Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A kind of sdn network ddos ​​and dldos distributed space-time detection system

A detection system and distributed technology, applied in transmission systems, electrical components, etc., can solve the problems of difficult to detect scattered and concealed attack traffic, poor synchronization of concealment, limited traffic, etc., and achieve the effect of avoiding single-point failure.

Active Publication Date: 2019-04-23
SUN YAT SEN UNIV
View PDF3 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

At the same time, distributed coordinated attacks have the characteristics of wide range, strong concealment, and poor synchronization
In the past, the traffic observed by single-point IDS was limited, and it was difficult to detect scattered and concealed attack traffic.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A kind of sdn network ddos ​​and dldos distributed space-time detection system
  • A kind of sdn network ddos ​​and dldos distributed space-time detection system
  • A kind of sdn network ddos ​​and dldos distributed space-time detection system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0047] The schematic diagram of the system structure of the present invention is as attached Figure 1-4 shown, with figure 1 It is a schematic diagram of the overall structure of the system of the present invention, with figure 2 It is a schematic diagram of the virtual ANN structure of the present invention, with image 3 It is a schematic structural diagram of the distributed spatio-temporal anomaly detection module, with Figure 4 It is a schematic diagram of the implementation process for the communication module to send and receive information according to the entries in the neural network forwarding table.

[0048] The preferred embodiment of the present invention is as follows:

[0049] 1. Overall system composition

[0050] as attached figure 1 As shown, it is characterized in that it includes a data acquisition module, a communication module, a distributed spatio-temporal anomaly detection module, and an output module.

[0051] 2. Detailed introduction of spec...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a SDN network DDoS and DLDoS distributed space-time detection system comprising detection nodes arranged in various SDN switches. Each detection node comprises a data acquisition module, a space-time anomaly detection module, and an output module. The data acquisition module is used for acquiring network flow flowing across the SDN switch. The space-time anomaly detection module is used for detecting the network flow acquired by the data acquisition module in a spatial domain, determining whether suspicious flow exists, and confirming whether DDoS or DLDoS exists in a time domain on the basis of a detection result of the spatial domain. The output module is used for storing the detection result according to a set format. In view of the characteristics of the DDoS and the DLDoS, the detection system detects and discriminates the DDoS and the DLDoS in the network flow spatial domain and time domain, and achieves global vision in abnormity detection by using a distributed virtual ANN overlay network.

Description

technical field [0001] The invention relates to the field of network intrusion detection, and more specifically, to a distributed space-time detection system for SDN network DDoS and DLDoS. Background technique [0002] Traditional DDoS and DLDoS have also emerged new attack methods under the emerging SDN network: [0003] (1) DDoS against SDN controllers. For data packets that cannot find matching items in the flow table, the SDN switch will form packet-in information containing these data packets to the SDN controller. The attacker continuously sends well-designed data packets to multiple switches, such as the source IP address, destination IP address, source port, and destination port of the data packet are randomly generated, causing the switch to receive a large number of data packets that cannot be matched in the flow table . Multiple switches send packet-in information to a single controller at the same time, which may easily lead to overload of the controller or t...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06
CPCH04L63/1416
Inventor 余顺争陈晓帆
Owner SUN YAT SEN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com