| 一种SDN中基于熵值计算的异常流量检测方法 |
| |
| 引用本文: | 王铭鑫,周华春,陈佳,张宏科. 一种SDN中基于熵值计算的异常流量检测方法[J]. 电信科学, 2015, 31(9): 83-89. DOI: 10.11959/j.issn.1000-0801.2015217 |
| |
| 作者姓名: | 王铭鑫 周华春 陈佳 张宏科 |
| |
| 作者单位: | 北京交通大学电子信息工程学院 北京100044 |
| |
| 基金项目: | 国家科技重大专项基金资助项目;基本科研业务费资助项目;国家高技术研究发展计划(“863”计划)基金资助项目 |
| |
| 摘 要: | 摘要:软件定义网络(software defined networking,SDN)是一种新型网络创新架构,其分离了控制平面与转发平面,使得网络管理更为灵活。借助SDN控制与转发分离的思想,在SDN基础上引入一个集中式安全中心,在数据平面设备上采集数据,用于对网络流量进行分析,通过熵值计算和分类算法判断异常流量行为。对于检测到的网络异常情况,安全中心通过与SDN控制器的接口通告SDN控制器上的安全处理模块,进行流表策略的下发,进而缓解网络异常行为。通过本系统可以在不影响SDN控制器性能的情况下,快速检测网络中的异常行为,并通过SDN下发流表策略对恶意攻击用户进行限制,同时对SDN控制器进行保护。
|
| 关 键 词: | 软件定义网络 安全中心 熵值 分布式拒绝服务攻击 |
An Entropy Based Anomaly Traffic Detection Approach in SDN |
| |
| Mingxin Wang,Huachun Zhou,Jia Chen,Hongke Zhang. An Entropy Based Anomaly Traffic Detection Approach in SDN[J]. Telecommunications Science, 2015, 31(9): 83-89. DOI: 10.11959/j.issn.1000-0801.2015217 |
| |
| Authors: | Mingxin Wang Huachun Zhou Jia Chen Hongke Zhang |
| |
| Affiliation: | School of Electronic and Information Engineering, Beijing Jiaotong University, Beijing 100044, China |
| |
| Abstract: | SDN(software defined networking)is a novel network infrastructure which separate the control plane from the data plane. Taking advantage of the idea of SDN, a central security center was built which collected traffic from the SDN data plane entity for analyzing. The attacks can be detected based on the entropy variation of the identifier and locate the type of attack with the classification algorithm. As the anomaly patterns were detected, the security center would cooperate with the central controller to install the flow table to alleviate the influence of the attack. The anomaly traffic can be detected early and can't influence the performance of the controller. Besides, the controller can be protected from attack based on our system. |
| |
| Keywords: | SDN security center entropy DDoS |
| 本文献已被 万方数据 等数据库收录! |
| 点击此处可从《电信科学》浏览原始摘要信息 |
|
点击此处可从《电信科学》下载免费的PDF全文 |
