期刊论文详细信息
| EURASIP Journal on Wireless Communications and Networking | |
| A cooperative DDoS attack detection scheme based on entropy and ensemble learning in SDN | |
| Shanshan Yu1 Ju Liu1 Tianfeng Xu1 Xiaoqing Zhang1 Yafeng Li1 Jicheng Zhang2 | |
| [1]School of Information Science and Engineering, Shandong University, Qingdao, China | |
| [2]School of Information Science and Engineering, Shandong University, Qingdao, China | |
| [3]NetEase D&R Center Lab, Hangzhou, China | |
| 关键词: Software-defined network; Distributed denial of service; Edge switch; Entropy; Ensemble learning; | |
| DOI : 10.1186/s13638-021-01957-9 | |
| 来源: Springer | |
 PDF
|
|
【 摘 要 】
In order to solve the problem of distributed denial of service (DDoS) attack detection in software-defined network, we proposed a cooperative DDoS attack detection scheme based on entropy and ensemble learning. This method sets up a coarse-grained preliminary detection module based on entropy in the edge switch to monitor the network status in real time and report to the controller if any abnormality is found. Simultaneously, a fine-grained precise attack detection module is designed in the controller, and a ensemble learning-based algorithm is utilized to further identify abnormal traffic accurately. In this framework, the idle computing capability of edge switches is fully utilized with the design idea of edge computing to offload part of the detection task from the control plane to the data plane innovatively. Simulation results of two common DDoS attack methods, ICMP and SYN, show that the system can effectively detect DDoS attacks and greatly reduce the southbound communication overhead and the burden of the controller as well as the detection delay of the attacks.【 授权许可】
CC BY
【 预 览 】
| Files | Size | Format | View |
|---|---|---|---|
| RO202107039319653ZK.pdf | 2978KB |  download |
878987797
028-85220240
