王文涛,王玲霞,黄 烨.SDN 环境下基于Renyi熵的低速率分布式拒绝攻击的检测[J].中南民族大学学报自然科学版,2017,(3):131-136
SDN 环境下基于Renyi熵的低速率分布式拒绝攻击的检测
Detection of Low Rate DDoS Attacks Based on Renyi Entropy in SDN Environment
  
DOI:
中文关键词: 低速率分布式拒绝攻击  因特网安全  软件定义网络  Renyi 熵  误警率
英文关键词: L-DDoS  Internet security  software defined network  Renyi entropy  false alarm rate
基金项目:国家民委教改基金资助项目(15013)
作者单位
王文涛,王玲霞,黄 烨 中南民族大学 计算机科学学院武汉 430074 
摘要点击次数: 28
全文下载次数: 38
中文摘要:
      针对现在对低速率分布式拒绝攻击的研究不足,提出了一种在软件定义网络(SDN) 环境下,利用 Renyi熵来检测 L-DDoS 的方法. 该方法首先在控制器上收集 PACKET_IN 数据包,然后基于目的 IP 来计算 Renyi 熵,最后通过设定一定的阈值来检测异常流量. 实验结果表明: 相比于利用香农熵的检测方法, 该方法通过调整一定目的IP 熵的阶数可以检测 L-DDoS 攻击流量从而降低误警率.
英文摘要:
      At present, since the research of the L-DDoS attack is not too much, a method of detecting L-DDoS using Renyi entropy based on a software defined network ( SDN) was proposed. Firstly, PACKET_IN data packets were collected on controller, and then the Renyi entropy was calculated based on destination IP. Finally setting a threshold was used to detect abnormal traffic. The experimental results showed that compared with the Shannon entropy detection method, this method can detect the L-DDoS attack traffic and reduce the false alarm rate by adjusting the number of orders.
查看全文   查看/发表评论  下载PDF阅读器
关闭