摘要
SDN技术由于其开放性、转发与控制分离、可编程的集中控制模式等特性,已经成为目前可见的也是最为可行的网络智能化解决方案,这其中SDN控制器扮演着重要角色,与此同时也是攻击者的重要目标。目前网络控制器面临的DDoS攻击是一种较难防御的网络攻击,它会呈现出基于时间、空间、强度等多维度攻击随机分布的特点,本文针对SDN控制面的DDoS攻击提出一种多维度多层次的动态纵深防护体系,具备纵深检测、态势感知、决策处置的闭环反馈特征。
Due to its openness, separation of forwarding and control, and programmable centralized control mode, SDN technology now becomes the most visible and most feasible network intelligent solution. Among them, the SDN controller plays an important role, and at the same time, is also an important target for attackers. At present, the DDoS attack faced by network controllers is a kind of network attack which is difficult to defend. It would present the characteristics of random distribution of multi-dimensional attacks based on time, space, and intensity. In view of the DDoS attack on SDN control place, a multi-dimensional and multi-level dynamic depth protection system is proposed, which has the closed-loop feedback characteristics of depth detection, situational awareness and decision-making disposal.
作者
陈松
杨帆
胡贵
CHEN Song;YANG Fan;HU Gui(No.30 Institute of CETC, Chengdu Sichuan 600045, China)
出处
《通信技术》
2019年第9期2223-2228,共6页
Communications Technology
基金
四川省科技计划资助(No.2017GZDZX0002)~~
关键词
分布式拒绝服务攻击
软件定义网络
纵深防御
DDoS(distributed denial of service) attack
software defined network
in-depth defense
