| DDoS attack is one of the most severe threat in current internet,which can bring huge economic and reputational damage to the victim.And DDoS attack is still developing rapidly,the frequency is getting higher and the scale is getting bigger.China is the main goal of DDoS attack,almost half of the victims are located in China.So research on countermeasures to DDoS attack has important social significance.Because of its wide distribution and spoofed information,DDoS attack is difficult to identify attackers.SDN is novel network structure based on the idea of separation of control plane and data plane.SDN allows us to program and monitor networks,and decide how to forward a packet,so it provides a new solution to defend DDoS attack.This paper proposes a DDoS attack detection and traceback method based on SDN,mainly solving the traceback problem.So it can mitigate the attack traffic on the source side.The detection part in this paper only focus on ICMP flooding attack,SYN flooding attack and DNS amplification attack,and we adopt machine learning to detect DDoS attack.The core part of traceback part is building a controller network and design a communication protocol among controllers,which can achieve two goals,one is to build and maintain an independent and stable controller network to enable communication among controllers,and the other is to enable attack information exchange among controllers,so they can cooperate to find attackers and mitigate DDoS attack.According to the experimental results,the proposed controller network and protocol can run stably and efficiently.And the proposed DDoS attack detection and traceback method can achieve high detectionaccuracy,find attackers accurately and mitigate DDoS attack traffic effectively with a relatively low cost and latency. |
PDF Full Text Request