Your search keyword '"software definition network"' showing total 2 results

1. 基于核函数的软件定义网络 DDoS 实时安全系统.

Author

刘 敏, 滕 华, and 何先波

Subjects

*SECURITY systems software, *KERNEL functions, *DEFINITIONS, *STATISTICS, *SECURITY systems

Abstract

Aiming at the problems oflog detection accuracy and long delay of DDoS (distributed denial-of-service) attacks in the software definition networks, this paper proposed a real-time DDoS security system of software definition networks based on kernel functions. Firstly, it abstracted the packet header fields of software definition networks periodly, and formed the abstracted information as matrices; then, it adopted the Mahalanobis distance to analyze the significant change of continuous feature vectors, and it designed two kernel functions to evaluate the behavior flows of attacks; lastly, it identified the attackers by the spectral clustering technique and the covariance statistical information. Experimental results based on the real software definition networks show that the proposed security system realizes a good detection accuracy, and performs a reasonable processing time. [ABSTRACT FROM AUTHOR]

Published

2020

2. SDN 环境下基于 BP 神经网络的DDoS攻击检测方法.

Author

王晓瑞, 庄雷, 胡颖, 王国卿, 马丁, and 景晨凯

Abstract

Softwares definition network is a new network architecture that achieves a centralized network control. Although centralized control is the main advantage of SDN, but if subject to DDoS attacks,the information will be not reachable,it also likely to cause a single point of failure. In order to mitigate this threat, this paper proposed a DDoS attack detection method based on SDN centralized control. This algorithm obtained the flow table items of OpenFlow switch, analyzed the characteristics of DDoS attacks in SDN environment, and extracted six characteristics related to attacks. By analyzing the changes of the six eigenvalues, it used BP neural network algorithm to classify the training samples to achieve the DDoS attack detection. The experimental results show that the method can improve the recognition rate and reduce the detection time. The effectiveness of the method is verified by the deployment in a software-defined network environment. [ABSTRACT FROM AUTHOR]

Published

2018