• 文献检索
  • 文档翻译
  • 深度研究
  • 学术资讯
  • Suppr Zotero 插件Zotero 插件
  • 邀请有礼
  • 套餐&价格
  • 历史记录
应用&插件
Suppr Zotero 插件Zotero 插件浏览器插件Mac 客户端Windows 客户端微信小程序
定价
高级版会员购买积分包购买API积分包
服务
文献检索文档翻译深度研究API 文档MCP 服务
关于我们
关于 Suppr公司介绍联系我们用户协议隐私条款
关注我们

Suppr 超能文献

核心技术专利:CN118964589B侵权必究
粤ICP备2023148730 号-1Suppr @ 2026

文献检索

告别复杂PubMed语法,用中文像聊天一样搜索,搜遍4000万医学文献。AI智能推荐,让科研检索更轻松。

立即免费搜索

文件翻译

保留排版,准确专业,支持PDF/Word/PPT等文件格式,支持 12+语言互译。

免费翻译文档

深度研究

AI帮你快速写综述,25分钟生成高质量综述,智能提取关键信息,辅助科研写作。

立即免费体验

软件定义网络中基于机器学习和深度学习的 DDoS 攻击检测方法的系统文献综述

A Systematic Literature Review on Machine Learning and Deep Learning Approaches for Detecting DDoS Attacks in Software-Defined Networking.

机构信息

National Advanced IPv6 Centre (NAv6), Universiti Sains Malaysia, Gelugor 11800, Penang, Malaysia.

Cybersecurity Department, School of Information Technology, American University of Madaba (AUM), Amman 11821, Jordan.

出版信息

Sensors (Basel). 2023 May 1;23(9):4441. doi: 10.3390/s23094441.

DOI:10.3390/s23094441
PMID:37177643
原文链接:https://pmc.ncbi.nlm.nih.gov/articles/PMC10181661/
Abstract

Software-defined networking (SDN) is a revolutionary innovation in network technology with many desirable features, including flexibility and manageability. Despite those advantages, SDN is vulnerable to distributed denial of service (DDoS), which constitutes a significant threat due to its impact on the SDN network. Despite many security approaches to detect DDoS attacks, it remains an open research challenge. Therefore, this study presents a systematic literature review (SLR) to systematically investigate and critically analyze the existing DDoS attack approaches based on machine learning (ML), deep learning (DL), or hybrid approaches published between 2014 and 2022. We followed a predefined SLR protocol in two stages on eight online databases to comprehensively cover relevant studies. The two stages involve automatic and manual searching, resulting in 70 studies being identified as definitive primary studies. The trend indicates that the number of studies on SDN DDoS attacks has increased dramatically in the last few years. The analysis showed that the existing detection approaches primarily utilize ensemble, hybrid, and single ML-DL. Private synthetic datasets, followed by unrealistic datasets, are the most frequently used to evaluate those approaches. In addition, the review argues that the limited literature studies demand additional focus on resolving the remaining challenges and open issues stated in this SLR.

摘要

软件定义网络 (SDN) 是网络技术的一项革命性创新,具有许多理想的特性,包括灵活性和可管理性。尽管具有这些优势,但 SDN 容易受到分布式拒绝服务 (DDoS) 的攻击,由于其对 SDN 网络的影响,DDoS 攻击构成了重大威胁。尽管有许多安全方法可以检测 DDoS 攻击,但它仍然是一个开放的研究挑战。因此,本研究进行了系统的文献回顾 (SLR),以系统地调查和批判性分析基于机器学习 (ML)、深度学习 (DL) 或混合方法的现有 DDoS 攻击方法,这些方法发表于 2014 年至 2022 年之间。我们按照预定的 SLR 协议,在八个在线数据库上进行了两个阶段的搜索,以全面涵盖相关研究。这两个阶段包括自动和手动搜索,共确定了 70 项明确的主要研究。趋势表明,近年来,关于 SDN DDoS 攻击的研究数量急剧增加。分析表明,现有的检测方法主要使用集成、混合和单 ML-DL。私人合成数据集,其次是不切实际的数据集,是最常用于评估这些方法的数据集。此外,该评论认为,有限的文献研究需要进一步关注解决本 SLR 中提出的剩余挑战和未决问题。

https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0cab/10181661/8ba13c5d7422/sensors-23-04441-g015.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0cab/10181661/1d4dd2046c19/sensors-23-04441-g001.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0cab/10181661/b7ee4257b502/sensors-23-04441-g002.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0cab/10181661/148facbe3b8f/sensors-23-04441-g003.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0cab/10181661/4dd5ac8254c2/sensors-23-04441-g004.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0cab/10181661/5138eb1c0709/sensors-23-04441-g005.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0cab/10181661/254d1016fcb2/sensors-23-04441-g006.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0cab/10181661/4ebcab473a4c/sensors-23-04441-g007.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0cab/10181661/e2c785914aba/sensors-23-04441-g008.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0cab/10181661/3ecfca3c8622/sensors-23-04441-g009.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0cab/10181661/0a3e838d8a19/sensors-23-04441-g010.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0cab/10181661/5bc6339cda0e/sensors-23-04441-g011.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0cab/10181661/744a6b2625ff/sensors-23-04441-g012.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0cab/10181661/c4570a52059f/sensors-23-04441-g013.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0cab/10181661/7e7cc964c3c9/sensors-23-04441-g014.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0cab/10181661/8ba13c5d7422/sensors-23-04441-g015.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0cab/10181661/1d4dd2046c19/sensors-23-04441-g001.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0cab/10181661/b7ee4257b502/sensors-23-04441-g002.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0cab/10181661/148facbe3b8f/sensors-23-04441-g003.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0cab/10181661/4dd5ac8254c2/sensors-23-04441-g004.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0cab/10181661/5138eb1c0709/sensors-23-04441-g005.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0cab/10181661/254d1016fcb2/sensors-23-04441-g006.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0cab/10181661/4ebcab473a4c/sensors-23-04441-g007.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0cab/10181661/e2c785914aba/sensors-23-04441-g008.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0cab/10181661/3ecfca3c8622/sensors-23-04441-g009.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0cab/10181661/0a3e838d8a19/sensors-23-04441-g010.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0cab/10181661/5bc6339cda0e/sensors-23-04441-g011.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0cab/10181661/744a6b2625ff/sensors-23-04441-g012.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0cab/10181661/c4570a52059f/sensors-23-04441-g013.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0cab/10181661/7e7cc964c3c9/sensors-23-04441-g014.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/0cab/10181661/8ba13c5d7422/sensors-23-04441-g015.jpg

相似文献

1
A Systematic Literature Review on Machine Learning and Deep Learning Approaches for Detecting DDoS Attacks in Software-Defined Networking.软件定义网络中基于机器学习和深度学习的 DDoS 攻击检测方法的系统文献综述
Sensors (Basel). 2023 May 1;23(9):4441. doi: 10.3390/s23094441.
2
Adaptive Machine Learning Based Distributed Denial-of-Services Attacks Detection and Mitigation System for SDN-Enabled IoT.基于自适应机器学习的支持软件定义网络的物联网分布式拒绝服务攻击检测与缓解系统
Sensors (Basel). 2022 Mar 31;22(7):2697. doi: 10.3390/s22072697.
3
Software-Defined-Networking-Based One-versus-Rest Strategy for Detecting and Mitigating Distributed Denial-of-Service Attacks in Smart Home Internet of Things Devices.基于软件定义网络的一对多策略,用于检测和缓解智能家居物联网设备中的分布式拒绝服务攻击
Sensors (Basel). 2024 Aug 3;24(15):5022. doi: 10.3390/s24155022.
4
Multi-Stage Learning Framework Using Convolutional Neural Network and Decision Tree-Based Classification for Detection of DDoS Pandemic Attacks in SDN-Based SCADA Systems.基于卷积神经网络和决策树分类的多阶段学习框架,用于检测基于软件定义网络的监控与数据采集系统中的分布式拒绝服务大规模攻击。
Sensors (Basel). 2024 Feb 5;24(3):1040. doi: 10.3390/s24031040.
5
Ensemble Learning Framework for DDoS Detection in SDN-Based SCADA Systems.基于软件定义网络(SDN)的监控与数据采集(SCADA)系统中分布式拒绝服务(DDoS)检测的集成学习框架
Sensors (Basel). 2023 Dec 27;24(1):155. doi: 10.3390/s24010155.
6
SDN-Defend: A Lightweight Online Attack Detection and Mitigation System for DDoS Attacks in SDN.SDN-Defend:一种用于软件定义网络中分布式拒绝服务攻击的轻量级在线攻击检测与缓解系统
Sensors (Basel). 2022 Oct 28;22(21):8287. doi: 10.3390/s22218287.
7
HLD-DDoSDN: High and low-rates dataset-based DDoS attacks against SDN.HLD-DDoSDN:基于高低速率数据集的针对 SDN 的 DDoS 攻击。
PLoS One. 2024 Feb 8;19(2):e0297548. doi: 10.1371/journal.pone.0297548. eCollection 2024.
8
MFFLR-DDoS: An encrypted LR-DDoS attack detection method based on multi-granularity feature fusions in SDN.MFFLR-DDoS:一种基于软件定义网络中多粒度特征融合的加密LR-DDoS攻击检测方法。
Math Biosci Eng. 2024 Feb 26;21(3):4187-4209. doi: 10.3934/mbe.2024185.
9
Deep learning approaches for detecting DDoS attacks: a systematic review.用于检测分布式拒绝服务攻击的深度学习方法:一项系统综述。
Soft comput. 2022 Jan 27:1-37. doi: 10.1007/s00500-021-06608-1.
10
DDosTC: A Transformer-Based Network Attack Detection Hybrid Mechanism in SDN.DDosTC:SDN 中的基于 Transformer 的网络攻击检测混合机制。
Sensors (Basel). 2021 Jul 26;21(15):5047. doi: 10.3390/s21155047.

引用本文的文献

1
NIDS-FGPA: A federated learning network intrusion detection algorithm based on secure aggregation of gradient similarity models.NIDS-FGPA:一种基于梯度相似模型安全聚合的联邦学习网络入侵检测算法。
PLoS One. 2024 Oct 24;19(10):e0308639. doi: 10.1371/journal.pone.0308639. eCollection 2024.
2
IOTASDN: IOTA 2.0 Smart Contracts for Securing Software-Defined Networking Ecosystem.IOTASDN:用于保障软件定义网络生态系统安全的IOTA 2.0智能合约。
Sensors (Basel). 2024 Sep 2;24(17):5716. doi: 10.3390/s24175716.
3
An improved intrusion detection method for IIoT using attention mechanisms, BiGRU, and Inception-CNN.

本文引用的文献

1
A Systematic Literature Review on Machine and Deep Learning Approaches for Detecting Attacks in RPL-Based 6LoWPAN of Internet of Things.基于机器和深度学习方法的物联网 RPL 基础 6LoWPAN 攻击检测的系统文献综述。
Sensors (Basel). 2022 Apr 29;22(9):3400. doi: 10.3390/s22093400.
2
DDosTC: A Transformer-Based Network Attack Detection Hybrid Mechanism in SDN.DDosTC:SDN 中的基于 Transformer 的网络攻击检测混合机制。
Sensors (Basel). 2021 Jul 26;21(15):5047. doi: 10.3390/s21155047.
3
Mechanism to prevent the abuse of IPv6 fragmentation in OpenFlow networks.
一种基于注意力机制、双向门控循环单元(BiGRU)和卷积神经网络(Inception-CNN)的工业物联网(IIoT)入侵检测改进方法。
Sci Rep. 2024 Aug 20;14(1):19339. doi: 10.1038/s41598-024-70094-2.
4
HLD-DDoSDN: High and low-rates dataset-based DDoS attacks against SDN.HLD-DDoSDN:基于高低速率数据集的针对 SDN 的 DDoS 攻击。
PLoS One. 2024 Feb 8;19(2):e0297548. doi: 10.1371/journal.pone.0297548. eCollection 2024.
防止 OpenFlow 网络中 IPv6 分片滥用的机制。
PLoS One. 2020 May 11;15(5):e0232574. doi: 10.1371/journal.pone.0232574. eCollection 2020.