Research on Detection and Defense Methods for Software-Defined Network Architecture after Hybrid Attack by Distributed Denial of Service

The architecture of software-defined network (SDN)enhances the openness of the network by separating the control and forwarding functions, but the centralized SDN control form is susceptible to distributed denial of service (DDoS) attacks. In this paper, entropy value and back-propagation neural network (BPNN) were applied to the DDoS attack detection of SDN, and then the two detection algorithms were simulated in MATLAB software and compared with the K-means algorithm. The results showed that in the face of four DDoS attacks, SYN Flood, ACK Flood, UDP Flood and ICMP Flood, the BPNN-based DDoS detection had higher accuracy and less detection time; the switch that adopted the BPNN-based DDoS detection algorithm adjusted the traffic ratio back to normal level faster when facing DDoS attacks, reducing the impact on other switches and maintaining the traffic stability of the network. (c) 2024 Institute of Electrical Engineers of Japan. Published by Wiley Periodicals LLC.