Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Software defined network security situation assessment method

A software-defined network and security posture technology, applied in the field of digital information transmission, which can solve the problems of difficult network monitoring, complexity, high network burden and delay.

Active Publication Date: 2015-04-08
XIDIAN UNIV
View PDF3 Cites 11 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

There are many problems in the assessment of network security situation in the traditional distributed network. First of all, in addition to obtaining the direct trust value directly from the data observed by the adjacent observation nodes, the traditional network also needs to receive recommendation information from other nodes to specific nodes. At the same time, It is necessary to ensure that the recommendation information is not forged, which increases the difficulty of information collection and screening
In addition, the traditional network has space limitations in the transmission and calculation of parameter information. Since the collection of distributed network data needs to be transmitted step by step from the local to the whole, it brings a high burden and delay to the network, and it is difficult to monitor changes in the network. Comprehensive real-time monitoring
Moreover, the equipment in the traditional network is very different, and the information to be collected may vary widely, which brings new difficulties to the modeling of the evaluation method
Traditional security assessment schemes are complex, and the assessment model is complex, which brings inconvenience to the upgrade and change of the entire network security scheme, and poor scalability
Therefore, the shortcomings of the existing network security situation research schemes make it difficult to conduct accurate, real-time and efficient detection and evaluation of the network.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Software defined network security situation assessment method
  • Software defined network security situation assessment method
  • Software defined network security situation assessment method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0051] The present invention will be further described below with reference to the accompanying drawings. It should be noted that the present embodiment takes the present technical solution as the premise, and provides a detailed implementation manner and a specific operation process, but the protection scope of the present invention is not limited to this embodiment. example.

[0052] like figure 1 As shown in Figure 1, an SDN network security situation assessment method, firstly, the anomaly detection module gives the prediction of various attacks, and then the security situation assessment module establishes the network security situation for various attacks on the basis of the prediction, including the following step:

[0053] Step 1, the controller periodically collects network index parameters of each forwarding node, and the anomaly detection module extracts specific characteristic indexes from the collected sample data according to the characteristics of various types...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a software defined network security situation assessment method. The advantages of SDN (software defined network) control and direct and quick information collection are combined, an open SDN security situation assessment framework is provided on account of three kinds of attacks of an SDN forwarding surface, the security framework closely fits a framework of an SDN controller, an anomaly detection module extracts characteristic indexes according to the SDN and various attack characteristics, an SVM (support vector machine) classification algorithm is selected for identification, and attack pre-judgment is given. A security situation assessment module performs quantitative assessment on network security situations according to information collected by the anomaly detection module, and attack sensitivity and noise resistance of an assessment system are regulated through setting of a threshold value. Different weights are allocated to different attacks based on an AHP (analytic hierarchy process) so as to fit out a comprehensive security situation of the network. The method is flexible and simple, attach behaviors can be detected accurately, the quantitative assessment of the security situations of the network is given, and monitoring and assessment of the security status of the SDN forwarding surface are realized with lower cost.

Description

technical field [0001] The invention relates to a digital information transmission technology, in particular to a network security situation monitoring and evaluation technology, which is used for the security situation evaluation of a software defined network (Software Defined Network). Background technique [0002] With the popularization and further research of software-defined networking (SDN), the network has greater flexibility, openness and maintainability, and network developers or maintainers can deploy applications with different functions into the controller to realize the network continue to innovate. An important application is the situational awareness of network conditions, that is, the acquisition, understanding and evaluation of factors affecting network security, and the quantitative analysis of network security, which is of great significance in the field of network security monitoring and protection. The existing research on SDN network security, especia...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L12/26H04L29/06
Inventor 李兴华何龚敏郭佳刘海张俊伟马建峰姜奇
Owner XIDIAN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products