面向网络靶场的DDoS攻击缓解方法研究
Research on DDoS Attack Mitigation Methods for Network Shooting Range
田野 1王丹妮2
作者信息
- 1. 西安电子科技大学杭州研究院,浙江杭州,311200
- 2. 哈尔滨工程大学,黑龙江哈尔滨,150001
- 折叠
摘要
本文提出一种面向不平衡数据的DDoS攻击检测模型,提升对DDoS洪泛攻击的检测效果.以OpenStack为核心技术设计网络靶场,并使用Ceph分布式存储替换OpenStack原生存储系统,提出一种OpenStack与Ceph的超融合网络靶场方案,可以实现对计算、存储、网络资源的统一管理.首先,针对Ceph集群在存储时的数据分布不均情况对平台存储性能的影响,提出一种基于好感度的数据存储优化算法,利用好感度因子约束数据的存储位置,有效提高集群中所有OSD节点存储数据的均衡性.同时,设计了一种基于软件定义网络(Software Defined Network,SDN)的DDoS洪泛攻击检测与缓解方法,有效降低了对物理设备性能的要求,最后结合Ryu控制器的可编程性,实现DDoS洪泛攻击缓解方法.
Abstract
This article proposes a DDoS attack detection model oriented to imbalanced data to improve the detection effect of DDoS flood attacks.Design a cyber range with OpenStack as the core technology,and use Ceph distributed storage to replace the OpenStack native storage system.We propose a hyper-converged network range solution with OpenStack and Ceph,which can achieve unified management of computing,storage,and network resources.First,in view of the impact of uneven data distribution in the Ceph cluster on the storage performance of the platform,a data storage optimization algorithm based on favorability is proposed.This method uses the favorability factor to constrain the storage location of data and effectively improves the balance of data storage on all OSD nodes in the cluster.At the same time,a DDoS flood attack detection and mitigation method based on Software Defined Network(SDN)was designed,which effectively reduced the performance requirements for physical equipment.Finally,combined with the programmability of the Ryu controller,a DDoS flood attack mitigation method is implemented.
关键词
分布式拒绝服务/网络靶场/软件定义网络Key words
Distributed Denial of Service/Cyber Range/Software-Defined Networking引用本文复制引用
基金项目
工业互联网数据安全检测响应与溯源系统项目(TC220H055)
出版年
2024
NETL
NSTL
万方数据