Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Ddos attack distributed detection and response method based on information entropy

An information entropy and distributed technology, applied in transmission systems, electrical components, etc.

Inactive Publication Date: 2018-01-05
SHANDONG UNIV
View PDF6 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] The technical problem urgently needed to be solved by those skilled in the art is: in the network of SDN / OpenFlow architecture, when some hosts are attacked by high-speed DDoS, how to quickly and accurately detect and respond

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Ddos attack distributed detection and response method based on information entropy
  • Ddos attack distributed detection and response method based on information entropy
  • Ddos attack distributed detection and response method based on information entropy

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0070] The present invention will be further described below in conjunction with the accompanying drawings and embodiments.

[0071] For the SDN / OpenFlow network architecture, the SDN / OpenFlow architecture used in the present invention is as attached figure 1 As shown, the attacker and the attack route in the figure are examples of DDoS attacks dealt with by the present invention. The present invention proposes two algorithms, a DDoS attack detection algorithm and an attack response algorithm.

[0072] At present, to detect DDoS attacks in SDN networks, most of them need the controller to continuously poll the current flow table information in the switch, and then analyze the flow table information to detect whether there is a DDoS attack. This method has advantages in small-scale SDN networks. However, when the number of switches increases, the scale of flow tables obtained and analyzed by the controller increases geometrically, and obtaining too many flow tables affects its...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a DDoS attack distributed detection and response system and method based on information entropy. The system comprises a controller, the controller is connected with a plurality of exchangers, each exchanger is connected with a plurality of host computers, each exchanger is also connected with the other exchangers, and the controller is used for managing network topology, developing data forwarding strategies, and sending down the strategies to the exchangers; the exchangers are used for data forwarding; the exchangers comprise boundary exchangers and / or non-boundary exchangers; an attack detection algorithm and an attack response algorithm are operated by the boundary exchangers to achieve the attack detection and the attack response; the host computers are computers of users and each host computer corresponds to a certain IP address, and data of the host computers are forwarded by the boundary exchangers. The DDoS attack distributed detection and response system and method based on the information entropy has the advantages of being fast in detection speed, high in detection precision rate, rapid in attack response, and small in resource burden.

Description

technical field [0001] The invention relates to a DDoS attack on an SDN network, and adopts a DDoS attack distributed detection and response system and method based on information entropy. Background technique [0002] With the continuous development of cloud computing, big data and other emerging technologies, the data center integrates various applications and data services, and its status continues to improve, making it face higher network bandwidth requirements, which cannot be met by traditional IP-centric network architectures. Data center network scalability, management, and flexibility requirements. In recent years, the SDN network architecture has provided revolutionary innovations for the current Internet and provided new ideas for the development of future networks. [0003] The SDN network originated from the research project of Stanford University in the United States. The SDN network decouples the original closed system into a data plane, a control plane and a...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
CPCH04L63/0218H04L63/1408H04L63/1458
Inventor 王睿贾智平鞠雷蔡晓军
Owner SHANDONG UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products