摘要
低速率拒绝服务(LDoS)攻击是一种新型的网络攻击方式,其特点是攻击成本低,隐蔽性强。作为一种新型的网络架构,软件定义网络(SDN)同样面临着LDoS攻击的威胁。但SDN网络的控制与转发分离、网络行为可编程等特点又为LDoS攻击的检测和防御提供了新的思路。提出了一种基于OpenFlow协议的LDoS攻击检测和防御方法。通过对每条OpenFlow数据流的速率单独进行统计,并利用信号检测中的双滑动窗口法实现对攻击流量的检测,一旦检测到攻击流量,控制器便可以通过下发流表的方式实现对攻击行为的实时防御。实验表明,该方法能够有效检测出LDoS攻击,并能够在较短时间内实现对攻击行为的防御。
Low-rate denial of service(LDoS)attack is a new type of network attack,which is characterized by low attack cost and strong concealment.As a new type of network architecture,software defined network(SDN)is also threatened by LDoS attacks.The control and forwarding separation of the SDN network and the programmable network behavior provide new ideas for the detection and defense of LDoS attacks.This paper proposes a new LDoS attack detection and defense method based on OpenFlow protocol.The rate of each OpenFlow data stream is separately counted,and the double-sliding-window method in signal detection is used to detect the attack traffic.Once the attack traffic is detected,the controller can implement real-time defense against the attack behavior by sending a flow table.Experiments show that this method can effectively detect LDoS attacks and can defend against LDoS attacks in a short time.
作者
颜通
白志华
高镇
闫丽娜
周蕾
YAN Tong;BAI Zhihua;GAO Zhen;YAN Lina;ZHOU Lei(School of Electrical and Information Engineering,Tianjin University,Tianjin 300072,China;Beijing Smartchip Microelectronics Technology Co.,Ltd.,Beijing 102200,China)
出处
《计算机科学与探索》
CSCD
北大核心
2020年第4期566-577,共12页
Journal of Frontiers of Computer Science and Technology
基金
国家自然科学基金No.61501321。
