System and method for identifying and preventing DDoS attacks on basis of SDN framework

A technology of SDN architecture and protection system, applied in the field of network security, can solve problems such as network security, achieve the effect of reducing coupling correlation, efficient detection and flexible processing, and improving high cohesion characteristics

Inactive Publication Date: 2015-02-25
NANJING XIAOZHUANG UNIV
View PDF7 Cites 23 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The purpose of the present invention is to provide a kind of DDoS threat identification and protection system based on SDN frame...

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • System and method for identifying and preventing DDoS attacks on basis of SDN framework
  • System and method for identifying and preventing DDoS attacks on basis of SDN framework
  • System and method for identifying and preventing DDoS attacks on basis of SDN framework

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0056] Embodiment 1 is a technical solution for a DDoS attack identification and protection system.

[0057] figure 2 It shows the functional block diagram of the DDoS attack identification and protection system based on the SDN architecture.

[0058] Such as figure 2 As shown, a DDoS attack identification and protection system based on SDN architecture includes: a controller, which includes: a fraudulent message detection module, a corrupted message detection module, an abnormal message detection module, and a threat processing module.

[0059] The spoofed message detection module detects spoofing behavior of link layer and Internet layer addresses.

[0060] The corrupted message detection module detects the abnormal behaviors set by the flag bits of the Internet layer and the transport layer.

[0061] The abnormal packet detection module detects the flood attack behavior of the application layer and the transport layer.

[0062] The fraudulent message detection module,...

Embodiment 2

[0146] The method for identifying and protecting DDoS attacks based on the SDN architecture based on Embodiment 1 solves the technical problem of effectively defending against DDOS attacks.

[0147] The method of described DDoS attack identification and protection method comprises: the spoofing behavior of link layer and Internet layer address, the abnormal behavior of Internet layer and transport layer flag position setting, and the flooding type attack behavior of application layer and transport layer are detected successively ; If any detection step in the above process determines that the message has a corresponding behavior, then transfer the message to the threat processing module to discard the message and shield the program and / or host that sent the message.

[0148] Figure 8 A flow chart of a DDoS attack identification and protection method based on the SDN architecture is shown.

[0149] Such as Figure 8 As shown, the specific implementation steps include:

[01...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a system and method for identifying and preventing DDoS attacks on the basis of an SDN framework. The system comprises a cheating message detection module, a destroying message detection module, an abnormal message detection module and a threat processing module, wherein the cheating message detection module is used for detecting cheating behaviors of addresses of a link layer and an internet layer, the destroying message detection module is used for detecting abnormal behaviors of zone bit settings of the internet layer and a transmission layer, and the abnormal message detection module is used for detecting flooding type attack behaviors of an application layer and the transmission layer; the cheating message detection module, the destroying message detection module and the abnormal message detection module are used for sequentially detecting messages; if any detection module detects that the messages have cheating, abnormity and attack behaviors, the messages are shifted to the threat processing module; the threat processing module is suitable for discarding the messages and shielding programs and/or hosts transmitting the messages. Extensible modular design is adopted for the processing framework, and efficient detection and flexible processing of DDoS threats are achieved; processing procedures are segmented finely, and the high cohesion property of the modules is improved.

Description

technical field [0001] The invention relates to the field of network security, in particular to a method and system for identifying and protecting against DDoS attacks based on an SDN architecture. Background technique [0002] In recent years, while the high-speed and widely connected network has brought convenience to everyone, it has also created extremely favorable conditions for DDoS attacks. Distributed denial-of-service attacks have become hackers often use and difficult to prevent attacks, become one of the biggest threats to network security, it uses the Internet necessary effective protocol, unbiased transmission of data packets from any source to any destination, occupying the There are too many service resources, so that legitimate users cannot get service responses, causing serious economic losses to various Internet users and service providers. The current defense against DDoS attacks usually adopts packet filtering or rate limiting measures, which are not onl...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L29/06
CPCH04L63/1458
Inventor 张家华王江平杨种学李滢史煜凯
Owner NANJING XIAOZHUANG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap