Research And Implementation Of Flow Table Optimization And Mechanism Of Attack Detection Based On SDN

With the emergence of new types of networks such as mobile Internet,cloud computing network,and the Internet of Things,a new network technology called Software-defined networking has emerged,which benefits network management.However,the huge network traffic in the large data center brings great pressure to the data plane of SDN.OpenFlow can only store a limited number of flow tables.Limitation of flow table resources and computing resources will become the bottleneck in the development of SDN.The network security problems also occur in SDN.Once an attack occurs in the network,these network attack traffic will not only consume a large amount of network bandwidth,but also consume a large amount of computing storage resources.What's worse,people's privacy is no longer safe,which is a great threat to people's work and life.When the network administrators maintain the network,the running status of the network should be monitored in real time.Network administrators should discover the network attack situation in time,and respond in time to maintain the security of the network.In this case,how to develop an accurate real-time network attack detection and traceability scheme that provides network administrators with timely warnings and reference data becomes an urgent issue for network security.According to these two problems,this thesis proposes a new flow table optimization mechanism from the perspective of flow table resources and controller resources,including the proportion of active flow entries and combination of flow table resources and controllers,which will dynamically adjust the attributes of the flow table entry,and also proposes an attack detection and traceability mechanism based on SDN from the perspective of self-similarity of network traffic and flow table entry.The following are a summary of the contents.(1)An adaptive flow table adjustment algorithm(CFTC)for SDN is proposed,which mainly combines flow table and controller.The algorithm monitors network traffic in real time and calculates the proportion of active flow table entries in the OpenFlow switch.The value of the idle_timeout is dynamically set based on the characteristics of the different data flows.On the premise of minimizing the load of the controller and flow table resources,a reasonable idle_timeout value is set to flow table entry while matching to remove disused flow table entry in time,which improves the hit of the active flow entry and maximizes the utilization of flow table resources.In this case,the forwarding speed of data flows is increased.The algorithm not only improves the average throughput of the network,but also copes with burst network traffic.(2)An attack detection and traceback algorithm based on SDN is proposed.Accoding to attack traffic in the network,the self-similarity of network traffic is used to calculate the self-similarity index,which determines whether there is an attack in the network.After detecting an attack in the network,a directed graph is established based on the hosts,switches and flow table entries in the switches in the network.According to the host that receives the attack,the algorithm can find the attack path and the node launching the attack.(3)Based on the flow table optimization,attack detection and traceback,the data center management system based on SDN is designed and constructed.Firstly,the architecture of the system is elaborated and the technology used in it is briefly introduced.Then the functions of each module are analyzed in detail,and the main classes designed in each module are introduced.Finally,the detail operation is demonstrated by the system interface.