5G软件定义网络环境下DDoS攻击防御方案探析
Analysis of DDoS attack defense schemes in 5G SDN environment
李秀娟 1李自臣2
作者信息
- 1. 广东培正学院,广东广州 510830
- 2. 广东水利电力职业技术学院,广东广州 510635
- 折叠
摘要
[目的/意义]由于5G网络环境引入软件定义网络(SDN)和服务质量(QoS)防御机制,出现了一种新的攻击方式,通过监听或暴力破解找出具有较高限权的封包,并利用这些高优先权封包进行分布式拒绝服务(DDoS)攻击.[方法/过程]通过监测流量特征和使用随机森林算法和与黑名单方式,判断是否为DDoS攻击流量.[结果/结论]实验结果显示,不仅能够准确识别DDoS攻击流量并有效防御攻击,而且还能保障合法使用者的连线需求,降低损失.
Abstract
[Purpose/Significance]Due to the introduction of SDN and QoS defense mechanisms in the 5G network environment,a new attack method has emerged,which involves sniffing or brute force cracking to identify packets with high priority,and using these high priority packets for DDoS attacks.[Method/Process]This article proposes to determine whether it is a DDOS attack traffic by monitoring traffic characteristics and using random forest algorithms and blacklist methods.[Results/Conclusion]The experimental results show that this method can accurately identify DDoS attack traffic and effectively defend against attacks,while also ensuring the connection needs of legitimate users and reducing losses.
关键词
软件定义网络/分布式拒绝服务/网络攻击防御策略/随机森林算法/黑名单机制Key words
software-defined networking/distributed denial-of-sdervice/network attack defense schemes/random forest algorithms/blacklist methods引用本文复制引用
基金项目
全国高等院校计算机基础教育研究会计算机基础教育教学研究项目(2023-AFCEC-020)
出版年
2024
NETL
NSTL
万方数据