针对软件定义网络(SDN)较传统网络更易遭受网络攻击的现实,从技术原理和架构特点出发,对近年来面向软件定义网络的异常流量检测研究进展进行综述,分析了 SDN 可能遭受网络攻击的组织形式,讨论了当前 SDN 异常流量检测、异常流量溯源、异常流量缓解相关技术的特点、优势及不足;对当前研究中常用的数据集进行了对比分析,并梳理出一些通用的数据预处理方法;总结并展望了未来 SDN 环境下异常流量检测方法的研究方向.调研结果可以指导实际应用需求中适配方法的选取,提出待解决的问题和矛盾可为后续研究提供引导.
Abstract
Since software defined network(SDN)was more vulnerable to network attacks than traditional networks,the research progress of abnormal traffic detection for software defined network in recent years from the technical principle and architecture characteristics was summarized,the possible organizational forms of network attacks on SDN were ana-lyzed,and the characteristics,advantages,and disadvantages of current technologies related to abnormal traffic detection,abnormal traffic traceability,and abnormal traffic mitigation were discussed.The data sets commonly used in current re-search were compared and analyzed,and some general data preprocessing methods were sorted out.The research direc-tion of abnormal traffic detection methods in the SDN environment in the future was summarized and prospected.The research results can guide the selection of adaptation methods in practical application requirements,and the problems and contradictions to be solved can guide subsequent research.
关键词
软件定义网络/深度学习/异常流量检测/异常流量溯源/异常流量缓解
Key words
software defined network/deep learning/abnormal traffic detection/abnormal traffic traceability/abnormal traffic mitigation
维普
万方数据