Research Article
An Intelligent SDN DDoS Detection Framework
@INPROCEEDINGS{10.1007/978-3-030-92635-9_20, author={Xiang Zhang and Chaokui Zhang and Zhenyang Zhong and Peng Ye}, title={An Intelligent SDN DDoS Detection Framework}, proceedings={Collaborative Computing: Networking, Applications and Worksharing. 17th EAI International Conference, CollaborateCom 2021, Virtual Event, October 16-18, 2021, Proceedings, Part I}, proceedings_a={COLLABORATECOM}, year={2022}, month={1}, keywords={SDN DDoS detection Network status sampling}, doi={10.1007/978-3-030-92635-9_20} }- Xiang Zhang
Chaokui Zhang
Zhenyang Zhong
Peng Ye
Year: 2022
An Intelligent SDN DDoS Detection Framework
COLLABORATECOM
Springer
DOI: 10.1007/978-3-030-92635-9_20
Abstract
With the development and popularity of computer networks, more and more devices, services and applications are running on the Internet. While it is convenient to the public, more security problems have also brought to the public. Distributed Denial of Attack (DDoS) is just one of the most difficult malicious attacks. It has many different attack forms, causing high damages of services, and is usually hard to detect and defend against. However, the development of Software Defined Networking (SDN) brought new possibilities, due to abilities of global awareness and centralized control. This paper proposes an intelligent SDN DDoS detection framework. In this framework, a security-oriented flow monitoring and sampling algorithm with low-latency is proposed. Meanwhile, we designed a service-oriented recognition model SC-VAE for packet classification. This model combines spectral clustering and variational auto-encoder to detect abnormal traffic by identifying normal streams. It is adaptive to hybrid DDoS attacks, and has a certain predictive effect for unknown DDoS attack not involved in training datasets. Simulation results demonstrate the effectiveness of the proposed framework.
