Research on DDoS Attack Detection Technology based on SDN
SDN adopts a centralized control method,achieving visualization and dynamism of network management,and is currently a new type of network architecture.However,at the beginning of SDN design,security issues were not considered.In the current situation where DDoS attacks are so prevalent,it is necessary to conduct research on attack detection under SDN architecture.After analyzing the SDN architecture mechanism,this article studies the location deployment of attack detection modules and designs a multi-level collaborative detection scheme for DDoS attacks.It designs an independent modeling scheme based on ensemble learning algorithms to address the problem of attack detection modeling.It extracts two sets of samples from the KDDCUP99 dataset without replacement,and uses SVM and adaBoost algorithms for independent modeling and sample combination modeling.The use of the adaBoost algorithm has a certain improvement in the classification performance of samples,and modeling alone has no impact on the classification performance of samples.It also shows higher classification performance than the total samples on teardrop.The experimental results show that independent modeling for collaborative detection of forwarding plane and control plane has certain feasibility.This scheme starts from reducing the burden on the SDN centralized control center,providing a guarantee for effective network management,and has certain guiding significance for attack detection of SDN architecture.
SDN architectureDDoS attackindependent modelingensemble learningcollaborative detection
NETL
NSTL
万方数据
