SDN中防范各种DDoS攻击的集成安全框架研究

2023 International Conference on Computing, Networking and Communications (ICNC) Pub Date : 2023-02-20 DOI:10.1109/ICNC57223.2023.10074226

Hao Wu, Aiqin Hou, Weike Nie, C. Wu

{"title":"SDN中防范各种DDoS攻击的集成安全框架研究","authors":"Hao Wu, Aiqin Hou, Weike Nie, C. Wu","doi":"10.1109/ICNC57223.2023.10074226","DOIUrl":null,"url":null,"abstract":"As a new network paradigm, software-defined networking (SDN) technology has been increasingly adopted. Unfortunately, SDN-enabled networks are more prone to threats from DDoS attacks than traditional networks due to the nature of centralized management. We propose an integrated defense framework to detect and mitigate various types of DDoS attacks in SDN-enabled networks. The proposed framework deploys two technical modules in the control plane of SDN for defending against high-rate and low-rate DDoS attacks, respectively. The former module consists of three components, which watch out for suspicious traffic, detect attacks using ensemble learning, and intercept malicious packets, respectively. The latter module is designed specifically to defend against the Slow Ternary Content Addressable Memory (TCAM) exhaustion attack (Slow-TCAM) using a new Alleviative Threat for TCAM (ATFT) algorithm. The proposed framework is implemented and tested in simulated networks using Mininet and further evaluated on the CICDDoS2019 dataset. Experimental results illustrate the superior performance of the proposed framework in defending against different types of DDoS attacks in comparison with other state-of-the-art algorithms.","PeriodicalId":174051,"journal":{"name":"2023 International Conference on Computing, Networking and Communications (ICNC)","volume":"22 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-02-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"On an Integrated Security Framework for Defense Against Various DDoS Attacks in SDN\",\"authors\":\"Hao Wu, Aiqin Hou, Weike Nie, C. Wu\",\"doi\":\"10.1109/ICNC57223.2023.10074226\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"As a new network paradigm, software-defined networking (SDN) technology has been increasingly adopted. Unfortunately, SDN-enabled networks are more prone to threats from DDoS attacks than traditional networks due to the nature of centralized management. We propose an integrated defense framework to detect and mitigate various types of DDoS attacks in SDN-enabled networks. The proposed framework deploys two technical modules in the control plane of SDN for defending against high-rate and low-rate DDoS attacks, respectively. The former module consists of three components, which watch out for suspicious traffic, detect attacks using ensemble learning, and intercept malicious packets, respectively. The latter module is designed specifically to defend against the Slow Ternary Content Addressable Memory (TCAM) exhaustion attack (Slow-TCAM) using a new Alleviative Threat for TCAM (ATFT) algorithm. The proposed framework is implemented and tested in simulated networks using Mininet and further evaluated on the CICDDoS2019 dataset. Experimental results illustrate the superior performance of the proposed framework in defending against different types of DDoS attacks in comparison with other state-of-the-art algorithms.\",\"PeriodicalId\":174051,\"journal\":{\"name\":\"2023 International Conference on Computing, Networking and Communications (ICNC)\",\"volume\":\"22 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-02-20\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2023 International Conference on Computing, Networking and Communications (ICNC)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICNC57223.2023.10074226\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2023 International Conference on Computing, Networking and Communications (ICNC)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICNC57223.2023.10074226","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

摘要

软件定义网络(SDN)技术作为一种新的网络范式，已被越来越多地采用。不幸的是，由于集中式管理的特性，支持sdn的网络比传统网络更容易受到DDoS攻击的威胁。我们提出了一个集成的防御框架来检测和减轻sdn支持网络中的各种类型的DDoS攻击。该框架在SDN的控制平面部署了两个技术模块，分别用于防御高速率和低速率DDoS攻击。前一个模块由三个部分组成，分别用于监视可疑流量、使用集成学习检测攻击和拦截恶意数据包。后一个模块是专门设计用于防御慢速三元内容可寻址内存(TCAM)耗尽攻击(慢速TCAM)使用新的缓解威胁的TCAM (ATFT)算法。使用Mininet在模拟网络中实现和测试了所提出的框架，并在CICDDoS2019数据集上进行了进一步评估。实验结果表明，与其他最先进的算法相比，所提出的框架在防御不同类型的DDoS攻击方面具有优越的性能。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

On an Integrated Security Framework for Defense Against Various DDoS Attacks in SDN

As a new network paradigm, software-defined networking (SDN) technology has been increasingly adopted. Unfortunately, SDN-enabled networks are more prone to threats from DDoS attacks than traditional networks due to the nature of centralized management. We propose an integrated defense framework to detect and mitigate various types of DDoS attacks in SDN-enabled networks. The proposed framework deploys two technical modules in the control plane of SDN for defending against high-rate and low-rate DDoS attacks, respectively. The former module consists of three components, which watch out for suspicious traffic, detect attacks using ensemble learning, and intercept malicious packets, respectively. The latter module is designed specifically to defend against the Slow Ternary Content Addressable Memory (TCAM) exhaustion attack (Slow-TCAM) using a new Alleviative Threat for TCAM (ATFT) algorithm. The proposed framework is implemented and tested in simulated networks using Mininet and further evaluated on the CICDDoS2019 dataset. Experimental results illustrate the superior performance of the proposed framework in defending against different types of DDoS attacks in comparison with other state-of-the-art algorithms.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2023 International Conference on Computing, Networking and Communications (ICNC)

自引率

0.00%

发文量