软件定义网络中基于贝叶斯ARTMAP的DDoS攻击检测模型

为解决SDN(software defined network,软件定义网络)架构下DDoS(distributed denial of service,分布式拒绝服务)攻击检测问题,提出基于贝叶斯ARTMAP的DDoS攻击检测模型. 流量统计模块主要收集捕获到的流表信息,特征提取模块提取流表中的关键信息并获取关键特征,分类检测模块通过贝叶斯ARTMAP提取分类规则,并通过粒子群算法对参数进行优化,对新的数据集进行分类检测.仿真实验证明了模型所提取的5元特征的有效性,并且该模型与3种传统的DDoS攻击检测模型相比检测成功率提高了0.96%~3.71%,误警率降低了0.67%~2.92%.

DDoS attack detection model based on Bayesian ARTMAP in software-defined networks

In order to solve the problem of distributed denial of service(DDoS)attack detection under software defined network(SDN)architecture, a DDoS attack detection model based on Bayesian ARTMAP is proposed: the traffic statistics module mainly collects the captured flow table information, and then sends it to the feature extraction module. The feature extraction module extracts the key information in the flow table and provides the key features according to the set method, and these features are finally sent to the classification detection module. Classification detection module extracts classification rules by Bayesian ARTMAP, and optimizes parameters by particle swarm optimization to classify new data sets. Experiments show that the 5 yuan features extracted by the model are effective, and the detection success rate of the model is increased by 0.96%-3.71%, and the false alarm rate is reduced by 0.67%-2.92% compared with the three DDoS attack detection models based on C4.5 decision tree, feature pattern graph model and K-means algorithm model.