Joint DDoS detection system based on software-defined networking

被引:0
作者
Song Y. [1 ]
Yang H. [1 ]
Wu W. [1 ]
Hu A. [1 ]
Gao S. [1 ]
机构
[1] School of Information Science and Engineering, Southeast University, Nanjing
来源
Qinghua Daxue Xuebao/Journal of Tsinghua University | 2019年 / 59卷 / 01期
关键词
Anomaly detection; Distributed denial-of-service attack; Ensemble learning; Software-defined networking;
D O I
10.16511/j.cnki.qhdxxb.2018.26.049
中图分类号
学科分类号
摘要
Distributed denial-of-service (DDoS) attacks, which are becoming increasingly serious, have become one of the biggest threats to network security. Traditional defense mechanisms such as instruction detection, traffic filtering and multiple authentication are limited to static networks, which leads to obvious drawbacks. Software-defined networking (SDN) is a typical dynamic network that provides defenses against DDoS. The existing SDN-based DDoS protection solutions are still in development with many problems that need improvement. A DDoS detection scheme combined with trigger detection and in-depth detection is given here to shorten the detection period with low system overhead. A low-overhead, coarse-grained trigger detection algorithm is integrated with a precise, fine-grained, in-depth detection algorithm to reduce system complexity while ensuring high detection accuracy. An SDN DDoS detection system has been implemented on the Mininet platform to test and evaluate the system. The test show that the detection system has low system overhead, high detection accuracy, and strong practical value. © 2019, Tsinghua University Press. All right reserved.
引用
收藏
页码:28 / 35
页数:7
相关论文
共 16 条
[1]  
Dixit A., Hao F., Mukherjee S., Et al., Towards an elastic distributed SDN controller, Proceedings of the 2nd ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking, pp. 7-12, (2013)
[2]  
Gao S., Li Z., Xiao B., Et al., Security threats in the data plane of software-defined networks, IEEE Network, 32, 4, pp. 108-113, (2018)
[3]  
Dao N.N., Park J., Park M., Et al., A feasible method to combat against DDoS attack in SDN network, Proceedings of 2015 International Conference on Information Networking, pp. 309-311, (2015)
[4]  
Giotis K., Argyropoulos C., Androulidakis G., Et al., Combining OpenFlow and sFlow for an effective and scalable anomaly detection and mitigation mechanism on SDN environments, Computer Networks, 62, pp. 122-136, (2014)
[5]  
Mousavi S.M., St-Hilaire M., Early detection of DDoS attacks against SDN controllers, Proceedings of 2015 International Conference on Computing, Networking and Communications, pp. 77-81, (2015)
[6]  
Conti M., Gangwal A., Gaur M.S., A comprehensive and effective mechanism for DDoS detection in SDN, Proceedings of 2017 IEEE International Conference on Wireless and Mobile Computing, Networking and Communications, pp. 1-8, (2017)
[7]  
Wang X.L., Chen M., Xing C.Y., Et al., Defending DDoS attacks in software-defined networking based on legitimate source and destination IP address database, IEICE Transactions on Information and Systems, 99, 4, pp. 850-859, (2016)
[8]  
Braga B.R., Mota M.E., Passito P.A., Lightweight DDoS flooding attack detection using NOX/OpenFlow, Proceedings of the IEEE Local Computer Network Conference, pp. 408-415, (2010)
[9]  
Xiao F., Ma J.Q., Huang X.S., Et al., DDoS attack detection based on KNN in software defined networks, Journal of Nanjing University of Posts and Telecommunications (Natural Science Edition), 35, 1, pp. 84-88, (2015)
[10]  
Gao S., Li Z., Yao Y., Et al., Software-defined firewall: Enabling malware traffic detection and programmable security control, Proceedings of the 2018 on Asia Conference on Computer and Communications Security, pp. 413-424, (2018)
12