|
|
Research on DDoS Attack Detection Technology based on SDN |
Shanxi Vocational University of Engineering and Technology |
|
|
Abstract SDN adopts a centralized control method, achieving visualization and dynamism of network management, and
is currently a new type of network architecture. However, at the beginning of SDN design, security issues were not
considered. In the current situation where DDoS attacks are so prevalent, it is necessary to conduct research on attack
detection under SDN architecture. After analyzing the SDN architecture mechanism, this article studies the location
deployment of attack detection modules and designs a multi-level collaborative detection scheme for DDoS attacks. It
designs an independent modeling scheme based on ensemble learning algorithms to address the problem of attack
detection modeling. It extracts two sets of samples from the KDDCUP99 dataset without replacement, and uses SVM and
adaBoost algorithms for independent modeling and sample combination modeling. The use of the adaBoost algorithm has
a certain improvement in the classi?cation performance of samples, and modeling alone has no impact on the classi?cation
performance of samples. It also shows higher classi?cation performance than the total samples on teardrop. The
experimental results show that independent modeling for collaborative detection of forwarding plane and control plane
has certain feasibility. This scheme starts from reducing the burden on the SDN centralized control center, providing a
guarantee for e?ective network management, and has certain guiding signi?cance for attack detection of SDN
architecture.
|
Published: 01 November 2024
|
|
Viewed |
|
|
|
Full text
|
|
|
|
|
Abstract
|
|
|
|
|
Cited |
|
|
|
|
|
Shared |
|
|
|
|
|
Discussed |
|
|
|
|