Please wait a minute...
 首页  期刊介绍 期刊订阅 联系我们
 
最新录用  |  预出版  |  当期目录  |  过刊浏览  |  阅读排行  |  下载排行  |  引用排行  |  百年期刊
Journal of Tsinghua University(Science and Technology)    2019, Vol. 59 Issue (1) : 28-35     DOI: 10.16511/j.cnki.qhdxxb.2018.26.049
INFORMATION SECURITY |
Joint DDoS detection system based on software-defined networking
SONG Yubo, YANG Huiwen, WU Wei, HU Aiqun, GAO Shang
School of Information Science and Engineering, Southeast University, Nanjing 211189, China
Download: PDF(1121 KB)  
Export: BibTeX | EndNote | Reference Manager | ProCite | RefWorks    
Abstract  Distributed denial-of-service (DDoS) attacks, which are becoming increasingly serious, have become one of the biggest threats to network security. Traditional defense mechanisms such as instruction detection, traffic filtering and multiple authentication are limited to static networks, which leads to obvious drawbacks. Software-defined networking (SDN) is a typical dynamic network that provides defenses against DDoS. The existing SDN-based DDoS protection solutions are still in development with many problems that need improvement. A DDoS detection scheme combined with trigger detection and in-depth detection is given here to shorten the detection period with low system overhead. A low-overhead, coarse-grained trigger detection algorithm is integrated with a precise, fine-grained, in-depth detection algorithm to reduce system complexity while ensuring high detection accuracy. An SDN DDoS detection system has been implemented on the Mininet platform to test and evaluate the system. The test show that the detection system has low system overhead, high detection accuracy, and strong practical value.
Keywords distributed denial-of-service attack      software-defined networking      anomaly detection      ensemble learning     
Issue Date: 16 January 2019
Service
E-mail this article
E-mail Alert
RSS
Articles by authors
SONG Yubo
YANG Huiwen
WU Wei
HU Aiqun
GAO Shang
Cite this article:   
SONG Yubo,YANG Huiwen,WU Wei, et al. Joint DDoS detection system based on software-defined networking[J]. Journal of Tsinghua University(Science and Technology), 2019, 59(1): 28-35.
URL:  
http://jst.tsinghuajournals.com/EN/10.16511/j.cnki.qhdxxb.2018.26.049     OR     http://jst.tsinghuajournals.com/EN/Y2019/V59/I1/28
  
  
  
  
  
  
  
  
  
  
  
  
  
  
[1] DIXIT A, HAO F, MUKHERJEE S, et al. Towards an elastic distributed SDN controller[C]//Proceedings of the 2nd ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking. Hong Kong, China:ACM, 2013:7-12.
[2] GAO S, LI Z, XIAO B, et al. Security threats in the data plane of software-defined networks[J]. IEEE Network, 2018, 32(4):108-113.
[3] DAO N N, PARK J, PARK M, et al. A feasible method to combat against DDoS attack in SDN network[C]//Proceedings of 2015 International Conference on Information Networking. Siem Reap, Cambodia:IEEE, 2015:309-311.
[4] GIOTIS K, ARGYROPOULOS C, ANDROULIDAKIS G, et al. Combining OpenFlow and sFlow for an effective and scalable anomaly detection and mitigation mechanism on SDN environments[J]. Computer Networks, 2014, 62:122-136.
[5] MOUSAVI S M, ST-HILAIRE M. Early detection of DDoS attacks against SDN controllers[C]//Proceedings of 2015 International Conference on Computing, Networking and Communications. Garden Grove, USA:IEEE, 2015:77-81.
[6] CONTI M, GANGWAL A, GAUR M S. A comprehensive and effective mechanism for DDoS detection in SDN[C]//Proceedings of 2017 IEEE International Conference on Wireless and Mobile Computing, Networking and Communications. Rome, Italy:IEEE, 2017:1-8.
[7] WANG X L, CHEN M, XING C Y, et al. Defending DDoS attacks in software-defined networking based on legitimate source and destination IP address database[J]. IEICE Transactions on Information and Systems, 2016, 99(4):850-859.
[8] BRAGA B R, MOTA M E, PASSITO P A. Lightweight DDoS flooding attack detection using NOX/OpenFlow[C]//Proceedings of the IEEE Local Computer Network Conference. Denver, USA:IEEE, 2010:408-415.
[9] 肖甫, 马俊青, 黄洵松, 等. SDN环境下基于KNN的DDoS攻击检测方法[J]. 南京邮电大学学报(自然科学版), 2015, 35(1):84-88. XIAO F, MA J Q, HUANG X S, et al. DDoS attack detection based on KNN in software defined networks[J]. Journal of Nanjing University of Posts and Telecommunications (Natural Science Edition), 2015, 35(1):84-88. (in Chinese)
[10] GAO S, LI Z, YAO Y, et al. Software-defined firewall:Enabling malware traffic detection and programmable security control[C]//Proceedings of the 2018 on Asia Conference on Computer and Communications Security. Songdo, Korea:ACM, 2018:413-424.
[11] 左青云, 陈鸣, 王秀磊, 等. 一种基于SDN的在线流量异常检测方法[J]. 西安电子科技大学学报(自然科学版), 2015, 42(1):155-160. ZUO Q Y, CHEN M, WANG X L, et al. Online traffic anomaly detection method for SDN[J]. Journal of Xidian University, 2015, 42(1):155-160. (in Chinese)
[12] XU Y, LIU Y. DDoS attack detection under SDN context[C]//Proceedings of the IEEE INFOCOM 2016-The 35th Annual IEEE International Conference on Computer Communications. San Francisco, USA:IEEE, 2016:1-9.
[13] DA SILVA A S, WICKBOLDT J A, GRANVILLE L Z, et al. ATLANTIC:A framework for anomaly traffic detection, classification, and mitigation in SDN[C]//Proceedings of the NOMS 2016-2016 IEEE/IFIP Network Operations and Management Symposium. Istanbul, Turkey:IEEE, 2016:27-35.
[14] NANDA S, ZAFARI F, DECUSATIS C, et al. Predicting network attack patterns in SDN using machine learning approach[C]//Proceedings of 2016 IEEE Conference on Network Function Virtualization and Software Defined Networks. Palo Alto, USA:IEEE, 2016:167-172.
[15] GAO S, PENG Z, XIAO B, et al. FloodDefender:Protecting data and control plane resources under SDN-aimed DoS attacks[C]//Proceedings of INFOCOM 2017-IEEE Computer Communications Conference. Atlanta, USA:IEEE, 2017:1-9.
[16] BARKI L, SHIDLING A, METI N, et al. Detection of distributed denial of service attacks in software defined networks[C]//Proceedings of 2016 International Conference on Advances in Computing, Communications and Informatics. Jaipur, India:IEEE, 2016:2576-2581.
[1] ZHAO Qiming, BI Kexin, QIU Tong. Comparison and integration of machine learning based ethylene cracking process models[J]. Journal of Tsinghua University(Science and Technology), 2022, 62(9): 1450-1457.
[2] PING Guolou, ZENG Tingyu, YE Xiaojun. Unsupervised network traffic anomaly detection based on score iterations[J]. Journal of Tsinghua University(Science and Technology), 2022, 62(5): 819-824.
[3] ZHANG Ting, CHEN Zhikang, LIU Bin. Scheduling and fast response of SDN flow table updates[J]. Journal of Tsinghua University(Science and Technology), 2022, 62(5): 917-925.
[4] WANG Zhiguo, ZHANG Yujin. Anomaly detection in surveillance videos: A survey[J]. Journal of Tsinghua University(Science and Technology), 2020, 60(6): 518-529.
[5] LIANG Jie, CHEN Jiahao, ZHANG Xueqin, ZHOU Yue, LIN Jiajun. One-hot encoding and convolutional neural network based anomaly detection[J]. Journal of Tsinghua University(Science and Technology), 2019, 59(7): 523-529.
[6] CHEN Xingshu, CHEN Jiaxin, ZHAO Dandan, JIN Xin. Anomaly detection based on IO sequences in a virtual machine with the Markov mode[J]. Journal of Tsinghua University(Science and Technology), 2018, 58(4): 395-401,410.
[7] JIA Fan, YAN Yan, ZHANG Jiaqi. K-means based feature reduction for network anomaly detection[J]. Journal of Tsinghua University(Science and Technology), 2018, 58(2): 137-142.
[8] ZHAO Ri, LIU Liye, LI Junli. Anomaly gamma spectra detection based on principal component analysis and the Mahalanobis distance[J]. Journal of Tsinghua University(Science and Technology), 2017, 57(8): 826-831.
[9] LIU Jinzhao, ZHOU Yuezhi, ZHANG Yaoxue. Wavelet-based approach for anomaly detection of online services in cloud computing systems[J]. Journal of Tsinghua University(Science and Technology), 2017, 57(5): 550-554.
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
Copyright © Journal of Tsinghua University(Science and Technology), All Rights Reserved.
Powered by Beijing Magtech Co. Ltd