Construction of DDoS attack detection model based on information entropy and machine learning in SDN
The centralized control features of software-defined network(SDN)make network management more flexible and efficient,but it also becomes the main object of network attacks,among which distributed denial of service attack DDoS is one of the main threats that SDN faces.Combining the two commonly used detection methods of statistical learning and machine learning in SDN networks,the DDoS attack detection model is analyzed based on information entropy and machine learning algorithm.The threshold value of information entropy is used to judge and detect suspected abnormal traffic,and then the detection model is used to construct by decision tree algorithm to detect DDoS attacks.The six feature attributes are constructed in the classification detection model.The optimal feature subset is selected by calculating the information gain value.Compared with other classification algorithms,this model improves the detection accuracy and reduces the detection time.
software-defined networkdistributed denial of service attackinformation entropyattack detection
万方数据
维普
