云环境下SDN网络低速率DDoS攻击的研究

doi:10.11959/j.issn.1000-436x.2019120

Abstract

Abstract:

Aiming at the problems of low-rate DDoS attack detection accuracy in cloud SDN network and the lack of unified framework for data plane and control plane low-rate DDoS attack detection and defense,a unified framework for low-rate DDoS attack detection was proposed.First of all,the validity of the data plane DDoS attacks in low rate was analyzed,on the basis of combining with low-rate of DDoS attacks in the aspect of communications,frequency characteristics,extract the mean value,maximum value,deviation degree and average deviation,survival time of ten dimensions characteristics of five aspects,to achieve the low-rate of DDoS attack detection based on bayesian networks,issued by the controller after the relevant strategies to block the attack flow.Finally,in OpenStack cloud environment,the detection rate of low-rate DDoS attack reaches 99.3% and the CPU occupation rate is 9.04%.It can effectively detect and defend low-rate DDoS attacks.

Key words: cloud computing, software defined networking, low-rate DDoS attack, Bayesian network

CLC Number:

TP393

CHEN Xingshu,HUA Qiang,WANG Yitong,GE Long,ZHU Yi. Research on low-rate DDoS attack of SDN network in cloud environment[J]. Journal on Communications, 2019, 40(6): 210-222.

Figures/Tables 20

References 19

[1]	TRUNG V . Phan,Minho Park:efficient distributed denial-of-service attack defense in SDN-based cloud[J]. IEEE Access, 2019(7): 18701-18714.
[2]	VICENTINI C , SANTIN A , VIEGAS E ,et al. SDN-based and multitenant-aware resource provisioning mechanism for cloud-based big data streaming[J]. Journal of Network and Computer Applications, 2019(126): 133-149.
[3]	HONG K , KIM Y , CHOI H ,et al. SDN-assisted slow HTTP DDoS attack defense method[J]. IEEE Communications Letters, 2018,22(4): 688-691.
[4]	KREUTZ D , RAMOS F M V , VERISSIMO P . Towards secure and dependable software-defined networks[C]// ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking. ACM, 2013: 55-60.
[5]	SAHOO K S , PUTHAL D , TIWARY M ,et al. An early detection of low rate DDoS attack to SDN based data center networks using information distance metrics[J]. Future Generation Computer Systems, 2018(89): 685-697.
[6]	LUKASEDER T , MAILE L , ERB B ,et al. SDN-assisted network-based mitigation of slow DDoS attacks[J]. Secure Communication, 2018(2): 102-121.
[7]	何亨, 胡艳, 郑良汉 ,等. 云环境中基于 SDN 的高效 DDoS 攻击检测与防御方案[J]. 通信学报, 2018,39(4): 139-151.
	HE H , HU Y , ZHENG L H ,et al. Efficient DDoS attack detection and prevention scheme based on SDN in cloud environment[J]. Journal on Communications, 2018,39(4): 139-151.
[8]	刘孟 . 云环境下 DDoS 攻防体系及其关键技术研究[D]. 南京:南京大学, 2016.
	LIU M . Research on DDoS attack and defense system and key technologies in cloud environment[D]. Nanjing:Nanjing University, 2016.
[9]	WANG W , KE X , WANG L . A HMM-R approach to detect L-DDoS attack adaptively on SDN controller[J]. Future Internet, 2018,10(9):83.
[10]	CHEN Z , JIANG F , CHENG Y ,et al. XGBoostclassifier for DDoS attack detection and analysis in SDN-based cloud[C]// IEEE International Conference on Big Data and Smart Computing. IEEE Computer Society, 2018: 251-256.
[11]	吴志军, 张景安, 岳猛 ,等. 基于联合特征的LDoS攻击检测方法[J]. 通信学报, 2017,38(5): 19-30.
	WU Z J , ZHANG J A , YUE M ,et al. Approach of detecting low-rate DoS attack based on combined features[J]. Journal on Communications, 2017,38(5): 19-30.
[12]	KLOTI R , KOTRONIS V , SMITH P . OpenFlow:a security analysis[C]// The IEEE International Conference on Network Protocols. IEEE, 2013: 1-6.
[13]	乔思祎, 胡成臣, 李昊 . OpenFlow交换机流表溢出问题的缓解机制[J]. 计算机学报, 2018,41(9): 2003-2015.
	QIAO S Y , HU C C , LI H . Mitigation mechanism of flow table overflow problem in OpenFlow switch[J]. Chinese Journal of Computers, 2018,41(9): 2003-2015.
[14]	KANDOI R , ANTIKAINEN M . Denial-of-service attacks in OpenFlow SDN networks[C]// IFIP/IEEE International Symposium on Integrated Network Management. IEEE, 2015: 1322-1326.
[15]	GUDE N , KOPONEN T , PETTIT J ,et al. NOX:towards an operating system for networks[J]. ACM SIGCOMM Computer Communication Review, 2008,38(3): 105-110.
[16]	KUZMANOVIC A . Low-rate TCP-targeted denial of service attacks (the shrew vsthe mice and elephant)[J]. Proceedings ACM SIGCOMM, 2003(3): 75-86.
[17]	王文涛, 王玲霞, 黄烨 . SDN环境下基于Renyi熵的低速率分布式拒绝攻击的检测[J]. 中南民族大学学报(自然科学版), 2017,36(3): 131-136.
	WANG W T , WANG L X , HUANG Y . Detection of low rate distributed denial of attack based on Renyientropy in SDN environment[J]. Journal of Central South University for Nationalities (Natural Science Edition), 2017,36(3): 131-136.
[18]	阿里云创新实验室. 阿里云安全报告[R]. 阿里云创新实验室,(2018-09)[2018-12-26].
	ALIYUN LABS. Aliyun security report[R]. Aliyun Labs,,(2018-09)[2018-12-26].
[19]	KANDULA S , SENGUPTA S , GREENBERG A ,et al. The nature of data center traffic:measurements ＆ analysis[C]// ACM SIGCOMM Conference on Internet Measurement. ACM, 2009: 202-208.

Metrics

Recommended 0

No Suggested Reading articles found!

检测算法	查准率	查全率	F1-measure
RandomForest	97.5%	97.4%	97.4%
BayesNet	99.7%	99.7%	99.7%
J48决策树	86.2%	85.2%	85.1%
AdaBoostM1	83.5%	75.9%	74.4%

检测模型	检测率	漏警率	虚警率
基于联合特征的检测方法	96.68%	3.32%	3.89%
SDCC	—	—	2.5%
本文检测方法	99.6%	0.56%	0.10%

Research on low-rate DDoS attack of SDN network in cloud environment

RichHTML

PDF

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 20

References 19

Related Articles 15

Metrics

Recommended 0

[1]	Ling MA, Qiliang FAN, Ting XU, Guanchen GUO, Shenglin ZHANG, Yongqian SUN, Yuzhi ZHANG. Scheduling framework based on reinforcement learning in online-offline colocated cloud environment [J]. Journal on Communications, 2023, 44(6): 90-102.
[2]	Huaqun WANG, Zhe LIU, Debiao HE, Jiguo LI. Identity-based provable data possession scheme for multi-source IoT terminal data in public cloud [J]. Journal on Communications, 2021, 42(7): 52-60.
[3]	Jianhong ZHANG, Menglong WU, Jing WANG, Pei LIU, Zhengtao JIANG, Changgen PENG. Secure and verifiable multi-keyword searchable encryption scheme in cloud [J]. Journal on Communications, 2021, 42(4): 139-149.
[4]	Ruiqi LI, Chunfu JIA, Yafei WANG. Multi-key homomorphic proxy re-encryption scheme based on NTRU and its application [J]. Journal on Communications, 2021, 42(3): 11-22.
[5]	Jiagao WU, Yahang GUO, Shenlei CAI, Linfeng LIU. Vehicular delay tolerant network routing algorithm based on optimized multi-period Bayesian network [J]. Journal on Communications, 2021, 42(12): 109-120.
[6]	Jiawei ZHANG, Jianfeng MA, Zhuo MA, Teng LI. Time-based and privacy protection revocable and traceable data sharing scheme in cloud computing [J]. Journal on Communications, 2021, 42(10): 81-94.
[7]	Wenjuan WANG, Xuehui DU, Dibin SHAN. Construction method of attack scenario in cloud environment based on dynamic probabilistic attack graph [J]. Journal on Communications, 2021, 42(1): 1-17.
[8]	Youliang TIAN,Qin LUO. Verifiable multi-keyword search scheme based on improved Merkle-Tree authentication method [J]. Journal on Communications, 2020, 41(9): 118-129.
[9]	Na WANG,Kun ZHENG,Junsong FU,Jian LI. Method of ciphertext retrieval in mobile edge computing based on block segmentation [J]. Journal on Communications, 2020, 41(7): 95-102.
[10]	Lindong ZHAO,Wenqin ZHUANG,Jianxin CHEN,Liang ZHOU. Hierarchical task offloading in heterogeneous cellular network:modeling and optimization [J]. Journal on Communications, 2020, 41(4): 34-44.
[11]	Bing LIANG,Wen JI. Multiuser computation offloading for edge-cloud collaboration using submodular optimization [J]. Journal on Communications, 2020, 41(10): 25-36.
[12]	Fang DONG,Yuxiang HU,Ou LI. Routing framework and creation algorithm in Ad Hoc based SDN [J]. Journal on Communications, 2019, 40(9): 33-44.
[13]	Bin LIU,Ruixing FAN,Haoran LIU,Liyue ZHANG,Haiyu WANG,Chunlan ZHANG. Bayesian network structure learning algorithm based on hybrid binary salp swarm-differential evolution algorithm [J]. Journal on Communications, 2019, 40(7): 151-161.
[14]	SU Mingfeng,WANG Guojun,LI Renfa. Multidimensional QoS cloud computing resource scheduling method based on stakeholder perspective [J]. Journal on Communications, 2019, 40(6): 102-115.
[15]	Wanliang WANG, Zelin ZANG, Guoqi CHEN, Hangyao TU, Yule WANG, Linyan LU. Research on optimal two element exchange algorithm for large scale cloud computing server scheduling problem [J]. Journal on Communications, 2019, 40(5): 180-191.