Software Defined Networks(SDN)is a new type of network architecture,which provides the separation of control plane and data plane,centralized control and other characteristics.Controller is the center of SDN,it can modify the flow table of switches.Though centralized control is the major advantage SDN brings,it will also become the target of network attacks,which brings a certain vulnerability to the network.The research on SDN security is a hot topic at present.Distributed Denial of Service(DDoS)attack has become a major threat to network of different sizes.With the promotion of the use of SDN,SDN will become the main target of DDoS attacks,on the other hand,SDN will also change the defense mechanics against DDoS.Anomaly detection is a common method to deal with security threats,it can be divided into two categories based on statistics analysis and machine learning.Anomaly detection usually consists of three steps: data collection,analysis and anomaly identification.At present,there are many researches on transplanting DDoS attack detection in traditional network to SDN,but those transplanted algorithms tend to ignore the characteristic of SDN,making the detection inefficient and defense omissions.We first study the security of SDN,common DDoS attack methods and related anomaly detection algorithms,and then propose an anomaly detection based on Renyi entropy.This method utilizes the centralized control of SDN,collects network traffic features fast and proves to be effective and lightweight. |
PDF Full Text Request