Software-defined networking(SDN)is a novel network architecture that provides fine-grained centralized network management services.It is characterized by control and forwarding separation,centralized control,and open interface characteris-tics.Due to the centralized management logic of the control layer,controllers have becom the prime targets for distributed denial-of-service(DDoS)attacks.Traditional statistics-based DDoS attack detection algorithms often have problems such as high false-positive rates and fixed thresholds,while detection algorithms based on machine learning models are often involved in substantial computational resource consumption and poor generalization.To address these challenges,this study proposes a two-tier DDoS at-tack detection model based on statistical features and ensemble autoencoders.The statistics-based method extracts Rényi entropy features and sets a dynamic threshold to judge suspicious traffic.The ensemble autoencoder algorithm is then applied for a more accurate DDoS attack judgment of suspicious traffic.The double-layered model not only enhances detection performance and solves the problem of high false alarm rates,but also effectively shortens the detection time,thereby reducing the consumption of computational resources.Experimental results show that the model achieves high accuracy in different network environments,with the lowest F1 score on various datasets is more than 98.5%,demonstrating a strong generalization capability.
维普
万方数据