SDN self-protection system based on Renyi entropy
Aiming at the abnormal behaviors in SDN architecture, a self-protection system based on Renyi entropy that implemented a set of detection, diagnosis and defense method of SDN abnormal behaviors was proposed.The system did not need to introduce the third-party measurement equipment, and directly used...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
POSTS&TELECOM PRESS Co., LTD
2021-06-01
|
| Series: | 网络与信息安全学报 |
| Subjects: | |
| Online Access: | http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2021049 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841529851328069632 |
|---|---|
| author | Pu ZHAO Wentao ZHAO Zhangjie FU Qiang LIU |
| author_facet | Pu ZHAO Wentao ZHAO Zhangjie FU Qiang LIU |
| author_sort | Pu ZHAO |
| collection | DOAJ |
| description | Aiming at the abnormal behaviors in SDN architecture, a self-protection system based on Renyi entropy that implemented a set of detection, diagnosis and defense method of SDN abnormal behaviors was proposed.The system did not need to introduce the third-party measurement equipment, and directly used the flow table information of OpenFlow switches.Firstly, the abnormal network behavior was detected by calculating the characteristic entropy.Then, the information of the OpenFlow flow table was further analyzed to realize the diagnosis of abnormal behavior.Finally, a blacklist mechanism was established.And the system added the hosts with abnormal behavior to the blacklist and blocked the corresponding abnormal traffic.In order to verify the effectiveness of the system, a prototype was developed on the Floodlight controller.The simulation results on Mininet show that the system can effectively detect, diagnose and defend the abnormal behaviors.The system has low deployment cost, which enhances the security of SDN. |
| format | Article |
| id | doaj-art-0793413f16e246ae90306e911d7d5a38 |
| institution | Kabale University |
| issn | 2096-109X |
| language | English |
| publishDate | 2021-06-01 |
| publisher | POSTS&TELECOM PRESS Co., LTD |
| record_format | Article |
| series | 网络与信息安全学报 |
| spelling | doaj-art-0793413f16e246ae90306e911d7d5a382025-01-15T03:14:48ZengPOSTS&TELECOM PRESS Co., LTD网络与信息安全学报2096-109X2021-06-017859459563713SDN self-protection system based on Renyi entropyPu ZHAOWentao ZHAOZhangjie FUQiang LIUAiming at the abnormal behaviors in SDN architecture, a self-protection system based on Renyi entropy that implemented a set of detection, diagnosis and defense method of SDN abnormal behaviors was proposed.The system did not need to introduce the third-party measurement equipment, and directly used the flow table information of OpenFlow switches.Firstly, the abnormal network behavior was detected by calculating the characteristic entropy.Then, the information of the OpenFlow flow table was further analyzed to realize the diagnosis of abnormal behavior.Finally, a blacklist mechanism was established.And the system added the hosts with abnormal behavior to the blacklist and blocked the corresponding abnormal traffic.In order to verify the effectiveness of the system, a prototype was developed on the Floodlight controller.The simulation results on Mininet show that the system can effectively detect, diagnose and defend the abnormal behaviors.The system has low deployment cost, which enhances the security of SDN.http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2021049software defined networkanomaly detectionRenyi entropyOpenFlow protocol |
| spellingShingle | Pu ZHAO Wentao ZHAO Zhangjie FU Qiang LIU SDN self-protection system based on Renyi entropy 网络与信息安全学报 software defined network anomaly detection Renyi entropy OpenFlow protocol |
| title | SDN self-protection system based on Renyi entropy |
| title_full | SDN self-protection system based on Renyi entropy |
| title_fullStr | SDN self-protection system based on Renyi entropy |
| title_full_unstemmed | SDN self-protection system based on Renyi entropy |
| title_short | SDN self-protection system based on Renyi entropy |
| title_sort | sdn self protection system based on renyi entropy |
| topic | software defined network anomaly detection Renyi entropy OpenFlow protocol |
| url | http://www.cjnis.com.cn/thesisDetails#10.11959/j.issn.2096-109x.2021049 |
| work_keys_str_mv | AT puzhao sdnselfprotectionsystembasedonrenyientropy AT wentaozhao sdnselfprotectionsystembasedonrenyientropy AT zhangjiefu sdnselfprotectionsystembasedonrenyientropy AT qiangliu sdnselfprotectionsystembasedonrenyientropy |