(3.238.186.43) 您好!臺灣時間:2021/02/28 21:40
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果

詳目顯示:::

我願授權國圖
: 
twitterline
研究生:郭晉晏
研究生(外文):Kuo, Jin-Yan
論文名稱:基於軟體定義網路架構並利用封包關係分析以偵測分散式阻斷服務攻擊
論文名稱(外文):SDN Based Protection for DDoS Attack with Flow Correlation Analysis
指導教授:古政元古政元引用關係
學位類別:碩士
校院名稱:國立交通大學
系所名稱:資訊管理研究所
學門:電算機學門
學類:電算機一般學類
論文種類:學術論文
論文出版年:2017
畢業學年度:105
語文別:英文
論文頁數:41
中文關鍵詞:軟體定義網路分散式阻斷服務攻擊最近鄰居法
外文關鍵詞:Software Defined NetworkDistributed Denial of ServiceCKNN
相關次數:
  • 被引用被引用:0
  • 點閱點閱:96
  • 評分評分:系統版面圖檔系統版面圖檔系統版面圖檔系統版面圖檔系統版面圖檔
  • 下載下載:0
  • 收藏至我的研究室書目清單書目收藏:1
軟體定義網路將傳統的網路功能切割成兩個部分:控制層和資料層,並利用OpenFlow做為之間溝通的協定。軟體定義網路可以集中化管理網路狀態以及網路拓樸,雖然它有種種的好處,但有帶來許多新的威脅。在分散式阻斷服務的攻擊下軟體定義網路的特性就會變成它的攻擊弱點,更甚至造成整個網路架構崩毀。因此,本研究提出一個針對分散式阻斷服務攻擊的完整防禦系統,本系統分為四個模組。首先,我們會先利用packet_in訊息來計算封包的速率以及亂度以偵測是否有異常發生。接下來,我們利用最近鄰居法來判斷flow是否為分散式阻斷服務攻擊。最後,我們可以根據這些以分類的flow來找出攻擊的來源,來進行更進一步的處理。經過實驗後,我們的演算法可以達到99%的準確率,以及我們的系統可以有效的減少CPU的負擔。
Software Defined Network (SDN) decouples control function from traditional data plane and use OpenFlow as the communication protocol between the control plane and data plane. It can centralize the network control to decrease the complexity of network topology. But, this SDN characteristic makes the controller become vulnerable since attackers may launch Distributed Denial of Service (DDoS) attacks against the controller. In this paper, we propose a complete protection system for DDoS attack with four major modules: anomaly detection module, attack detection module, traceback module and attack mitigation module. We use packet_in message query the controller for routing rule to implemented anomaly detection module. Then, we use K-nearest neighbors with correlation features selection (CKNN) to classify whether the flow is an attack flow in attack detection module. Because of the extracting feature from correlation information, the classification efficiency is increased. The accuracy of CKNN using our feature can achieve 99%. Finally, we find the attack path in traceback module and block the attack traffic by attack mitigation module. This system we proposed can effectively reduce the load (CPU) of the controller and switches by quickly find out attack source.
Abstract i
摘要 ii
Contents iii
Table List iv
Figure List v
Chapter 1 Introduction 1
Chapter 2 Related work 4
2.1 The threat caused by DDoS in SDN 4
2.2 Countermeasures 6
2.2.1 Non-machine learning methods 6
2.2.2 Machine learning methods 7
2.3 Summary 12
Chapter 3 System Architecture 14
3.1 Overview of the Architecture 14
3.1.1 KNN with correlation feature selection (CKNN) 16
3.2 System architecture 17
3.2.1 Anomaly detection module 17
3.2.2 Attack detection module 19
3.2.3 Attack traceback module 22
3.2.4 Attack mitigation module 24
Chapter 4 Architecture Evaluation 26
4.1 Evaluation environment 26
4.2 Algorithm Performance Evaluation 29
4.3 Evaluating overall performance 32
4.4 Discussion 34
Chapter 5 Conclusion and Future Work 37
References 40
[1] Angiulli, F., & Fassetti, F. (2007, November). Detecting distance-based outliers in streams of data. In Proceedings of the sixteenth ACM conference on Conference on information and knowledge management (pp. 811-820). ACM.
[2] Borgnat, P., Dewaele, G., Fukuda, K., Abry, P., & Cho, K. (2009, April). Seven years and one day: Sketching the evolution of internet traffic. In INFOCOM 2009, IEEE (pp. 711-719). IEEE.
[3] Braga, R., Mota, E., & Passito, A. (2010, October). Lightweight DDoS flooding attack detection using NOX/OpenFlow. In Local Computer Networks (LCN), 2010 IEEE 35th Conference on (pp. 408-415). IEEE.
[4] Cui, Y., Yan, L., Li, S., Xing, H., Pan, W., Zhu, J., & Zheng, X. (2016). SD-Anti-DDoS: Fast and efficient DDoS defense in software-defined networks. Journal of Network and Computer Applications, 68, 65-79.
[5] D-ITG. 2013. Retrieved from http://www.grid.unina.it/software/ITG/
[6] DARPA 2000 Scenario Specific dataset. Retrieved from http://www.ll.mit.edu/ideval/data/2000/LLS_DDOS_1.0.html
[7] Hall, M. A. (1999). Correlation-based feature selection for machine learning.
[8] Kokila, R. T., Selvi, S. T., & Govindarajan, K. (2014, December). DDoS detection and analysis in SDN-based environment using support vector machine classifier. In Advanced Computing (ICoAC), 2014 Sixth International Conference on (pp. 205-210). IEEE.
[9] McKeown, N., Anderson, T., Balakrishnan, H., Parulkar, G., Peterson, L., Rexford, J., et al. (2008). OpenFlow: enabling innovation in campus networks. ACM SIGCOMM Computer Communication Review, 38(2), 69-74.
[10] Mininet. 2013. Retrieved from http://mininet.org/
[11] Ryu. 2012. Retrieved from http://osrg.github.io/ryu/
[12] Shin, S., Yegneswaran, V., Porras, P., & Gu, G. (2013, November). Avant-guard: Scalable and vigilant switch flow management in software-defined networks. In Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security (pp. 413-424). ACM.
[13] Wang, H., Xu, L., & Gu, G. (2015, June). Floodguard: A dos attack prevention extension in software-defined networks. In Dependable Systems and Networks (DSN), 2015 45th Annual IEEE/IFIP International Conference on (pp. 239-250). IEEE.
[14] Wang, R., Jia, Z., & Ju, L. (2015, August). An entropy-based distributed DDoS detection mechanism in software-defined networking. In Trustcom/BigDataSE/ISPA, 2015 IEEE (Vol. 1, pp. 310-317). IEEE.
[15] Xiao, P., Qu, W., Qi, H., & Li, Z. (2015). Detecting DDoS attacks against data center with correlation analysis. Computer Communications, 67, 66-74.
[16] Zhang, P., Wang, H., Hu, C., & Lin, C. (2016). On Denial of Service Attacks in Software Defined Networks. IEEE Network, 30(6), 28-33.
[17] Stacheldraht. 2009. Retrieved from https://staff.washington.edu/dittrich/misc/stacheldraht.analysis
連結至畢業學校之論文網頁點我開啟連結
註: 此連結為研究生畢業學校所提供,不一定有電子全文可供下載,若連結有誤,請點選上方之〝勘誤回報〞功能,我們會盡快修正,謝謝!
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top
系統版面圖檔 系統版面圖檔