Research On DDoS Detection Technology Based On Deep Learning In Software Defined Network

Software Defined Network(SDN)as an emerging network architecture,which has the characteristics of high flexibility and self-programming,and has good application prospects in various fields.SDN centralizes the control logic in the controller.When the network faces DDoS attacks,the controller may stop working due to heavy load.For this problem,this thesis makes an in-depth study on how to efficiently and accurately detect the possible DDoS attacks in the network.The specific research work is as follows:1.Aiming at the common DDoS attacks in the network,combined with the characteristics of SDN possessing a global view,a DDoS attack detection method based on MIC-FCBF and DNN is designed.Firstly,the DDoS situational awareness technology based on data source entropy is designed.Without occupying too many controller resources,it can judge whether the SDN network traffic is abnormal by analyzing the change of the entropy value of the source IP address set of the Packet＿In data packets of each switch in a short time.Secondly,we use the MIC-FCBF feature selection algorithm to select the features in the traffic feature set to obtain the optimal feature subset,and construct five features that are sensitive to DDoS attacks.After perceiving the abnormal network traffic,the above characteristic data are extracted and normalized,and the processed characteristic data is used as the data input of the detection model.Finally,a DDoS detection model based on DNN is constructed by using the method of deep learning,and the feature data is input into the trained detection model to complete the detection of DDoS attacks.Simulation experiments show that the model detection accuracy rate is 99.52%,which has a high accuracy rate and occupies less controller resources.2.Aiming at the problem that the parameter optimization process of the DNN model relies too much on the researcher’s own experience,a DDoS detection method based on variable step glowworm swarm optimization algorithm and DNN is designed.Firstly,based on the traditional glowworm swarm optimization algorithm,a method for fireflies to adaptively change the moving step size according to their own state is proposed to improve the optimization ability of the algorithm.Secondly,an automatic parameter adjustment method of DNN model is proposed,which utilizes the global optimization ability of the variable step glowworm swarm optimization algorithm,encodes the relevant parameters of the DNN model as individual fireflies,and the optimal parameter combination is sought within the given parameter value range to find the optimal detection model.Finally,after the network detects a DDoS attack,the attack source is located by analyzing the relevant information of the Packet＿In data packet,and the PPM method is used to restore the attack path to realize the attack source traceability.It is proved by simulation experiments that the model detection accuracy rate is 99.80%,which is 0.28% higher than the previous one.More importantly,the method proposed in this thesis realizes the automatic parameter adjustment of the DNN model,avoiding the instability of manual parameter adjustment.