Curve Decision Fusion-Based Saturation Attack Detection Method in SDN
Saturation attacks against Software Defined Network(SDN)switches and controllers are major security issues in SDN.When using ensemble learning methods to detect saturation attacks,existing methods typically use simple distance or entropy calculations to fix the evidence.This may lead to information loss,thereby decreasing detection accuracy.To overcome this problem,a novel curve decision fusion-based saturation attack detection method SACOIN is proposed.SACOIN first calculates the degree of confusion in the original probability matrix to fix the inter-multiclassifier evidence.The probability matrix of the binary classifier is then converted into a signal,and the noise is removed.SACOIN extracts the signal features from the reconstructed wavelet to form a decision matrix.Subsequently,the mutual information between the rows of the decision matrix is calculated to fix the original evidence of multiple classifiers.Finally,the Dempster-Shafer(D-S)evidence theory is used to combine the evidence and obtain the final detection result.The experimental results show that when detecting saturation attacks targeting SDN switches and controllers,SACOIN can achieve high accuracy,precision,recall,and F1 value of 92.3%,93%,92.1%,and 91.3%,respectively.
saturation attackSoftware Defined Network(SDN)filteringdecision fusionD-S theory
万方数据
维普
