Computer Science ›› 2022, Vol. 49 ›› Issue (6A): 555-561.doi: 10.11896/jsjkx.210800095

• Information Security • Previous Articles     Next Articles

DDoS Attack Detection Method in SDN Environment Based on Renyi Entropy and BiGRU Algorithm

YANG Ya-hong, WANG Hai-rui   

  1. Kunming University of Science and Technology,Kunming 650504,China
  • Online:2022-06-10 Published:2022-06-08
  • About author:YANG Ya-hong,born in 1993,postgra-duate.Her main research interest is cyber security.

Abstract: Based on the bidirectional gated recurrent unit,BiGRU network can solve the gradient disappearance or gradient explosion problem of the traditional RNN model,a DDoS attack detection method in SDN environment based on Renyi entropy and bigru algorithm is proposed.First of all,the abnormal flow detection is carried out by Renyi entropy,and the detection is divided into normal and abnormal results.Traffic detected as abnormal will be detected using the BiGRU algorithm.Then,the switch is used to collect flow meter information,6 feature vectors are extracted as the characteristic vectors of attack detection.Finally,the network topology of the SDN is simulated by Minet,which is based on the controller OpenDaylight.The experimental results show that compared with SVM and BPNN neural network detection algorithm,the proposed detection scheme has improved detection accuracy,higher recognition rate and better comprehensive detection capability.

Key words: Attack detection, BiGRU algorithm, Distributed denial of service attack, Software custom network

CLC Number: 

  • TP393
[1] HUAWEI:Special Report on Botnets and DDoS Attacks in 2013[EB/OL].https://wenku.baidu.com/view/be2c30aa700abb68a982fb80.html.
[2] POLAT H,POLAT O,CETIN A.Detecting DDoS Attacks in Software-Defined Networks Through Feature Selection Methods and Machine Learning Models[J].Sustainability,2020,12(3):1035.
[3] MOUSAVI S MST-HILAIRE M.Early detection of DDoS attacks against sdn controllers[C]//Proceedings of the 2015 International Conference on Computing,Networking and Communications(ICNC).IEEE,Garden Grove,CA,USA,2015:77-81.
[4] ALBAHAR M A.Recurrent Neural Network Model Based on a New RegularizationTechnique for Real-Time Intrusion Detection in SDN Environments[J].Security and Communication Networks,2019(11):1-9.
[5] DONG P,DU X,ZHANG H,et al.A detection method for a novel DDoS attack against SDN controllers by vast new low-traffic flows[C]//2016 IEEE International Conference on Communications(ICC).IEEE,2016:1-6.
[6] OENA A.A DDoS attack behavior detection method based on deep learning[J].arXiv:1601.04033,2016.
[7] MCKEOWN N,ANDERSON T,BALAKRISHNAN H,et al.OpenFlow:enabling innovation in campus networks[J].ACM SIGCOMM Computer Communicatiion Review,2008,38(2):69-74.
[8] ZYCZKOWSKI K.Renyiextrapolation of Shannonentropy[J].Physics,2003,10(3):297-310.
[9] KE X.Application Research of Hybrid Model of HMM andDNN in L_DDoS Attack Detection[D].Wuhan:South-Central University for Nationalities, 2019.
[10] YAN R,ZHENG Q,PENG W.Multi-scaleentropy and Renyicrossentropy based traffic anomaly detection[C]//IEEE.InternationalConferenceon Communication Systems(ICCS).Singapore:IEEE,2008:554-558.
[11] CHEN Z Z.Human posture prediction based on gated recurrent neural network[D].Shenyang:Shenyang University of Techno-logy,2020.
[12] ZHANG Q Q.Research on SDN-based DDoS Attack Detection Technology[J].Software Guide,2019,18(7):205-208.
[13] LIU Z P,HE Y P,WANG W S,et al.DDoS attack detection scheme in SDN environment[J].Journal of Wuhan University(Science Edition),2019(2):71-77.
[14] ZHANG L,WANG J S.DDoS attack detection model based on information entropy and DNN in SDN[J].Computer Research and Development,2019(5):5-14.
[1] GUO Xing-chen, YU Yi-biao. Robust Speaker Verification with Spoofing Attack Detection [J]. Computer Science, 2022, 49(6A): 531-536.
[2] LI Peng-yu, LIU Sheng-li, YIN Xiao-kang, LIU Hao-hui. Detection Method of ROP Attack for Cisco IOS [J]. Computer Science, 2022, 49(4): 369-375.
[3] LI Na-na, WANG Yong, ZHOU Lin, ZOU Chun-ming, TIAN Ying-jie, GUO Nai-wang. DDoS Attack Random Forest Detection Method Based on Secondary Screening of Feature Importance [J]. Computer Science, 2021, 48(6A): 464-467.
[4] CHEN Jin-yin,XU Xuan-yan,SU Meng-meng. Research on Network Attack Detection Based on Self-adaptive Immune Computing [J]. Computer Science, 2018, 45(6A): 364-370.
[5] WU Shao-hua, CHENG Shu-bao and HU Yong. Web Attack Detection Method Based on Support Vector Machines [J]. Computer Science, 2015, 42(Z6): 362-364.
[6] LI Chun-yan and WANG Liang-min. Research on Detection Schemes of Sybil Attack in VANETs [J]. Computer Science, 2014, 41(Z11): 235-240.
[7] LI Zhong-wen,WU Cheng-bin and XU Xiao-chen. Research on DDoS Intrusion Detection System Based on Linux High Speed Packet Capturing Platform [J]. Computer Science, 2014, 41(4): 159-162.
[8] WANG Rui. Mechanism of Detecting and Preventing Application Layer DDOS Attack Based on Traceback [J]. Computer Science, 2013, 40(Z11): 175-177.
[9] WANG Liang-min,LI Fei,XIONG Shu-ming,ZHANG Jian-ming. Research on Detection Methods for Insidious Attack of Wireless Sensor Networks [J]. Computer Science, 2011, 38(4): 97-99.
[10] XU Tu HE Da-ke (School of Information Science and Technology, Southwest J iaotong University, Chengdu 610031, China). [J]. Computer Science, 2008, 35(12): 94-97.
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!