Research on low-rate DDoS attack of SDN network in cloud environment |
| |
Authors: | CHEN Xingshu HUA Qiang WANG Yitong GE Long ZHU Yi |
| |
Affiliation: | 1. College of Cybersecurity,Sichuan University,Chengdu 610065,China;2. Research Institute of Cybersecurity,Sichuan University,Chengdu 610065,China;3. College of Computer Science,Sichuan University,Chengdu 610065,China |
| |
Abstract: | Aiming at the problems of low-rate DDoS attack detection accuracy in cloud SDN network and the lack of unified framework for data plane and control plane low-rate DDoS attack detection and defense,a unified framework for low-rate DDoS attack detection was proposed.First of all,the validity of the data plane DDoS attacks in low rate was analyzed,on the basis of combining with low-rate of DDoS attacks in the aspect of communications,frequency characteristics,extract the mean value,maximum value,deviation degree and average deviation,survival time of ten dimensions characteristics of five aspects,to achieve the low-rate of DDoS attack detection based on bayesian networks,issued by the controller after the relevant strategies to block the attack flow.Finally,in OpenStack cloud environment,the detection rate of low-rate DDoS attack reaches 99.3% and the CPU occupation rate is 9.04%.It can effectively detect and defend low-rate DDoS attacks. |
| |
Keywords: | cloud computing software defined networking low-rate DDoS attack Bayesian network |
|
| 点击此处可从《通信学报》浏览原始摘要信息 |
|
点击此处可从《通信学报》下载全文 |
|