马乐乐, 束永安. SDN环境下基于机器学习算法的DDoS攻击检测模型[J]. 微电子学与计算机, 2018, 35(5): 15-20.
引用本文: 马乐乐, 束永安. SDN环境下基于机器学习算法的DDoS攻击检测模型[J]. 微电子学与计算机, 2018, 35(5): 15-20.
shu
MA Le-le, SHU Yong-an. A DDoS Attack Detection Model Based on Machine Learning Algorithm in SDN Environment[J]. Microelectronics & Computer, 2018, 35(5): 15-20.
Citation: MA Le-le, SHU Yong-an. A DDoS Attack Detection Model Based on Machine Learning Algorithm in SDN Environment[J]. Microelectronics & Computer, 2018, 35(5): 15-20.
shu

SDN环境下基于机器学习算法的DDoS攻击检测模型

A DDoS Attack Detection Model Based on Machine Learning Algorithm in SDN Environment

    摘要
  • 摘要: 软件定义网络(SDN)是一种新兴的网络架构, 将控制逻辑和转发逻辑分离.SDN网络中, 控制器拥有对网络的全局控制能力.正是由于控制器的这一特性, 使得它成为分布式拒绝服务(DDoS)攻击的主要目标.针对这个问题, 提出了一种基于机器学习的方法来检测DDoS攻击的模型, 首先使用熵值检测流是否异常, 发出异常警告后提取网络流特征, 依次调用SVM与K-means两种机器学习算法来检测DDoS攻击.实验结果表明, 所提出的算法能够降低误报率, 并且对DDoS攻击的检测率和准确率高于原始的SVM和K-means算法.此外, 还通过实验验证了所提出的模型的CPU平均利用率低于无熵值检测的SVM+K-means算法.

     

    Abstract: The Software Defined Network(SDN)is an emerging network architecture that separates control logic from forwarding logic.In SDN, the controller has a global control of the network.Because of this feature of the controller, making it becomes the main goal of the distributed denial of service(DDoS)attack.Aiming at this problem, this paper proposes a method based on machine learning to detect the DDoS attack model.Firstly, it uses the entropy to check whether the traffic is abnormal.After extracting the abnormal alarm, the network flow feature is extracted, and SVM and K-means are called to detect the DDoS attacks.The experimental results show that the proposed algorithm can reduce the false alarm rate, and the detection rate and accuracy of DDoS attacks are higher than those of the original SVM and K-means.In addition, the experimental results show that the average CPU utilization rate of the proposed model is lower than that of SVM + K-means without entropy detection

     

    • HTML全文
    • 参考文献(8)
    • 相关文章
    • 施引文献
  • 资源附件(0)

/

返回文章
返回