高级搜索

留言板

尊敬的读者、作者、审稿人, 关于本刊的投稿、审稿、编辑和出版的任何问题, 您可以本页添加留言。我们将尽快给您答复。谢谢您的支持!

姓名
邮箱
手机号码
标题
留言内容
验证码

基于对象特征的软件定义网络分布式拒绝服务攻击检测方法

姚琳元 董平 张宏科

姚琳元, 董平, 张宏科. 基于对象特征的软件定义网络分布式拒绝服务攻击检测方法[J]. 电子与信息学报, 2017, 39(2): 381-388. doi: 10.11999/JEIT160370
引用本文: 姚琳元, 董平, 张宏科. 基于对象特征的软件定义网络分布式拒绝服务攻击检测方法[J]. 电子与信息学报, 2017, 39(2): 381-388. doi: 10.11999/JEIT160370
YAO Linyuan, DONG Ping, ZHANG Hongke. Distributed Denial of Service Attack Detection Based on Object Character in Software Defined Network[J]. Journal of Electronics & Information Technology, 2017, 39(2): 381-388. doi: 10.11999/JEIT160370
Citation: YAO Linyuan, DONG Ping, ZHANG Hongke. Distributed Denial of Service Attack Detection Based on Object Character in Software Defined Network[J]. Journal of Electronics & Information Technology, 2017, 39(2): 381-388. doi: 10.11999/JEIT160370

基于对象特征的软件定义网络分布式拒绝服务攻击检测方法

doi: 10.11999/JEIT160370
基金项目: 

国家973重点基础研究发展计划(2013CB329100),国家863高技术研究发展计划(2015AA016103),国家自然科学基金(61301081),国家电网公司科技项目([2016]377)

Distributed Denial of Service Attack Detection Based on Object Character in Software Defined Network

Funds: 

The National Key Basic Research Program of China (2013CB329100), The National High Technology Research and Development Program 863 (2015AA016103), The National Natural Science Foundation of China (61301081), SGRIXTJSFW ([2016]377)

  • 摘要: 软件定义网络(SDN)受到分布式拒绝服务(DDoS)攻击时,攻击方会发送大量数据包,产生大量新的终端标识占用网络连接资源,影响网络正常运转。为准确发现受攻击对象,检测被占用资源,利用GHSOM技术,该文提出基于对象特征的DDoS攻击检测方法。首先,结合SDN网络及攻击特点,提出基于目的地址的检测7元组,并以此作为判断目标地址是否受到DDoS攻击的检测元素;然后,采用模块化设计,将GHSOM算法应用于SDN网络DDoS攻击的分析检测中,并在OpenDayLight的仿真平台上完成了仿真实验。实验结果显示,该文提出的检测7元组可有效检测目标对象是否受到DDoS攻击。
  • BENSON T, AKELLA A, and MALTZ D A. Unraveling the Complexity of Network Management[C]. 6th USENIX Symposium on Networked Systems Design and Implementation, Boston, MA, USA, 2009: 335-348.
    KREUTZ D, RAMOS F M V, ESTEVES VERISSIMO P, et al. Software-defined networking: A comprehensive survey[J]. Proceedings of the IEEE, 2015, 103(1): 14-76. doi: 10.1109/ jproc.2014.2371999.
    MCKEOWN N. How SDN will shape networking[C]. Open Networking Summit, Palo Alto, CA, USA, 2011: 56-61.
    SHENKER S, CASADO M, KOPONEN T, et al. The future of networking, and the past of protocols[C]. Open Networking Summit, Palo Alto, CA, USA, 2011: 24-29.
    KANDOI R and ANTIKAINEN M. Denial-of-service attacks in OpenFlow SDN networks[C]. 2015 IFIP/IEEE International Symposium on Integrated Network Management (IM), Ottawa, BC, Canada, 2015: 1322-1326. doi: 10.1109/inm.2015.7140489.
    SHIN S, YEGNESWARAN V, PORRAS P, et al. Avant- guard: Scalable and vigilant switch flow management in software-defined networks[C]. Proceedings of the 2013 ACM SIGSAC Conference on Computer Communications Security, Berlin, Germany, 2013: 413-424. doi: 10.1145/ 2508859.2516684.
    ASHRAF J and LATIF S. Handling intrusion and DDoS attacks in software defined networks using machine learning techniques[C]. IEEE 2014 National Software Engineering Conference (NSEC), Event-Karachi, Pakistan, 2014: 55-60. doi: 10. 1109/nsec.2014.6998241.
    杨雅辉, 姜电波, 沈晴霓, 等. 基于改进的GHSOM的入侵检测研究[J]. 通信学报, 2011, 32(1): 121-126. doi: 10.3969/j. issn.1000-436X.2011.01.016.
    YANG Yahui, JIANG Dianbo, SHEN Qingni, et al. Research on intrusion detection based on an improved GHSOM[J]. Journal on Communications, 2011, 32(1): 121-126. doi: 10. 3969/j.issn.1000-436X.2011.01.016.
    BRAGA R, MOTA E, and PASSITO A. Lightweight DDoS flooding attack detection using NOX/OpenFlow[C]. IEEE 2010 35th Conference on Local Computer Networks (LCN), Denver, Colorado, USA, 2010: 408-415. doi: 10.1109/lcn. 2010.5735752.
    MOUSAVI S M and ST-HILAIRE M. Early detection of DDoS attacks against SDN controllers[C]. IEEE 2015 International Conference on Computing, Networking and Communications (ICNC), Anaheim, California, USA, 2015: 77-81. doi: 10.1109/iccnc.2015.7069319.
    GIOTIS K, ARGYROPOULOS C, ANDROULIDAKIS G, et al. Combining OpenFlow and sFlow for an effective and scalable anomaly detection and mitigation mechanism on SDN environments[J]. Computer Networks, 2014, 6(2): 122-136. doi: 10.1016/j.bjp.2013.10.014.
    PORRAS P, SHIN S, YEGNESWARAN V, et al. A security enforcement kernel for OpenFlow networks[C]. Proceedings of the First Workshop on Hot Topics in Software Defined Networks, Helsinki, Finland, 2012: 121-126. doi: 10.1145/ 2342441.2342466.
    MIHAI-GABRIEL I and VICTOR-VALERIU P. Achieving DDoS resiliency in a software defined network by intelligent risk assessment based on neural networks and danger theory[C]. IEEE 2014 15th International Symposium on Computational Intelligence and Informatics (CINTI), Budapest, Hungary, 2014: 319-324. doi: 10.1109/CINTI. 2014.7028696.
    RAUBER A, MERKL D, and DITTENBACH M. The growing hierarchical self-organizing map: exploratory analysis of high-dimensional data[J]. IEEE Transactions on Neural Networks, 2002, 13(6): 1331-1341. doi: 10.1109/tnn. 2002.804221.
    HUANG S Y and HUANG Y. Network forensic analysis using growing hierarchical SOM[C]. IEEE 2013 13th International Conference on Data Mining Workshops (ICDMW), Brisbane, Australia, 2013: 536-543. doi: 10.1109/icdmw.2013.66.
    html, 2016.
    鲍旭华, 洪海, 曹志华. 破坏之王: DDoS攻击与防范深度剖析[M]. 北京: 机械工业出版社, 2014: 20-76.
    BAO Xuhua, HONG Hai, AND CAO Zhihua. The King of Destruction: DDoS Attact and Defense Depth Analysis[M]. Beijing: China Machine Press, 2014: 20-76.
    BORGNAT P, DEWAELE G, FUKUDA K, et al. Seven years and one day: Sketching the evolution of internet traffic[C]. IEEE 2009 INFOCOM, Rio de Janeiro, Brazil, 2009: 711-719. doi: 10.1109/infcom.2009.5061979.
  • 加载中
计量
  • 文章访问数:  1380
  • HTML全文浏览量:  160
  • PDF下载量:  508
  • 被引次数: 0
出版历程
  • 收稿日期:  2016-04-18
  • 修回日期:  2016-10-19
  • 刊出日期:  2017-02-19

目录

    /

    返回文章
    返回