SDN中DDoS攻击的高效联合检测和防御机制

为解决软件定义网络(SDN，software-defined networking)控制器所面临的DDoS攻击问题，本文提出一个高效率的联合检测和防御机制.联合检测部分采用改进自组织映射(SOM，self-organizing mapping)算法和多维条件熵算法相结合，通过对自组织映射算法的改进，与多维条件熵算法相互提供反馈信息，达到高效联合检测目的.联合防御部分采用常规防御模块与快速防御模块相结合，通过调整优先级的方式针对不同的检测结果采取不同的防御策略.大量实验表明，本文的联合检测机制可以达到95.2%的检测率；与单独的防御机制相比，联合防御机制中控制器的响应时间可以平均降低0.11s.

Efficient Joint Detection and Defense Mechanism for DDoS Attack in SDN

In order to defend against the DDoS attacks for SDN(software-defined networking) controller， this paper proposed an efficient joint detection and defense mechanism. The joint detection part adopted the combination of improved self-organizing mapping algorithm and multidimensional conditional entropy algorithm. By combining the two methods， the purpose of joint detection was achieved. The joint defense part includes a conventional defense module and a fast defense module， which adopts different defense strategies for different detection results by adjusting the priority. Extensive experimental results showed that the joint detection mechanism can achieve a detection rate of 95.2%， and the response time of the joint defense mechanism to the controller can be reduced by 0.11s on average， compared with the single defense mechanism.