• 文献检索
  • 文档翻译
  • 深度研究
  • 学术资讯
  • Suppr Zotero 插件Zotero 插件
  • 邀请有礼
  • 套餐&价格
  • 历史记录
应用&插件
Suppr Zotero 插件Zotero 插件浏览器插件Mac 客户端Windows 客户端微信小程序
定价
高级版会员购买积分包购买API积分包
服务
文献检索文档翻译深度研究API 文档MCP 服务
关于我们
关于 Suppr公司介绍联系我们用户协议隐私条款
关注我们

Suppr 超能文献

核心技术专利:CN118964589B侵权必究
粤ICP备2023148730 号-1Suppr @ 2026

文献检索

告别复杂PubMed语法,用中文像聊天一样搜索,搜遍4000万医学文献。AI智能推荐,让科研检索更轻松。

立即免费搜索

文件翻译

保留排版,准确专业,支持PDF/Word/PPT等文件格式,支持 12+语言互译。

免费翻译文档

深度研究

AI帮你快速写综述,25分钟生成高质量综述,智能提取关键信息,辅助科研写作。

立即免费体验

基于软件定义网络中多维度特征的分布式拒绝服务攻击检测与缓解

Detection and mitigation of DDoS attacks based on multi-dimensional characteristics in SDN.

作者信息

Wang Kun, Fu Yu, Duan Xueyuan, Liu Taotao

机构信息

Department of Information Security, Naval University of Engineering, Wuhan, 430033, China.

School of Mathematics and Information Engineering, Xinyang Vocational and Technical College, Xinyang, 464000, China.

出版信息

Sci Rep. 2024 Jul 16;14(1):16421. doi: 10.1038/s41598-024-66907-z.

DOI:10.1038/s41598-024-66907-z
PMID:39014041
原文链接:https://pmc.ncbi.nlm.nih.gov/articles/PMC11253008/
Abstract

Due to the large computational overhead, underutilization of features, and high bandwidth consumption in traditional SDN environments for DDoS attack detection and mitigation methods, this paper proposes a two-stage detection and mitigation method for DDoS attacks in SDN based on multi-dimensional characteristics. Firstly, an analysis of the traffic statistics from the SDN switch ports is performed, which aids in conducting a coarse-grained detection of DDoS attacks within the network. Subsequently, a Multi-Dimensional Deep Convolutional Classifier (MDDCC) is constructed using wavelet decomposition and convolutional neural networks to extract multi-dimensional characteristics from the traffic data passing through suspicious switches. Based on these extracted multi-dimensional characteristics, a simple classifier can be employed to accurately detect attack samples. Finally, by integrating graph theory with restrictive strategies, the source of attacks in SDN networks can be effectively traced and isolated. The experimental results indicate that the proposed method, which utilizes a minimal amount of statistical information, can quickly and accurately detect attacks within the SDN network. It demonstrates superior accuracy and generalization capabilities compared to traditional detection methods, especially when tested on both simulated and public datasets. Furthermore, by isolating the affected nodes, the method effectively mitigates the impact of the attacks, ensuring the normal transmission of legitimate traffic during network attacks. This approach not only enhances the detection capabilities but also provides a robust mechanism for containing the spread of cyber threats, thereby safeguarding the integrity and performance of the network.

摘要

由于传统软件定义网络(SDN)环境中用于分布式拒绝服务(DDoS)攻击检测和缓解方法存在大量计算开销、特征利用不足以及高带宽消耗等问题,本文提出了一种基于多维度特征的SDN中DDoS攻击的两阶段检测和缓解方法。首先,对SDN交换机端口的流量统计进行分析,这有助于在网络内进行DDoS攻击的粗粒度检测。随后,使用小波分解和卷积神经网络构建多维度深度卷积分类器(MDDCC),以从通过可疑交换机的流量数据中提取多维度特征。基于这些提取的多维度特征,可以采用简单分类器准确检测攻击样本。最后,通过将图论与限制策略相结合,可以有效地追踪和隔离SDN网络中的攻击源。实验结果表明,所提出的方法利用最少的统计信息,能够快速准确地检测SDN网络内的攻击。与传统检测方法相比,它展示出卓越的准确性和泛化能力,尤其是在模拟数据集和公共数据集上进行测试时。此外,通过隔离受影响的节点,该方法有效地减轻了攻击的影响,确保在网络攻击期间合法流量的正常传输。这种方法不仅增强了检测能力,还提供了一种强大的机制来遏制网络威胁的传播,从而保障网络的完整性和性能。

https://cdn.ncbi.nlm.nih.gov/pmc/blobs/84a2/11253008/37340a108a62/41598_2024_66907_Fig10_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/84a2/11253008/04f49f6e7a9b/41598_2024_66907_Fig1_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/84a2/11253008/24ddfc1bf265/41598_2024_66907_Fig2_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/84a2/11253008/a6cb7dd13a37/41598_2024_66907_Fig3_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/84a2/11253008/3693270d06be/41598_2024_66907_Figa_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/84a2/11253008/382e03d5b89a/41598_2024_66907_Fig4_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/84a2/11253008/f1b05568713f/41598_2024_66907_Fig5_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/84a2/11253008/6858030e9c0e/41598_2024_66907_Fig6_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/84a2/11253008/aa0f1cd620e0/41598_2024_66907_Fig7_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/84a2/11253008/4af6ed69f2b0/41598_2024_66907_Fig8_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/84a2/11253008/e4c56ffa6459/41598_2024_66907_Fig9_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/84a2/11253008/37340a108a62/41598_2024_66907_Fig10_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/84a2/11253008/04f49f6e7a9b/41598_2024_66907_Fig1_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/84a2/11253008/24ddfc1bf265/41598_2024_66907_Fig2_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/84a2/11253008/a6cb7dd13a37/41598_2024_66907_Fig3_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/84a2/11253008/3693270d06be/41598_2024_66907_Figa_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/84a2/11253008/382e03d5b89a/41598_2024_66907_Fig4_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/84a2/11253008/f1b05568713f/41598_2024_66907_Fig5_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/84a2/11253008/6858030e9c0e/41598_2024_66907_Fig6_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/84a2/11253008/aa0f1cd620e0/41598_2024_66907_Fig7_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/84a2/11253008/4af6ed69f2b0/41598_2024_66907_Fig8_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/84a2/11253008/e4c56ffa6459/41598_2024_66907_Fig9_HTML.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/84a2/11253008/37340a108a62/41598_2024_66907_Fig10_HTML.jpg

相似文献

1
Detection and mitigation of DDoS attacks based on multi-dimensional characteristics in SDN.基于软件定义网络中多维度特征的分布式拒绝服务攻击检测与缓解
Sci Rep. 2024 Jul 16;14(1):16421. doi: 10.1038/s41598-024-66907-z.
2
Adaptive Machine Learning Based Distributed Denial-of-Services Attacks Detection and Mitigation System for SDN-Enabled IoT.基于自适应机器学习的支持软件定义网络的物联网分布式拒绝服务攻击检测与缓解系统
Sensors (Basel). 2022 Mar 31;22(7):2697. doi: 10.3390/s22072697.
3
Multi-Stage Learning Framework Using Convolutional Neural Network and Decision Tree-Based Classification for Detection of DDoS Pandemic Attacks in SDN-Based SCADA Systems.基于卷积神经网络和决策树分类的多阶段学习框架,用于检测基于软件定义网络的监控与数据采集系统中的分布式拒绝服务大规模攻击。
Sensors (Basel). 2024 Feb 5;24(3):1040. doi: 10.3390/s24031040.
4
SDN-Defend: A Lightweight Online Attack Detection and Mitigation System for DDoS Attacks in SDN.SDN-Defend:一种用于软件定义网络中分布式拒绝服务攻击的轻量级在线攻击检测与缓解系统
Sensors (Basel). 2022 Oct 28;22(21):8287. doi: 10.3390/s22218287.
5
A Method of DDoS Attack Detection and Mitigation for the Comprehensive Coordinated Protection of SDN Controllers.一种用于软件定义网络(SDN)控制器综合协同保护的分布式拒绝服务(DDoS)攻击检测与缓解方法。
Entropy (Basel). 2023 Aug 14;25(8):1210. doi: 10.3390/e25081210.
6
MFFLR-DDoS: An encrypted LR-DDoS attack detection method based on multi-granularity feature fusions in SDN.MFFLR-DDoS:一种基于软件定义网络中多粒度特征融合的加密LR-DDoS攻击检测方法。
Math Biosci Eng. 2024 Feb 26;21(3):4187-4209. doi: 10.3934/mbe.2024185.
7
Ensemble Learning Framework for DDoS Detection in SDN-Based SCADA Systems.基于软件定义网络(SDN)的监控与数据采集(SCADA)系统中分布式拒绝服务(DDoS)检测的集成学习框架
Sensors (Basel). 2023 Dec 27;24(1):155. doi: 10.3390/s24010155.
8
HLD-DDoSDN: High and low-rates dataset-based DDoS attacks against SDN.HLD-DDoSDN:基于高低速率数据集的针对 SDN 的 DDoS 攻击。
PLoS One. 2024 Feb 8;19(2):e0297548. doi: 10.1371/journal.pone.0297548. eCollection 2024.
9
Software-Defined-Networking-Based One-versus-Rest Strategy for Detecting and Mitigating Distributed Denial-of-Service Attacks in Smart Home Internet of Things Devices.基于软件定义网络的一对多策略,用于检测和缓解智能家居物联网设备中的分布式拒绝服务攻击
Sensors (Basel). 2024 Aug 3;24(15):5022. doi: 10.3390/s24155022.
10
An entropy and machine learning based approach for DDoS attacks detection in software defined networks.一种基于熵和机器学习的软件定义网络中分布式拒绝服务攻击检测方法。
Sci Rep. 2024 Aug 6;14(1):18159. doi: 10.1038/s41598-024-67984-w.

引用本文的文献

1
Adaptive DDoS detection mode in software-defined SIP-VoIP using transfer learning with boosted meta-learner.基于带增强元学习器的迁移学习的软件定义SIP-VoIP中的自适应分布式拒绝服务检测模式。
PLoS One. 2025 Jun 26;20(6):e0326571. doi: 10.1371/journal.pone.0326571. eCollection 2025.