摘要
网络技术的飞跃式发展不断推陈出新,软件定义网络成为当下热门技术为信息时代注入了新鲜动力,而DDOS攻击的危害对于传统网络和SDN都是不容忽视的.基于SDN架构联合机器学习算法共同设计了一种防御DDOS攻击的方案,方案通过提取网络流量特征使用机器学习算法对DDOS异常流进行识别与分类,进而在SDN控制器层面实施拦截与防御动作.实验证明相对于传统的网络部署方式,该方案在攻击过程中更具备防御性,能在相对短的时间内自动执行防御动作,对抑制DDOS攻击具有一定的效果.
With the rapid development of network technology, software-defined network has become a popular technology and injected fresh power into the information age. However, the harm of DDOS attack can not be ignored for both traditional network and SDN. In this paper, based on SDN architecture and machine learning algorithm, a solution to defend against DDOS attacks is designed. This method mainly uses machine learning algorithm to identify and classify DDOS abnormal flows by extracting network traffic Characteristics, and then implements interception and defense actions at the SDN controller level.Experiments show that this scheme is more defensive in the attack process, comparing with the traditional network deployment method, which can automatically perform defensive actions in a relatively short period of time, and has a certain effect on suppressing DDOS attacks.
作者
冯玮
吴玉芹
孙浩航
Feng Wei;Wu Yuqin;Sun Haohang(Ningde Normal University)
出处
《哈尔滨师范大学自然科学学报》
CAS
2022年第6期54-61,共8页
Natural Science Journal of Harbin Normal University
基金
福建省科技厅自然基金项目(2020J01431,2020J01430,2019J01843)
关键词
SDN
机器学习
防御
DDOS
Software Defined Network
Machine learning
Defense
Distributed denial of service attack
