{"title":"基于角色的SDN DDoS攻击检测统计机制","authors":"Phan The Duy, Do Thi Thu Hien, V. Pham","doi":"10.1109/NICS.2018.8606851","DOIUrl":null,"url":null,"abstract":"There is a transformation of the traditional network into Software Defined Networking (SDN) which is an outstanding developing area recently. Among the most exciting features of SDN are the remarkable control over network infrastructure and decoupling of control and data plane. Although it helps more flexible network management, SDN should be considered current and upcoming security threats associated with its deployment. One of them is the DDoS attack which is a malicious attempt to bring down networks, applications, or services by overwhelming these resources with too much data or impairing them in some other ways. In SDN, we can offer or change the network functions or behavior program by monitoring controller to realize DDoS attacks. This paper presents an approach of DDoS attack detection in SDN environment by utilizing the entropy metric with consideration of differences in host role profile to suspect under-attack state, we also deal with time factor in information collecting activities. Then, a statistical method is used for investigating flow information sent from OpenFlow switches to confirm the previous suspicion.","PeriodicalId":137666,"journal":{"name":"2018 5th NAFOSTED Conference on Information and Computer Science (NICS)","volume":"2 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"11","resultStr":"{\"title\":\"A role-based statistical mechanism for DDoS attack detection in SDN\",\"authors\":\"Phan The Duy, Do Thi Thu Hien, V. Pham\",\"doi\":\"10.1109/NICS.2018.8606851\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"There is a transformation of the traditional network into Software Defined Networking (SDN) which is an outstanding developing area recently. Among the most exciting features of SDN are the remarkable control over network infrastructure and decoupling of control and data plane. Although it helps more flexible network management, SDN should be considered current and upcoming security threats associated with its deployment. One of them is the DDoS attack which is a malicious attempt to bring down networks, applications, or services by overwhelming these resources with too much data or impairing them in some other ways. In SDN, we can offer or change the network functions or behavior program by monitoring controller to realize DDoS attacks. This paper presents an approach of DDoS attack detection in SDN environment by utilizing the entropy metric with consideration of differences in host role profile to suspect under-attack state, we also deal with time factor in information collecting activities. Then, a statistical method is used for investigating flow information sent from OpenFlow switches to confirm the previous suspicion.\",\"PeriodicalId\":137666,\"journal\":{\"name\":\"2018 5th NAFOSTED Conference on Information and Computer Science (NICS)\",\"volume\":\"2 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-11-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"11\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2018 5th NAFOSTED Conference on Information and Computer Science (NICS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/NICS.2018.8606851\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 5th NAFOSTED Conference on Information and Computer Science (NICS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/NICS.2018.8606851","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A role-based statistical mechanism for DDoS attack detection in SDN
There is a transformation of the traditional network into Software Defined Networking (SDN) which is an outstanding developing area recently. Among the most exciting features of SDN are the remarkable control over network infrastructure and decoupling of control and data plane. Although it helps more flexible network management, SDN should be considered current and upcoming security threats associated with its deployment. One of them is the DDoS attack which is a malicious attempt to bring down networks, applications, or services by overwhelming these resources with too much data or impairing them in some other ways. In SDN, we can offer or change the network functions or behavior program by monitoring controller to realize DDoS attacks. This paper presents an approach of DDoS attack detection in SDN environment by utilizing the entropy metric with consideration of differences in host role profile to suspect under-attack state, we also deal with time factor in information collecting activities. Then, a statistical method is used for investigating flow information sent from OpenFlow switches to confirm the previous suspicion.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
