摘要
SDN采用集中控制方式,实现了网络管理的可视化和动态化,是当前新型的网络架构。但SDN设计之初,未考虑安全问题,在DDoS攻击如此盛行的当下,开展SDN架构下的攻击检测研究非常必要。在分析了SDN架构机制后,针对DDoS攻击,研究了攻击检测模块的位置部署,设计出多层次协同检测方案。针对攻击检测建模问题,设计出基于集成学习算法的独立建模方案。从KDDCUP99数据集中无放回抽取两组样本,选用SVM和adaBoost算法先后进行独立建模和样本组合建模。使用adaBoost算法对样本的分类性能有一定的提升,单独建模未对样本分类性能带来影响,在teardrop上还表现出高于总样本的分类效果。实验结果可知,独立建模用于转发平面和控制平面的协同检测方案,具有一定的可行性。该方案从降低SDN集中控制中心的负担出发,为网络的有效管理提供了保障,对SDN架构的攻击检测具有一定的指导意义。
SDN adopts a centralized control method,achieving visualization and dynamism of network management,and is currently a new type of network architecture.However,at the beginning of SDN design,security issues were not considered.In the current situation where DDoS attacks are so prevalent,it is necessary to conduct research on attack detection under SDN architecture.After analyzing the SDN architecture mechanism,this article studies the location deployment of attack detection modules and designs a multi-level collaborative detection scheme for DDoS attacks.It designs an independent modeling scheme based on ensemble learning algorithms to address the problem of attack detection modeling.It extracts two sets of samples from the KDDCUP99 dataset without replacement,and uses SVM and adaBoost algorithms for independent modeling and sample combination modeling.The use of the adaBoost algorithm has a certain improvement in the classification performance of samples,and modeling alone has no impact on the classification performance of samples.It also shows higher classification performance than the total samples on teardrop.The experimental results show that independent modeling for collaborative detection of forwarding plane and control plane has certain feasibility.This scheme starts from reducing the burden on the SDN centralized control center,providing a guarantee for effective network management,and has certain guiding significance for attack detection of SDN architecture.
作者
靳燕
JIN Yan(Shanxi Vocational University of Engineering and Technology,Jinzhong 030619,China)
出处
《电脑与电信》
2024年第6期26-30,共5页
Computer & Telecommunication
基金
山西工程科技职业大学2022年度校科研基金科技创新专项“SDN技术在监控网络异常流量中的应用研究”,项目编号:KJ202205
2023年山西省职业教育教学改革与实践研究项目(重点项目)“电子信息类职业本科专业产学研一体化实践教学体系研究”,项目编号:202302002。
关键词
SDN架构
DDOS攻击
独立建模
集成学习
协同检测
SDN architecture
DDoS attack
independent modeling
ensemble learning
collaborative detection
