Journal on Communications ›› 2018, Vol. 39 ›› Issue (4): 139-151.doi: 10.11959/j.issn.1000-436x.2018068
• Papers • Previous Articles Next Articles
Heng HE1,2,Yan HU1,2,Lianghan ZHENG1,2,Zhengyuan XUE3
Online:
2018-04-01
Published:
2018-04-29
Supported by:
CLC Number:
Heng HE,Yan HU,Lianghan ZHENG,Zhengyuan XUE. Efficient DDoS attack detection and prevention scheme based on SDN in cloud environment[J]. Journal on Communications, 2018, 39(4): 139-151.
[1] | YAN Q , YU F R , GONG Q ,et al. Software-defined networking (SDN) and distributed denial of service (DDoS) attacks in cloud computing environments:a survey,some research issues,and challenges[J]. IEEE Communications Surveys & Tutorials, 2016,18(1): 602-622. |
[2] | CHEN L C , LONGSTAFF T A , CARLEY K M . Characterization of defense mechanisms against distributed denial of service attacks[J]. Computers & Security, 2004,23(8): 665-678. |
[3] | PENG T , LECKIE C , RAMAMOHANARAO K . Survey of network-based defense mechanisms countering the DoS and DDoS problems[J]. ACM Computing Surveys, 2007,39(1): 3. |
[4] | TARIQ U , HONG M P , LHEE K . A comprehensive categorization of DDoS attack and DDoS defense techniques[C]// International Conference on Advanced Data Mining and Applications. 2006: 1025-1036. |
[5] | SPECHT S M , LEE R B . Distributed denial of service:taxonomies of attacks,tools,and countermeasures[C]// The 17th International Conference on Parallel and Distributed Computing Systems. 2004: 543-550. |
[6] | KIM Y , LAU W C , CHUAH M C ,et al. PacketScore:a statistics-based packet filtering scheme against distributed denial-of-service attacks[J]. IEEE Transactions on Dependable & Secure Computing, 2006,3(2): 141-155. |
[7] | 胡汉卿 . 基于云计算DDoS攻击防御研究[D]. 南京:南京邮电大学, 2015. |
HU H Q . Research on DDoS attack defense based on cloud computing[D]. Nanjing:Nanjing University of Posts and Telecommunications, 2015. | |
[8] | DOU W , CHEN Q , CHEN J . A confidence-based filtering method for DDoS attack defense in cloud environment[J]. Future Generation Computer Systems, 2013,29(7): 1838-1850. |
[9] | SHAMSOLMOALI P , ALAM M A , BISWAS R . C2DF:high rate DDOS filtering method in cloud computing[J]. International Journal of Computer Network & Information Security, 2014,6(9): 43-50. |
[10] | SAHI A , LAI D , LI Y ,et al. An efficient DDoS TCP flood attack detection and prevention system in a cloud environment[J]. IEEE Access, 2017,5: 6036-6048. |
[11] | JEYANTHI N , BARDE U , SRAVANI M ,et al. Detection of distributed denial of service attacks in cloud computing by identifying spoofed IP[J]. International Journal of Communication Networks & Distributed Systems, 2013,11(3): 262-279. |
[12] | 吴志军, 张东 . 低速率DDoS攻击的仿真和特征提取[J]. 通信学报, 2008,29(1): 71-76. |
WU Z J , ZHANG D . Simulation and feature extraction of low rate DDoS attacks[J]. Journal on Communications, 2008,29(1): 71-76. | |
[13] | NAVAZ A S S , SANGEETHA V , PRABHADEVI C . Entropy based anomaly detection system to prevent DDoS attacks in cloud[J]. International Journal of Computer Applications, 2013,62(15): 42-47. |
[14] | WANG B , ZHENG Y , LOU W ,et al. DDoS attack protection in the era of cloud computing and software-defined networking[J]. Computer Networks, 2015,81(C): 308-319. |
[15] | KALLIOLA A , LEE K , LEE H ,et al. Flooding DDoS mitigation and traffic management with software defined networking[C]// International Conference on Cloud Networking. 2015: 248-254. |
[16] | ZHANG C , CAI Z , CHEN W ,et al. Flow level detection and filtering of low-rate DDoS[J]. Computer Networks the International Journal of Computer & Telecommunications Networking, 2012,56(15): 3417-3431. |
[17] | HOQUE N , BHATTACHARYYA D K , KALITA J K . A novel measure for low-rate and high-rate DDoS attack detection using multivariate data analysis[C]// International Conference on Communication Systems and Networks. 2016: 1-2. |
[18] | 孙义明, 杨丽萍 . 信息化战争中的战术数据链[M]. 北京: 北京邮电大学出版社, 2005. |
SUN Y M , YANG L P . Tactical data chain in information warfare[M]. Beijing: Beijing University of Posts and Telecommunications Press, 2005. | |
[19] | 田开琳, 李明 . 一种可靠检测低速率DDoS攻击的异常检测系统[J]. 现代电子技术, 2009,32(7): 68-71. |
TIAN K L , LI M . An anomaly detection system for reliable detection of low rate DDoS attacks[J]. Modern Electronic Technology, 2009,32(7): 68-71. | |
[20] | 左青云, 陈鸣, 赵广松 ,等. 基于 OpenFlow 的 SDN 技术研究[J]. 软件学报, 2013(5): 1078-1097. |
ZUO Q Y , CHEN M , ZHAO G S ,et al. Research of SDN technology based on OpenFlow[J]. Journal of Software, 2013(5): 1078-1097. | |
[21] | LIU T C , YANG B H , ZHANG Y ,et al. Data packet processing in SDN[P]. US20150281127, 2015. |
[22] | FOUNDATION O N . Software-defined networking:the new norm for networks[R]. ONF White Paper, 2012. |
[23] | NADEAU T D , GRAY K . 软件定义网络:SDN与OpenFlow解析[M]. 毕军,单业,张绍宇,等译.北京: 人民邮电出版社, 2014. |
NADEAU T D , GRAY K . Software defined network:SDN and OpenFlow parsing[M]. Translated by BI J,SHAN Y,ZHANG S Y,et al. Beijing: Posts & Telecom Press, 2014. | |
[24] | MOUSAVI S M , STHILAIRE M . Early detection of DDoS attacks against SDN controllers[C]// International Conference on Computing,NETWORKING and Communications. 2015: 77-81. |
[25] | LANTZ B , HELLER B , MCKEOWN N . A network in a laptop:rapid prototyping for software-defined networks[C]// ACM Workshop on Hot Topics in Networks. 2010: 1-6. |
[1] | Dongbin WANG, Dongzhe WU, Hui ZHI, Kun GUO, Xu ZHANG, Jinqiao SHI, Yu ZHANG, Yueming LU. Preventing flow table overflow against denial of service attack in software defined network [J]. Journal on Communications, 2023, 44(2): 1-11. |
[2] | Zongxuan SHA, Ru HUO, Chuang SUN, Shuo WANG, Tao HUANG. Forwarding efficiency aware traffic scheduling algorithm based on deep reinforcement learning [J]. Journal on Communications, 2022, 43(8): 30-40. |
[3] | Binghao YAN, Qinrang LIU, Jianliang SHEN, Xiantuo TANG, Dong LIANG. Fast loop-free path migration strategy in software defined network [J]. Journal on Communications, 2022, 43(5): 24-35. |
[4] | Chuanhuang LI, Yangting CHEN, Jingjing TANG, Jiali LOU, Renhua XIE, Chuntao FANG, Weiming WANG, Chao CHEN. QL-STCT: an intelligent routing convergence method for SDN link failure [J]. Journal on Communications, 2022, 43(2): 131-142. |
[5] | Qizhao ZHOU, Junqing YU, Dong LI. Research on flood defense mechanism of SDN control layer:detection and mitigation [J]. Journal on Communications, 2021, 42(11): 41-53. |
[6] | Shuopeng LI, Juan FANG, Ken CHEN. DetNet service share protection scheme based on SRv6 [J]. Journal on Communications, 2021, 42(10): 32-42. |
[7] | Haibo ZHANG,Zixin WANG,Xiaofan HE. V2X offloading and resource allocation under SDN and MEC architecture [J]. Journal on Communications, 2020, 41(1): 114-124. |
[8] | Fang DONG,Yuxiang HU,Ou LI. Routing framework and creation algorithm in Ad Hoc based SDN [J]. Journal on Communications, 2019, 40(9): 33-44. |
[9] | Zhongnan ZHAO,Jian WANG,Hongwei GUO. Adaptive routing and wavelength assignment method based on SDN [J]. Journal on Communications, 2019, 40(9): 95-105. |
[10] | CHEN Xingshu,HUA Qiang,WANG Yitong,GE Long,ZHU Yi. Research on low-rate DDoS attack of SDN network in cloud environment [J]. Journal on Communications, 2019, 40(6): 210-222. |
[11] | Hongyan QIAN,Hao XUE,Ming CHEN. UDM:NFV-based prevention mechanism against DDoS attack on SDN controller [J]. Journal on Communications, 2019, 40(3): 116-124. |
[12] | Xianwei ZHU,Chaowen CHANG,Zhiqiang ZHU,Xi QIN. SDN control and forwarding method based on identity attribute [J]. Journal on Communications, 2019, 40(11): 1-18. |
[13] | Junfeng TIAN,Liuling QI. DDoS attack detection method based on conditional entropy and GHSOM in SDN [J]. Journal on Communications, 2018, 39(8): 140-149. |
[14] | Chuanhuang LI,Yan WU,Zhengzhe QIAN,Zhengjun SUN,Weiming WANG. DDoS attack detection and defense based on hybrid deep learning model in SDN [J]. Journal on Communications, 2018, 39(7): 176-187. |
[15] | Tao HUANG,Jiang LIU,Chen ZHANG,Liang WEI,Yunjie LIU. Survey on SDN-based network testbeds [J]. Journal on Communications, 2018, 39(6): 155-168. |
Viewed | ||||||
Full text |
|
|||||
Abstract |
|
|||||
|