| 基于Renyi熵的SDN自主防护系统 |
| |
| 引用本文: | 赵普,赵文涛,付章杰,刘强. 基于Renyi熵的SDN自主防护系统[J]. 网络与信息安全学报, 2021, 7(3): 85-94. DOI: 10.11959/j.issn.2096-109x.2021049 |
| |
| 作者姓名: | 赵普 赵文涛 付章杰 刘强 |
| |
| 作者单位: | 1. 国防科技大学计算机学院,湖南 长沙 410073;2. 南京信息工程大学计算机与软件学院,江苏 南京 210044 |
| |
| 基金项目: | 国家自然科学基金(U1811462);国家自然科学基金(61702539);湖南省自然科学基金(2018JJ3611) |
| |
| 摘 要: | 针对SDN架构下的常见网络异常行为,提出了一套基于Renyi熵的SDN自主防护系统,该系统可实现网络异常行为检测、诊断及防御.系统无须引入第三方测量设备,直接利用OpenFlow交换机流表信息.首先,通过计算和检测特征熵值,实现异常网络行为的检测.然后,进一步分析OpenFlow流表信息,实现异常行为的诊断.最后,实施...
|
| 关 键 词: | 软件定义网络 网络异常检测 Renyi熵 OpenFlow协议 |
SDN self-protection system based on Renyi entropy |
| |
| Pu ZHAO,Wentao ZHAO,Zhangjie FU,Qiang LIU. SDN self-protection system based on Renyi entropy[J]. Chinese Journal of Network and Information Security, 2021, 7(3): 85-94. DOI: 10.11959/j.issn.2096-109x.2021049 |
| |
| Authors: | Pu ZHAO Wentao ZHAO Zhangjie FU Qiang LIU |
| |
| Affiliation: | 1. College of Computer, National University of Defense Technology, Changsha 410073, China;2. School of Computer &Software, Nanjing University of Information Science &Technology, Nanjing 210044, China |
| |
| Abstract: | Aiming at the abnormal behaviors in SDN architecture, a self-protection system based on Renyi entropy that implemented a set of detection, diagnosis and defense method of SDN abnormal behaviors was proposed.The system did not need to introduce the third-party measurement equipment, and directly used the flow table information of OpenFlow switches.Firstly, the abnormal network behavior was detected by calculating the characteristic entropy.Then, the information of the OpenFlow flow table was further analyzed to realize the diagnosis of abnormal behavior.Finally, a blacklist mechanism was established.And the system added the hosts with abnormal behavior to the blacklist and blocked the corresponding abnormal traffic.In order to verify the effectiveness of the system, a prototype was developed on the Floodlight controller.The simulation results on Mininet show that the system can effectively detect, diagnose and defend the abnormal behaviors.The system has low deployment cost, which enhances the security of SDN. |
| |
| Keywords: | software defined network anomaly detection Renyi entropy OpenFlow protocol |
| 本文献已被 维普 等数据库收录! |
| 点击此处可从《网络与信息安全学报》浏览原始摘要信息 |
|
点击此处可从《网络与信息安全学报》下载免费的PDF全文 |
|
