面向软件定义网络架构的入侵检测模型设计与实现

针对传统入侵检测方法无法检测软件定义网络（SDN）架构的特有攻击行为的问题，设计一种基于卷积神经网络（CNN）的入侵检测模型。首先，基于SDN流表项设计了特征提取方法，通过采集SDN特有攻击样本形成攻击流表数据集；然后，采用CNN进行训练和检测，并针对SDN攻击样本量较小而导致的识别率低的问题，设计了一种基于概率的加强训练方法。实验结果表明，所提的入侵检测模型可以有效检测面向SDN架构的特有攻击，具有较高的准确率，所提的基于概率的加强学习方法能有效提升小概率攻击的识别率。

Design and implementation of intrusion detection model for software defined network architecture

Concerning the problem that traditional intrusion detection method cannot detect the specific attacks aiming at Software Defined Network (SDN) architecture, an intrusion detection model based on Convolutional Neural Network (CNN) was proposed. Firstly, an feature extraction method was designed based on SDN flow table entry. The SDN specific attack samples were collected to form the attack flow table dataset. Then, the CNN was used for training and detection. And focusing on the low recognition rate caused by small sample size of SDN attacks, a reinforcement learning method based on probability was proposed. The experimental results show that the proposed intrusion detection model can effectively detect the specific attacks aiming at SDN architecture with high accuracy, and the proposed reinforcement learning method can effectively improve the recognition rate of small probability attacks.